-
Notifications
You must be signed in to change notification settings - Fork 3
LocalStorages
Skamster edited this page Mar 30, 2014
·
1 revision
For real, there are 3 types of storage, so 3 parts which want attention.
- toxcore-storage. This is already implemented in every tox-api-client and support a passPhrase. No idea which algo is used or how they do, but it works very easy. toxObject.save(file, passPhrase)
- cryptClass. This is developed by me and just using to store your chatmessages encrypted (toxcore-storage dont support messages), using pycrypto and supports all 7 symetric algos. There are little parts unencrypted:
- configs, what's in that project just language and kind of general encryption
- primary key of everything, cause autoincrement
- last db-column, which got the kind of it's encryption. with the idea of restore in cases of exceptions by migrate (aes->des3) or similiar
- RAM: basicly used for groupChats. they don't get stored. don't think it's needed to encrypt, but i also use linux and when you think about historys of apple or micro$oft, then i quick belive that this isn't a secure place anymore. ram is also used to cache toxcore and cryptClass-information. So this is may the weak part.
Password never gets saved and just get indirectly used. When password is set, a sha512-hash is generated, which is cut back to the max keylenght which is supported by the algo. This shorted hash is your key then. This is also used to encrypt toxcore-storage.