View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0006018 | Composr | cns_cpfs | public | 2024-10-25 17:52 | 2024-10-25 17:52 |
| Reporter | Patrick Schmalstig | Assigned To | |||
| Severity | Feature-request | ||||
| Status | non-assigned | Resolution | open | ||
| Product Version | |||||
| Fixed in Version | |||||
| Summary | 0006018: Use libsodium + site salt for CPF encryption | ||||
| Description | When encrypting a field, change from using OpenSSL to libsodium. Now that we have data/keys, libsodium can automatically generate a public/private key pair. This is a much more reliable way to support encrypted fields. Since the password prompt would not be needed anymore (no pass-phrases), we could re-purpose that to a new field option allowing to specify a password required. The workflow would be this: Saving - If a password is specified, the field value is secret-boxed with the password. - The field value, or secret-boxed field value, is encrypted with the key pair. - The encrypted value is stored. Loading - The encrypted value is retrieved. - It is decrypted with the key-pair. - If it still looks encrypted, a password is prompted. - The data is un-secret-boxed with the password. This is not exact as I don't fully recall sodium's functions but this is the basic principle. | ||||
| Tags | Roadmap: Over the horizon | ||||
| Time estimation (hours) | |||||
| Sponsorship open | |||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2024-10-25 17:52 | Patrick Schmalstig | New Issue | |
| 2024-10-25 17:52 | Patrick Schmalstig | Tag Attached: Roadmap: Over the horizon |
