Bug #3174
Bug #3173: libsqlfs: change password API
Expose password changing API in Java
| Status: | New | Start date: | 04/01/2014 | |
|---|---|---|---|---|
| Priority: | High | Due date: | ||
| Assignee: | - | % Done: | 0% | |
| Category: | - | |||
| Target version: | - | |||
| Component: |
Description
Changing the VFS password should be possible as it is an important real world requirement.
Related issues
Associated revisions
update libsqlfs submodule to get new raw key API
libsqlfs now as separate methods for opening using raw key data, which
SQLCipher will use directly, or using a password, which SQLCipher will use
to derive a raw key with.
expose new raw key API in Java, to work better with CacheWord
CacheWord generates the raw key based on a dynamic number of iterations of the
KDF, so that it doesn't take ridiculously long on old devices, but on new
devices has a reasonable number of KDF iterations. The exposes that API into
IOCipher's Java interface for easy integration with CacheWord.
Also, using byte[] for storing passwords means that Java code can zero out the
memory after the password/key is no longer in use. Strings are immutable in
Java, so the memory cannot be zeroed out. byte[] are very mutable, so they can
easily be zeroed out after use. Therefore only accept the database key as a
byte[] to encourage people to wipe the key from memory when they are done with
it.
fixes #1713 https://dev.guardianproject.info/issues/1713
fixes #2254 https://dev.guardianproject.info/issues/2254
refs #3174 https://dev.guardianproject.info/issues/3174
check if sqlfs is open before trying to rekey database
Technically I think it is possible to sqlite3_rekey() on an open and active
database. But for now, only run it when the user is not using it at all.
History
#1 Updated by hans over 3 years ago
- Target version deleted (
0.2 - reliability and cacheword interop)
#2 Updated by hans over 3 years ago
- Target version set to 0.3
#3 Updated by hans almost 3 years ago
- Target version changed from 0.3 to 0.3.1
#4 Updated by hans almost 3 years ago
- Target version deleted (
0.3.1)