Comments (7)
Well, we probably want to do something to save configuration data, including things like TLS fingerprints and other stuff like it - basically, I think the whole config file should optionally be encrypted so you can save all your account information in one place, and then not have to enter all the info every time. xmpp-client already saves passwords, but in a plain text file.
from coyim.
Jitsi use masterpassword approach.
For xmmp-client I use to type the pass of each account, but with Jitsi I only need to do it one time.
Apparently they are using AES algorithm to encrypt this info.
from coyim.
When we do this, we should use something like bcrypt/scrypt to make the unlocking of the file take 0.5-1s - we can then cache the bcrypted value in memory for the duration of the program so we don't have to redo it every time we save the config file.
We might also give the user the possibility of turning off the caching and always ask for the password when reading or saving the file.
from coyim.
We should use scrypt for this. We save the parameters first in the file and then use scrypt to generate a good AES-128 or 256 key and encrypt the whole file.
from coyim.
BTW, that Jitsi thing is a bit scary - fixed salt, fixed amount of iterations and it uses ECB. We should definitely not follow that pattern.
from coyim.
OK, working on this today. These are the sub tasks:
- Decrypt existing configuration file
- Encrypt existing configuration file
- Ask for password to load config file (GUI)
- Ask for password to load config file (CLI)
- Ask whether config file should be encrypted when creating (GUI)
- Ask whether config file should be encrypted when creating (CLI)
from coyim.
This has been fixed. The only thing you can't do is set up encrypted storage using the CLI, and since the CLI can't store the account passwords either, I tihnk that's fine for now.
from coyim.
Related Issues (20)
- Separate out Icons into stock instead of direct use of pixbufs HOT 1
- Reduce usage of untyped interface{} and casting
- Verification bar not showing up under certain circumstances HOT 4
- After successful verification, no message shows up HOT 1
- Specification of app features for comparison with other security focused messengers
- Group Chat, Channel Categories HOT 3
- RFC 9266: Channel Bindings for TLS 1.3 support HOT 6
- Review list of known XMPP servers HOT 1
- Trying to register to a server that doesn't support inband registration is not handled so well HOT 1
- Some registration forms contain elements we don't support HOT 3
- Load one global CSS file with main styles HOT 1
- Investigate signing of OS X binaries again
- Set up our own Homebrew tap
- Add Go Modules support HOT 2
- Build hangs and never completes HOT 3
- Removal of automatic .desktop file creation
- XEP-0388: Extensible SASL Profile support HOT 2
- XEP-0440: SASL Channel-Binding Type Capability support HOT 2
- Questions about Milestones HOT 4
- XEP-0174: Serverless messaging support
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from coyim.