docs/html/encryption.html

Fri, 01 Jun 2018 19:05:08 +0200

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Fri, 01 Jun 2018 19:05:08 +0200
changeset 403
8e1948eebef5
parent 320
12ed560c926c
child 429
1607450065ba
permissions
-rw-r--r--

adds tag filters for push

266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
2 <html xmlns="http://www.w3.org/1999/xhtml">
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
3 <head>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
4 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
5 <meta http-equiv="Content-Style-Type" content="text/css" />
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
6 <meta name="generator" content="pandoc" />
283
0e36bb75a732 adds dav-sync introduction and sync.xml documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 281
diff changeset
7 <title>Encryption</title>
266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
8 <style type="text/css">code{white-space: pre;}</style>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
9 <link rel="stylesheet" href="davdoc.css" type="text/css" />
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
10 </head>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
11 <body>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
12 <div class="header">
285
02d3e4b1245f adds some small fixes for 1.0 release
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 283
diff changeset
13 <a href="./index.html"><span>DavUtils documentation</span></a>
266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
14 </div>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
15 <div class="sidebar">
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
16 <div class="nav">
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
17 <h3>dav</h3>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
18 <ul>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
19 <li><a href="getting-started.html">Getting started</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
20 <li><a href="commands.html">Commands</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
21 <ul>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
22 <li><a href="list.html">list</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
23 <li><a href="get.html">get</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
24 <li><a href="put.html">put</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
25 <li><a href="mkdir.html">mkdir</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
26 <li><a href="remove.html">remove</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
27 <li><a href="copy.html">copy</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
28 <li><a href="move.html">move</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
29 <li><a href="get-property.html">get-property</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
30 <li><a href="set-property.html">set-property</a></li>
320
12ed560c926c adds documentation for new features
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 285
diff changeset
31 <li><a href="remove-property.html">remove-property</a></li>
266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
32 <li><a href="lock.html">lock</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
33 <li><a href="unlock.html">unlock</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
34 <li><a href="info.html">info</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
35 <li><a href="date.html">date</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
36 <li><a href="add-repository.html">add-repository</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
37 <li><a href="list-repositories.html">list-repositories</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
38 <li><a href="check-config.html">check-config</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
39 </ul>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
40 <li><a href="configuration.html">Configuration</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
41 <li><a href="encryption.html">Encryption</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
42 </ul>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
43 </div>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
44 <div class="nav">
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
45 <h3>dav-sync</h3>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
46 <ul>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
47 <li><a href="introduction.html">Introduction</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
48 <li><a href="sync-commands.html">Commands</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
49 <ul>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
50 <li><a href="pull.html">pull</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
51 <li><a href="push.html">push</a></li>
320
12ed560c926c adds documentation for new features
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 285
diff changeset
52 <li><a href="archive.html">archive</a></li>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
53 <li><a href="resolve-conflicts.html">resolve-conflicts</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
54 <li><a href="delete-conflicts.html">delete-conflicts</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
55 <li><a href="trash-info.html">trash-info</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
56 <li><a href="empty-trash.html">empty-trash</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
57 <li><a href="add-directory.html">add-directory</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
58 <li><a href="list-directories.html">list-directories</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
59 <li><a href="sync-check-config.html">check-config</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
60 <li><a href="check-repositories.html">check-repositories</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
61 </ul>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
62 <li><a href="sync-configuration.html">Configuration</a></li>
266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
63 </ul>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
64 </div>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
65 </div>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
66
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
67 <!-- begin content -->
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
68 <div class="content">
283
0e36bb75a732 adds dav-sync introduction and sync.xml documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 281
diff changeset
69 <div id="header">
0e36bb75a732 adds dav-sync introduction and sync.xml documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 281
diff changeset
70 <h1 class="title">Encryption</h1>
0e36bb75a732 adds dav-sync introduction and sync.xml documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 281
diff changeset
71 </div>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
72 <p>The davutils programs have an integrated client-side encryption feature, that allows you to encrypt and decrypt on the fly with AES256 or AES128. To use this feature, the server <strong>must</strong> support WebDAV dead properties.</p>
281
ddb5e8f2a43d some more minor doc improvements
Mike Becker <universe@uap-core.de>
parents: 275
diff changeset
73 <p>The tools support both, encryption of the resource content and encryption of the resource name. Each resource is encrypted separately. With activated name encryption, the actual resource name is disguised by a random name but the name used by the client is stored encrypted as a WebDAV property. This means, an attacker can see the directory structure and the file length, but can't guess the file names and in particular which files have the same name.</p>
275
fa48ab29abd2 adds more details to add-directory.md
Mike Becker <universe@uap-core.de>
parents: 273
diff changeset
74 <p>To enable encryption a key must be configured in <code>$HOME/.dav/config.xml</code>. A key must have a unique name. To access encrypted resources, all clients must configure the same key with the same name. Currently a key can only be loaded from a file and not generated from a password.</p>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
75 <p>A configuration for a key looks like:</p>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
76 <pre><code>&lt;key&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
77 &lt;name&gt;mykey1&lt;/name&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
78 &lt;file&gt;keys/mykey1&lt;/file&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
79 &lt;/key&gt; </code></pre>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
80 <p>The file path must be relative to <code>$HOME/.dav/</code>. In this example the file <code>$HOME/.dav/keys/mykey1</code> is loaded.</p>
281
ddb5e8f2a43d some more minor doc improvements
Mike Becker <universe@uap-core.de>
parents: 275
diff changeset
81 <p>To generate a key use <strong><code>dd</code></strong> on unix like systems. The following command generates a 256 bit (32 bytes) key for AES256 encryption.</p>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
82 <pre><code>dd if=/dev/random of=mykey1 bs=32 count=1</code></pre>
281
ddb5e8f2a43d some more minor doc improvements
Mike Becker <universe@uap-core.de>
parents: 275
diff changeset
83 <p>After a key is configured, you can enable encryption/decryption in two ways. You can use the dav option <strong><code>-c</code></strong> to enable encryption and specify your key with the <strong><code>-k</code></strong> option. The alternative is to enable encryption by default for a repository in the config.xml file. You may also choose to specify the default key only and use <strong><code>-c</code></strong> where you like to use encryption.</p>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
84 <pre><code>&lt;repository&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
85 &lt;name&gt;myrepo&lt;/name&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
86 &lt;url&gt;http://example.com/webdav/&lt;/url&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
87
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
88 &lt;default-key&gt;mykey1&lt;/default-key&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
89 &lt;full-encryption&gt;true&lt;/full-encryption&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
90 &lt;/repository&gt;</code></pre>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
91 <p>See <a href="./configuration.html">Configuration</a> for details.</p>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
92 <h2 id="internals">Internals</h2>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
93 <p>When a resource is encrypted, some crypto properties (namespace: http://davutils.org/) are set for the resource.</p>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
94 <ul>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
95 <li>crypto-key: Contains the name of the key used for encryption. The presence of this property indicates that the resource is encrypted</li>
281
ddb5e8f2a43d some more minor doc improvements
Mike Becker <universe@uap-core.de>
parents: 275
diff changeset
96 <li>crypto-hash: A hash of the cleartext, encrypted and base64 encoded</li>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
97 <li>crypto-name: The name of the resource, encrypted and base64 encoded. This property is not used if name encryption is disabled.</li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
98 </ul>
266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
99 </div>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
100 <!-- end content -->
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
101 </body>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
102 </html>

mercurial