Mercurial > hg > dav / annotate

docs/html/encryption.html@02d3e4b1245f (annotated)

docs/html/encryption.html

Sun, 06 Aug 2017 18:18:00 +0200

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Sun, 06 Aug 2017 18:18:00 +0200
changeset 285
02d3e4b1245f
parent 283
0e36bb75a732
child 320
12ed560c926c
permissions
-rw-r--r--

adds some small fixes for 1.0 release

266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
2 <html xmlns="http://www.w3.org/1999/xhtml">
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
3 <head>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
4 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
5 <meta http-equiv="Content-Style-Type" content="text/css" />
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
6 <meta name="generator" content="pandoc" />
283
0e36bb75a732 adds dav-sync introduction and sync.xml documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 281
diff changeset
7 <title>Encryption</title>
266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
8 <style type="text/css">code{white-space: pre;}</style>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
9 <link rel="stylesheet" href="davdoc.css" type="text/css" />
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
10 </head>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
11 <body>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
12 <div class="header">
285
02d3e4b1245f adds some small fixes for 1.0 release
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 283
diff changeset
13 <a href="./index.html"><span>DavUtils documentation</span></a>
266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
14 </div>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
15 <div class="sidebar">
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
16 <div class="nav">
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
17 <h3>dav</h3>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
18 <ul>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
19 <li><a href="getting-started.html">Getting started</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
20 <li><a href="commands.html">Commands</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
21 <ul>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
22 <li><a href="list.html">list</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
23 <li><a href="get.html">get</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
24 <li><a href="put.html">put</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
25 <li><a href="mkdir.html">mkdir</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
26 <li><a href="remove.html">remove</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
27 <li><a href="copy.html">copy</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
28 <li><a href="move.html">move</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
29 <li><a href="get-property.html">get-property</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
30 <li><a href="set-property.html">set-property</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
31 <li><a href="lock.html">lock</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
32 <li><a href="unlock.html">unlock</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
33 <li><a href="info.html">info</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
34 <li><a href="date.html">date</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
35 <li><a href="add-repository.html">add-repository</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
36 <li><a href="list-repositories.html">list-repositories</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
37 <li><a href="check-config.html">check-config</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
38 </ul>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
39 <li><a href="configuration.html">Configuration</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
40 <li><a href="encryption.html">Encryption</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
41 </ul>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
42 </div>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
43 <div class="nav">
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
44 <h3>dav-sync</h3>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
45 <ul>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
46 <li><a href="introduction.html">Introduction</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
47 <li><a href="sync-commands.html">Commands</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
48 <ul>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
49 <li><a href="pull.html">pull</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
50 <li><a href="push.html">push</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
51 <li><a href="resolve-conflicts.html">resolve-conflicts</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
52 <li><a href="delete-conflicts.html">delete-conflicts</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
53 <li><a href="trash-info.html">trash-info</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
54 <li><a href="empty-trash.html">empty-trash</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
55 <li><a href="add-directory.html">add-directory</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
56 <li><a href="list-directories.html">list-directories</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
57 <li><a href="sync-check-config.html">check-config</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
58 <li><a href="check-repositories.html">check-repositories</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
59 </ul>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
60 <li><a href="sync-configuration.html">Configuration</a></li>
266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
61 </ul>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
62 </div>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
63 </div>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
64
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
65 <!-- begin content -->
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
66 <div class="content">
283
0e36bb75a732 adds dav-sync introduction and sync.xml documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 281
diff changeset
67 <div id="header">
0e36bb75a732 adds dav-sync introduction and sync.xml documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 281
diff changeset
68 <h1 class="title">Encryption</h1>
0e36bb75a732 adds dav-sync introduction and sync.xml documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 281
diff changeset
69 </div>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
70 <p>The davutils programs have an integrated client-side encryption feature, that allows you to encrypt and decrypt on the fly with AES256 or AES128. To use this feature, the server <strong>must</strong> support WebDAV dead properties.</p>
281
ddb5e8f2a43d some more minor doc improvements
Mike Becker <universe@uap-core.de>
parents: 275
diff changeset
71 <p>The tools support both, encryption of the resource content and encryption of the resource name. Each resource is encrypted separately. With activated name encryption, the actual resource name is disguised by a random name but the name used by the client is stored encrypted as a WebDAV property. This means, an attacker can see the directory structure and the file length, but can't guess the file names and in particular which files have the same name.</p>
275
fa48ab29abd2 adds more details to add-directory.md
Mike Becker <universe@uap-core.de>
parents: 273
diff changeset
72 <p>To enable encryption a key must be configured in <code>$HOME/.dav/config.xml</code>. A key must have a unique name. To access encrypted resources, all clients must configure the same key with the same name. Currently a key can only be loaded from a file and not generated from a password.</p>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
73 <p>A configuration for a key looks like:</p>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
74 <pre><code>&lt;key&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
75 &lt;name&gt;mykey1&lt;/name&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
76 &lt;file&gt;keys/mykey1&lt;/file&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
77 &lt;/key&gt; </code></pre>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
78 <p>The file path must be relative to <code>$HOME/.dav/</code>. In this example the file <code>$HOME/.dav/keys/mykey1</code> is loaded.</p>
281
ddb5e8f2a43d some more minor doc improvements
Mike Becker <universe@uap-core.de>
parents: 275
diff changeset
79 <p>To generate a key use <strong><code>dd</code></strong> on unix like systems. The following command generates a 256 bit (32 bytes) key for AES256 encryption.</p>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
80 <pre><code>dd if=/dev/random of=mykey1 bs=32 count=1</code></pre>
281
ddb5e8f2a43d some more minor doc improvements
Mike Becker <universe@uap-core.de>
parents: 275
diff changeset
81 <p>After a key is configured, you can enable encryption/decryption in two ways. You can use the dav option <strong><code>-c</code></strong> to enable encryption and specify your key with the <strong><code>-k</code></strong> option. The alternative is to enable encryption by default for a repository in the config.xml file. You may also choose to specify the default key only and use <strong><code>-c</code></strong> where you like to use encryption.</p>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
82 <pre><code>&lt;repository&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
83 &lt;name&gt;myrepo&lt;/name&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
84 &lt;url&gt;http://example.com/webdav/&lt;/url&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
85
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
86 &lt;default-key&gt;mykey1&lt;/default-key&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
87 &lt;full-encryption&gt;true&lt;/full-encryption&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
88 &lt;/repository&gt;</code></pre>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
89 <p>See <a href="./configuration.html">Configuration</a> for details.</p>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
90 <h2 id="internals">Internals</h2>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
91 <p>When a resource is encrypted, some crypto properties (namespace: http://davutils.org/) are set for the resource.</p>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
92 <ul>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
93 <li>crypto-key: Contains the name of the key used for encryption. The presence of this property indicates that the resource is encrypted</li>
281
ddb5e8f2a43d some more minor doc improvements
Mike Becker <universe@uap-core.de>
parents: 275
diff changeset
94 <li>crypto-hash: A hash of the cleartext, encrypted and base64 encoded</li>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
95 <li>crypto-name: The name of the resource, encrypted and base64 encoded. This property is not used if name encryption is disabled.</li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
96 </ul>
266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
97 </div>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
98 <!-- end content -->
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
99 </body>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
100 </html>

Mercurial Repository: dav

mercurial