Mercurial > hg > dav / annotate

docs/html/encryption.html@1607450065ba (annotated)

docs/html/encryption.html

Sun, 24 Jun 2018 12:18:12 +0200

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Sun, 24 Jun 2018 12:18:12 +0200
changeset 429
1607450065ba
parent 320
12ed560c926c
child 563
3dffe58a573f
permissions
-rw-r--r--

this could be the 1.2 release

266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
1 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
2 <html xmlns="http://www.w3.org/1999/xhtml">
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
3 <head>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
4 <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
5 <meta http-equiv="Content-Style-Type" content="text/css" />
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
6 <meta name="generator" content="pandoc" />
283
0e36bb75a732 adds dav-sync introduction and sync.xml documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 281
diff changeset
7 <title>Encryption</title>
266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
8 <style type="text/css">code{white-space: pre;}</style>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
9 <link rel="stylesheet" href="davdoc.css" type="text/css" />
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
10 </head>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
11 <body>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
12 <div class="header">
285
02d3e4b1245f adds some small fixes for 1.0 release
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 283
diff changeset
13 <a href="./index.html"><span>DavUtils documentation</span></a>
266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
14 </div>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
15 <div class="sidebar">
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
16 <div class="nav">
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
17 <h3>dav</h3>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
18 <ul>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
19 <li><a href="getting-started.html">Getting started</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
20 <li><a href="commands.html">Commands</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
21 <ul>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
22 <li><a href="list.html">list</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
23 <li><a href="get.html">get</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
24 <li><a href="put.html">put</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
25 <li><a href="mkdir.html">mkdir</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
26 <li><a href="remove.html">remove</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
27 <li><a href="copy.html">copy</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
28 <li><a href="move.html">move</a></li>
429
1607450065ba this could be the 1.2 release
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 320
diff changeset
29 <li><a href="export.html">export</a></li>
1607450065ba this could be the 1.2 release
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 320
diff changeset
30 <li><a href="import.html">import</a></li>
266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
31 <li><a href="get-property.html">get-property</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
32 <li><a href="set-property.html">set-property</a></li>
320
12ed560c926c adds documentation for new features
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 285
diff changeset
33 <li><a href="remove-property.html">remove-property</a></li>
266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
34 <li><a href="lock.html">lock</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
35 <li><a href="unlock.html">unlock</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
36 <li><a href="info.html">info</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
37 <li><a href="date.html">date</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
38 <li><a href="add-repository.html">add-repository</a></li>
429
1607450065ba this could be the 1.2 release
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 320
diff changeset
39 <li><a href="remove-repository.html">remove-repository</a></li>
266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
40 <li><a href="list-repositories.html">list-repositories</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
41 <li><a href="check-config.html">check-config</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
42 </ul>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
43 <li><a href="configuration.html">Configuration</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
44 <li><a href="encryption.html">Encryption</a></li>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
45 </ul>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
46 </div>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
47 <div class="nav">
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
48 <h3>dav-sync</h3>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
49 <ul>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
50 <li><a href="introduction.html">Introduction</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
51 <li><a href="sync-commands.html">Commands</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
52 <ul>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
53 <li><a href="pull.html">pull</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
54 <li><a href="push.html">push</a></li>
320
12ed560c926c adds documentation for new features
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 285
diff changeset
55 <li><a href="archive.html">archive</a></li>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
56 <li><a href="resolve-conflicts.html">resolve-conflicts</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
57 <li><a href="delete-conflicts.html">delete-conflicts</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
58 <li><a href="trash-info.html">trash-info</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
59 <li><a href="empty-trash.html">empty-trash</a></li>
429
1607450065ba this could be the 1.2 release
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 320
diff changeset
60 <li><a href="add-tag.html">add-tag</a></li>
1607450065ba this could be the 1.2 release
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 320
diff changeset
61 <li><a href="remove-tag.html">remove-tag</a></li>
1607450065ba this could be the 1.2 release
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 320
diff changeset
62 <li><a href="set-tags.html">set-tags</a></li>
1607450065ba this could be the 1.2 release
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 320
diff changeset
63 <li><a href="list-tags.html">list-tags</a></li>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
64 <li><a href="add-directory.html">add-directory</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
65 <li><a href="list-directories.html">list-directories</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
66 <li><a href="sync-check-config.html">check-config</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
67 <li><a href="check-repositories.html">check-repositories</a></li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
68 </ul>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
69 <li><a href="sync-configuration.html">Configuration</a></li>
266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
70 </ul>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
71 </div>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
72 </div>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
73
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
74 <!-- begin content -->
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
75 <div class="content">
283
0e36bb75a732 adds dav-sync introduction and sync.xml documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 281
diff changeset
76 <div id="header">
0e36bb75a732 adds dav-sync introduction and sync.xml documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 281
diff changeset
77 <h1 class="title">Encryption</h1>
0e36bb75a732 adds dav-sync introduction and sync.xml documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 281
diff changeset
78 </div>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
79 <p>The davutils programs have an integrated client-side encryption feature, that allows you to encrypt and decrypt on the fly with AES256 or AES128. To use this feature, the server <strong>must</strong> support WebDAV dead properties.</p>
281
ddb5e8f2a43d some more minor doc improvements
Mike Becker <universe@uap-core.de>
parents: 275
diff changeset
80 <p>The tools support both, encryption of the resource content and encryption of the resource name. Each resource is encrypted separately. With activated name encryption, the actual resource name is disguised by a random name but the name used by the client is stored encrypted as a WebDAV property. This means, an attacker can see the directory structure and the file length, but can't guess the file names and in particular which files have the same name.</p>
275
fa48ab29abd2 adds more details to add-directory.md
Mike Becker <universe@uap-core.de>
parents: 273
diff changeset
81 <p>To enable encryption a key must be configured in <code>$HOME/.dav/config.xml</code>. A key must have a unique name. To access encrypted resources, all clients must configure the same key with the same name. Currently a key can only be loaded from a file and not generated from a password.</p>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
82 <p>A configuration for a key looks like:</p>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
83 <pre><code>&lt;key&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
84 &lt;name&gt;mykey1&lt;/name&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
85 &lt;file&gt;keys/mykey1&lt;/file&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
86 &lt;/key&gt; </code></pre>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
87 <p>The file path must be relative to <code>$HOME/.dav/</code>. In this example the file <code>$HOME/.dav/keys/mykey1</code> is loaded.</p>
281
ddb5e8f2a43d some more minor doc improvements
Mike Becker <universe@uap-core.de>
parents: 275
diff changeset
88 <p>To generate a key use <strong><code>dd</code></strong> on unix like systems. The following command generates a 256 bit (32 bytes) key for AES256 encryption.</p>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
89 <pre><code>dd if=/dev/random of=mykey1 bs=32 count=1</code></pre>
281
ddb5e8f2a43d some more minor doc improvements
Mike Becker <universe@uap-core.de>
parents: 275
diff changeset
90 <p>After a key is configured, you can enable encryption/decryption in two ways. You can use the dav option <strong><code>-c</code></strong> to enable encryption and specify your key with the <strong><code>-k</code></strong> option. The alternative is to enable encryption by default for a repository in the config.xml file. You may also choose to specify the default key only and use <strong><code>-c</code></strong> where you like to use encryption.</p>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
91 <pre><code>&lt;repository&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
92 &lt;name&gt;myrepo&lt;/name&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
93 &lt;url&gt;http://example.com/webdav/&lt;/url&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
94
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
95 &lt;default-key&gt;mykey1&lt;/default-key&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
96 &lt;full-encryption&gt;true&lt;/full-encryption&gt;
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
97 &lt;/repository&gt;</code></pre>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
98 <p>See <a href="./configuration.html">Configuration</a> for details.</p>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
99 <h2 id="internals">Internals</h2>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
100 <p>When a resource is encrypted, some crypto properties (namespace: http://davutils.org/) are set for the resource.</p>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
101 <ul>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
102 <li>crypto-key: Contains the name of the key used for encryption. The presence of this property indicates that the resource is encrypted</li>
281
ddb5e8f2a43d some more minor doc improvements
Mike Becker <universe@uap-core.de>
parents: 275
diff changeset
103 <li>crypto-hash: A hash of the cleartext, encrypted and base64 encoded</li>
273
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
104 <li>crypto-name: The name of the resource, encrypted and base64 encoded. This property is not used if name encryption is disabled.</li>
c743721d566f more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents: 266
diff changeset
105 </ul>
266
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
106 </div>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
107 <!-- end content -->
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
108 </body>
8c44c5919691 more documentation
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff changeset
109 </html>

Mercurial Repository: dav

mercurial