mirror of
https://github.com/beemdevelopment/Aegis.git
synced 2025-05-31 11:52:18 +00:00
Push some work on yet another rework of the database. This time with slots!
Details are in doc/db.md
This commit is contained in:
Impyy
Alexander Bakker
parent
9de0f35104
commit
e8e7a822c5
16 changed files with 564 additions and 310 deletions
99
doc/db.md
99
doc/db.md
|
|
@ -1,21 +1,22 @@
|
|||
# Database
|
||||
|
||||
The database is encoded in a simple binary format with JSON content at its
|
||||
core.
|
||||
The database is encoded in a simple binary format with JSON content at its core.
|
||||
|
||||
## Encryption
|
||||
|
||||
The content of the database can be encrypted with AES in GCM mode. The nonce
|
||||
and authentication tag are stored in the plain section of this file. The
|
||||
storage place for the key depends on the security level that is used. This will
|
||||
be discussed later.
|
||||
The content of the database can be encrypted with AES in GCM mode. The nonce and
|
||||
authentication tag are stored in the plain section of this file.
|
||||
|
||||
If there is no Slots and/or EncryptionParameters section in the file, it is
|
||||
implied that the content of is unencrypted and Aegis will try to interpret it as
|
||||
such.
|
||||
|
||||
## Format
|
||||
|
||||
The file format starts with a small header that contains some magic, the
|
||||
version number and the level of security. A list of sections follows. These
|
||||
sections contain some information needed to perform decryption of the database.
|
||||
The (encrypted) content of the database starts after the end marker section.
|
||||
The file format starts with a small header that contains some magic and a
|
||||
version number. A list of sections follows. These sections contain some
|
||||
information needed to perform decryption of the database. The (encrypted)
|
||||
content of the database starts after the end marker section.
|
||||
|
||||
All integers are encoded in Little Endian.
|
||||
|
||||
|
|
@ -25,43 +26,9 @@ All integers are encoded in Little Endian.
|
|||
|:-------|:-------------------------|
|
||||
| `5` | "AEGIS" encoded in ASCII |
|
||||
| `1` | `uint8_t` Version |
|
||||
| `1` | `uint8_t` Level |
|
||||
| `?` | List of sections |
|
||||
| `?` | Content |
|
||||
|
||||
#### Levels
|
||||
|
||||
As mentioned above, there are different levels of security that a user can
|
||||
choose from. No encryption, encryption using a derived key and encryption using
|
||||
a key that's stored in the Android KeyStore.
|
||||
|
||||
| Value | Name |
|
||||
|:-------|:---------|
|
||||
| `0x00` | None |
|
||||
| `0x01` | Derived |
|
||||
| `0x02` | KeyStore |
|
||||
|
||||
The 'KeyStore' level expects an EncryptionParameters section. The 'Derived'
|
||||
level expects an EncryptionParameters section **and** a DerivationParameters section.
|
||||
The 'None' level expects no additional sections.
|
||||
|
||||
##### None
|
||||
|
||||
No encryption at all. The content of the database is stored in plain text.
|
||||
|
||||
##### Derived
|
||||
|
||||
If this level is used, the key is derived from a user-provided password using
|
||||
PBKDF2 with SHA256 as the underlying PRF. The parameters used for PBKDF2 (salt,
|
||||
number of iterations) are stored in the plain section of this file. The key is
|
||||
not stored anywhere.
|
||||
|
||||
##### KeyStore
|
||||
|
||||
The key is kept in the Android keystore and can optionally be set up to require
|
||||
user authentication (fingerprint). This security level is only available on
|
||||
Android M and above.
|
||||
|
||||
### Sections
|
||||
|
||||
| Length | Contents |
|
||||
|
|
@ -75,7 +42,7 @@ ID can be one of:
|
|||
| Value | Name |
|
||||
|:-------|:---------------------|
|
||||
| `0x00` | EncryptionParameters |
|
||||
| `0x01` | DerivationParameters |
|
||||
| `0x01` | Slots |
|
||||
| `0xFF` | End marker |
|
||||
|
||||
#### EncryptionParameters
|
||||
|
|
@ -85,13 +52,48 @@ ID can be one of:
|
|||
| `12` | Nonce |
|
||||
| `16` | Tag |
|
||||
|
||||
#### DerivationParameters
|
||||
#### Slots
|
||||
|
||||
This section contains a list of slots. All slots contain the master key
|
||||
encrypted with raw AES. The key that is used for encryption depends on the slot
|
||||
type.
|
||||
|
||||
A slot has the following structure.
|
||||
|
||||
| Length | Contents |
|
||||
|:-------|:--------------------|
|
||||
| `1` | `uint8_t` Type |
|
||||
| `32` | Encrypted key |
|
||||
| `?` | Additional data |
|
||||
|
||||
Type can be one of:
|
||||
|
||||
| Value | Name |
|
||||
|:-------|:------------|
|
||||
| `0x00` | Raw |
|
||||
| `0x01` | Password |
|
||||
| `0x02` | Fingerprint |
|
||||
|
||||
##### Raw
|
||||
|
||||
This slot type contains no additional data.
|
||||
|
||||
##### Password
|
||||
|
||||
With this slot type the key used for the master key encryption is derived from a
|
||||
user-provided password using PBKDF2 with SHA1 (should be changed to SHA256
|
||||
before initial release) as the underlying PRF. The parameters used for PBKDF2
|
||||
are stored as additional data.
|
||||
|
||||
| Length | Contents |
|
||||
|:-------|:--------------------------------|
|
||||
| `8` | `uint64_t` Number of iterations |
|
||||
| `32` | Salt |
|
||||
|
||||
##### Fingerprint
|
||||
|
||||
A fingerprint slot is exactly the same as a Raw slot.
|
||||
|
||||
#### End marker
|
||||
|
||||
This section indicates the end of the list of sections. This section doesn't
|
||||
|
|
@ -99,10 +101,9 @@ have any content and thus its length is 0.
|
|||
|
||||
### Content
|
||||
|
||||
The content of the database is a JSON file encoded in UTF-8. As mentioned
|
||||
above, it's encrypted.
|
||||
The content of the database is a JSON file encoded in UTF-8.
|
||||
|
||||
``` json
|
||||
```json
|
||||
{
|
||||
"version": 1,
|
||||
"entries":
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue