In addition to client-server TLS secured connection, encrypt data which is transferred from client to server.
Security and Encryption design see attached illustration:
reicht | |
Apr 30 2019, 1:26 PM |
F1432892: secConcept.png | |
Aug 20 2019, 10:46 AM |
In addition to client-server TLS secured connection, encrypt data which is transferred from client to server.
Security and Encryption design see attached illustration:
Status | Assigned | Task | ||
---|---|---|---|---|
Restricted Maniphest Task | ||||
Resolved | reicht | T26308 Encrypt tranfers |
First initialize a TLS based websocket connection between browser and server. In addition encrypt the files using AES-GCM 256. Key to encrypt files is computed using ECDH P-384. Private/Public Key for ECDH is generated independently from the TLS secured websocket connection.
ToDos
json const dataToTransfer = { ivPathName: ivPathName, encrypedPathName: encPN, ivFileName: ivFN, encryptedFileName: encFN, ivFile: ivFile, encryptedFile: encFile, publicKey: clientPubKey }
issues: