End to end encryption - overview #1599
Description
Remaining tasks
- never re-use key/iv if uploading, always generate new key/iv
- simplify upload encryptedUpload() and normalUpload()
- harden up/download process: revert if something is failing
- handle existing user
- Get public system key from server to validate the signature of the users public key.
- upload existing file -> automatically rename it
- synchronize file
- handle error if folder is locked
- resume existing upload with token
- create new folder within encrypted folder
- same as upload new file
- encrypt folder name and store in metadata.files
- move folder
- copy folder
- move file
- copy file
- rename file
- sharing
- add/remove users
- add sharing options back to UI
- encrypt/decrypt metadata to multiple public keys
- tint setup dialog correctly
- metadata integrity: In case an encrypted referenced file is deleted from the file system but still found in the metadata a warning should be displayed to the user.
- integrity part 2: In case a file is referenced in the metadata but cannot be found on the WebDAV file system the user should be warned about this. If the file exists locally but not on the file system the client should reupload the file.
- Confirm encryption passphrase: https://blog.bitpay.com/content/images/2015/12/backup.png
- discuss how and when to show the passphrase again
- CN of X.509 certificate must be set to the currently logged-in User ID
- show real file name during upload
- handle if folder is locked
- on folder enter: persistent snackbar "folder is locked by another client"
(currently only possible via a second call)
- on folder enter: persistent snackbar "folder is locked by another client"
