From 0aaed6bd89e25fa52d147cddc265175a15dfcad2 Mon Sep 17 00:00:00 2001 From: drebs Date: Wed, 13 May 2015 16:10:59 -0300 Subject: update soledad storage secret doc --- docs/design/soledad.md | 23 +++++++++++++---------- 1 file changed, 13 insertions(+), 10 deletions(-) (limited to 'docs/design/soledad.md') diff --git a/docs/design/soledad.md b/docs/design/soledad.md index a0eeed4..a12ab4c 100644 --- a/docs/design/soledad.md +++ b/docs/design/soledad.md @@ -92,22 +92,25 @@ For example, create a document, modify it and sync: Storage secret ----------------------------------- -The `storage_secret` is a long, randomly generated key used to derive encryption keys for both the documents stored on the server and the local replica of these documents. The `storage_secret` is block encrypted using a key derived from the user's password and saved locally on disk in a file called `.secret`, which contains a JSON structure that looks like this: +The `storage_secret` is a long randomly generated key used to derive the encryption keys for the data stored both in the server and in the local replica. The `storage_secret` is block encrypted using a key derived from the user's password and saved locally on disk in a file called `.secret`, which contains a JSON structure that looks like this: { - "storage_secrets": { - "": { - "kdf": "scrypt", - "kdf_salt": "", - "kdf_length": , - "cipher": "aes256", - "length": , - "secret": "", + 'active_secret': '', + 'storage_secrets': { + '': { + 'kdf': 'scrypt', + 'kdf_salt': '', + 'kdf_length': , + 'cipher': 'aes256', + 'length': , + 'secret': '', } } 'kdf': 'scrypt', 'kdf_salt': '', - 'kdf_length: + 'kdf_length: , + '_mac_method': 'hmac', + '_mac': '', } The `storage_secrets` entry is a map that stores information about available storage keys. Currently, Soledad uses only one storage key per provider, but this may change in the future. -- cgit v1.2.3