Re: [Evolution-hackers] Cache encryption

[Jeffrey Stedfast <fejj novell com>]

On 03/04/2011 06:40 AM, David Woodhouse wrote:
> I'm working on "Enterprise" use of Evolution, and one of the big
> requirements is encryption of data at rest. The answer "just encrypt the
> whole of the user's home directory" only puts them off for so long.
>
> So I'm looking at implementing this directly in camel-data-cache,
> e-cal-backend-cache, etc.
>
> I'll probably do the encryption with a randomly-generated key, which
> itself is stored locally, encrypted with a password. 
>
> That way, changing the password doesn't involve re-encrypting the whole
> of the store; you only need to re-encrypt the master key. It also means
> that we can tie the password for the cache to the password for the
> server; entering one will allow access to both.
>
> Hopefully, the changes required to code that *uses* the cache
> functionality should be fairly limited. Mostly it should be handled by
> extra arguments to camel_data_cache_new(), e_cal_backend_cache_new(),
> camel_db_open() and similar functions.
>
> I'm hoping that it's reasonable to declare that *filenames* are not
> sensitive, and that we only need to encrypt the *contents* of files.
> Does that seem fair?
>   

for CamelDataCache, the file names already aren't very useful on their
own (just hashes of uids, iirc), so you wouldn't need to worry about
that ;-)

Anyways, do you also plan on encrypting mbox/maildir files? Might make
sense...

Easiest way to implement this feature in Camel might be to implement a
CamelMimeFilter or CamelStream that encrypts/decrypts the content as it
reads/writes the data. Implementing it as a CamelStream might be the
best approach as it would more easily allow seeking.

Hope that helps,

Jeff