search

MobileOrg / mobileorg

MobileOrg iPhone App
http://mobileorg.github.io
GNU General Public License v2.0
557 stars 69 forks source link

Clarify encryption setting #166

Open webframp opened 7 years ago

webframp commented 7 years ago

Determine export requirements for encryption and if we can safely set:

<key>ITSAppUsesNonExemptEncryption</key><false/>
mgmart commented 7 years ago

If this is true, then not :(

http://stackoverflow.com/a/37619545

webframp commented 7 years ago

Based on this I believe the answer is Yes, because the only way encryption is used falls under (e): Limited to authentication, digital signature or the decryption of data or files.

I think this means we can safely set the key mentioned, but still researching.

mgmart commented 7 years ago

Limited to authentication, digital signature or the decryption of data or files.

But we also encrypt files, don't we?

webframp commented 7 years ago

Limited to authentication, digital signature or the decryption of data or files.

But we also encrypt files, don't we?

If I understand the code right, then not as currently implemented, emacs org mode handles the encryption, MobileOrg needs the decryption key for display.

Our lives are easier if we stay compliant with (a) and (e) from that list.

webframp commented 7 years ago

See also: https://discussions.apple.com/thread/3228320?start=15&tstart=0

mgmart commented 7 years ago

Yeah, sure. If we really do not encrypt captures before transfer (haven't checked that) then we should overthink the whole encryption. ;)

mgmart commented 7 years ago

See also: https://discussions.apple.com/thread/3228320?start=15&tstart=0

If I understood that correctly (only flown over) then symmetrical encryption is fine. Would make sense. Then it's a yes.

Remains the question what happens to captures if encryption is switched on :)

webframp commented 7 years ago

Details from org-mobile.el

In our codebase encryption appears to be used only on sync: https://github.com/MobileOrg/mobileorg/blob/71e01165eb5f9bb9d541d25009f45d8986bea9aa/Classes/Sync/SyncManager.m#L306

Not on capture: https://github.com/MobileOrg/mobileorg/blob/71e01165eb5f9bb9d541d25009f45d8986bea9aa/Classes/Capture/NewNoteController.m

mgmart commented 7 years ago

v2 requirements must be taken in consideration

webframp commented 7 years ago

libsodium would be my preferred crypto lib, two swift bindings:

Doesn't address any gpg needs, but useful reference