Closed redixhumayun closed 3 years ago
I have a setup where I replicate from CouchDB to PouchDB on initial load. When I try to encrypt the PouchDB, I am still able to read documents from the database and log it in the browser.
so once you set up the pouchdb instance to be encrypted it still looks like its decrypted because crypto-pouch handles decryption and encryption, if you were to just try to open the database without adding crypto-pouch you wouldn't be able to read it
How do I encrypt the database so as to prevent any read / write to the DB unless the DB is decrypted by providing the correct PIN?
by not setting up the encryption until the user supplies the PIN
What do you mean when you say that if I were to open the database without adding crypto-pouch I wouldn't be able to read it? It would have to be encrypted before I should not be able to read it right?
by not setting up the encryption until the user supplies the PIN
So I encrypt after the user provides the PIN? Sorry, that seems to be backwards and its leaving me a little confused.
you need to open the database using the pin before you write anything to it, otherwise it won't be encrypted because it needs the pin in order to encrypt things.
What do you mean when you say that if I were to open the database without adding crypto-pouch I wouldn't be able to read it? It would have to be encrypted before I should not be able to read it right?
i mean if you were to sync the database and reload the page this time not using crypto pouch to read the pouchdb you wouldn't be able to read the database without the pin
Hey, closing this issue since it seems Calvin got you some answers. Let me know if you're still having trouble and I'll be happy to help :)
Hey, I have some questions around what exactly transparent encryption entails.
I have a setup where I replicate from CouchDB to PouchDB on initial load. When I try to encrypt the PouchDB, I am still able to read documents from the database and log it in the browser.
How do I encrypt the database so as to prevent any read / write to the DB unless the DB is decrypted by providing the correct PIN?