PHPCRED-11: Double Blind Encryption

Issue Information

Issue Type: New Feature
Priority: Major
Status: In Progress

Reported By:
Ben Tasker
Assigned To:
Ben Tasker
Project: PHPCredlocker (PHPCRED)
Resolution: Unresolved
Target version: 1.25,
Components: Crypto , Storage , Double-Blind Storage ,

Created: 2013-12-07 00:34:18
Time Spent Working

Would like to add the ability to do a final encryption/decryption run in the browser if the user has stored the pass as 'double-blind'.

So when adding a credential, the user has the option of setting a decryption password (which will never be passed to the browser).

To make sure we don't get any funny behaviour from special characters, it'll probably be wise to manipulate the input password in javascript (perhaps base64 encode it?) before using it as a key.

Will need warnings to warn the user that if they forget the password, the credentials will be irretrievable.

Issue Links


PHPCRED-20: Consider improvements to Double-Blind encryption
PHPCRED-21: Disable Plugins when Password is double-blind
Toggle State Changes


btasker changed status from 'Open' to 'In Progress'
Have added an indicator to the DB in V1.15
Commit b5f9219 (branch PHPCRED11) starts building the JS framework.

API response needs to include the content of the Double-blind indicator (idx 6 in the response), and still need to adjust the add creds form so the setting can be enabled on a per-credential basis.

Commit f78334b sets the minimum pass length to 6 - once testing complete will raise this.
Commit 3f9461e adds a check to ensure the string has decrypted correctly (i.e. that the correct decryption pass has been provided).

When encrypted, the pass is submitted as

1|..|(base64 encoded ciphertext)

When decrypting, we check that the first element of the array (generated by splitting on |..|) == 1
The password is being blind encrypted, but the system isn't setting the blind indicator. Decryption is also failing when indicator is set manually
Had forgotten to update the view on the dev site. Indicator now set correctly, however, the address always returns false when decrypting.
It's because the address is always embedded within plaintext HTML. Best bet is going to be to exclude the address from double-blind for now
Merged PHPCRED-11 into Dev and deleted feature branch as basic functionality is now working
Raised PHPCRED-18 to deal with issues resulting from a partially incorrect password.
All alerts are currently JS based, some probably need to be changed to update within the DOM rather than triggering a JS alert.
btasker added '1.25' to Fix Version
btasker removed '1.5' from Fix Version