Encrypting token secrets
Currently Keysmith does not do this, so let's create a 'formal' issue for it.
Should probably tie in with #2 (closed)
- What KDF do we use? PBKDF#2, Argon? I.e. how do we turn a user master password for a token/account data file into a key for encryption?
- What construction do we use for secrets: AES-GCM? AES-CBC + MAC? ChaCha + Poly? How does the chosen scheme hold us against plain text re-use, do we need to worry about nonce re-use? What are the right crypto building blocks to use (QCA) ?
- Do we decide to encrypt all token parameters and not just the secret itself?
- Do we store encryption algorithm parameters per-account, globally, or do we assume a specific implementation?
Secret handling in RAM (lifetime of unencrypted data):
- Do we load tokens, decrypt secrets and then keep decrypted secrets in RAM while using them for generating tokens
- Or: do we load tokens and then decrypt them on the fly when generating tokens.