[Webkit-unassigned] [Bug 193590] add support for encrypted localstorage

[bugzilla-daemon at webkit.org]

https://bugs.webkit.org/show_bug.cgi?id=193590

--- Comment #4 from Geoffrey Garen <ggaren at apple.com> ---
> - Accept an encryption key. Should we support a single encryption
> algorithm/key type or support multiple?

I don't know. I suppose it depends on the purpose of the feature.

If the purpose of the feature is to enable one user to encrypt their data separately from another user on the same device, then there's no obvious reason to allow a client to specify the encryption algorithm, and an API that picked an algorithm automatically would be easier to use.

> - Encrypt/decrypt data. Does this happen inside `WebsiteDataStore`? Are
> there existing cross-platform WebKit APIs for encryption/decryption that we
> can reuse?

This is a challenging question. WebKit uses many different storage technologies implicitly. Sometimes SQLite, sometimes flat files, sometimes encoded plists, sometimes something chosen by another framework in a way that is opaque to WebKit (e.g. cookies). It's not obvious to me at which layer we would perform encryption / decryption, or how to architect that. Getting to the point where you can override every storage operation with some kind of custom storage system is a pre-requisite to adding encryption, and probably the most challenging part of this feature proposal.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220613/84e43ebe/attachment.htm>