[PB-6603] Encrypt token#2031
Conversation
Deploying drive-web with
|
| Latest commit: |
dd2551d
|
| Status: | ✅ Deploy successful! |
| Preview URL: | https://d2213a68.drive-web.pages.dev |
| Branch Preview URL: | https://separate-encrypted-storage.drive-web.pages.dev |
| } | ||
|
|
||
| export async function ensureKeyExists(): Promise<void> { | ||
| await ensureKey(); |
There was a problem hiding this comment.
Why not using the ensureKey method from above directly? 🤔
Remove this one, rename the other one as ensureKeyExists, and export it, and it will be the same, right?
There was a problem hiding this comment.
because CryptoKey should not be given to local storage
There was a problem hiding this comment.
Then maybe its a better idea to just remove this method, and add the ensureKey to the getKey method.
That way every time the getKey is called we are sure the Key exists, and then we dont need to use the ensureKeyExists exported method
wdyt? maybe im missing something 🤔
There was a problem hiding this comment.
Not sure about getKeys. We call this method for both get and set. If no keys, then the get should fall with "no keys" instead of "failed to decrypt" as it will happen if we just generate a random new key. The set is already calling ensureKey all the time
|



Description
Starts encrypting the token, separates local and encrypted storages
Related Issues
Relates to PB-6505
Checklist
Testing Process
Full QA of all main drive web functionalities, token change touches everything (should be tested for logged-out users and those who have an ongoing session and token in local storage)
Additional Notes
Includes the migration step that should be removed once the encrypted token is in prod for more than its lifetime.