Thanks for the reply. I don't have my project posted. The main parts involve replacing the SQLite databases with SQLCipher databases to encrypt all the .sqlite files and using NSS to encrypt the non-sqlite files at the stream level. I am still working out the details, such as providing a key for SQLCipher and a key/initialization vector for NSS.
For key3.db, I understood that it contains information about the master password and another key used to unlock signons.sqlite. Considering I can encrypt signons.sqlite (with a separate key not contained in key3.db), should I bother messing with key3.db? Cheers, - Denis On Mon, Jun 4, 2012 at 11:20 AM, David Dahl <dd...@mozilla.com> wrote: > ----- Original Message ----- > > From: "Denis Cormier" <denis.r.corm...@gmail.com> > > To: dev-tech-crypto@lists.mozilla.org > > Sent: Monday, June 4, 2012 9:10:34 AM > > Subject: Firefox profile encryption > > > 1. Assuming the user does not enter a master password, would key3.db > > require further encryption? > > 2. Am I missing files from the profile that would contain sensitive > > information? > > I believe the key3.db stores everything encrypted. I am not sure where the > key it uses to encrypt things might be stored. > > You should also include 'sessionstore.bak' and 'webappsstore.sqlite' > (which may only be in pre-releases right now). Also, localstore.rdf has > information about extensions and search providers you have installed, my > nightly build also has chromeappsstore.sqlite which has web urls in it that > are I think pinned to the new tab page. > > Is your project hosted anywhere? I am quite interested in how this will > work. > > Cheers, > > David > > -- > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
