From f7ebd341e27ecfa5adaeddf7e8b725a544d21072 Mon Sep 17 00:00:00 2001 From: varjolintu Date: Fri, 15 Dec 2017 07:12:21 +0200 Subject: [PATCH 1/2] Updated some old protocol text --- keepassxc-protocol.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/keepassxc-protocol.md b/keepassxc-protocol.md index 8ac2107..48ad101 100644 --- a/keepassxc-protocol.md +++ b/keepassxc-protocol.md @@ -13,7 +13,7 @@ Now the requests are encrypted by [TweetNaCl.js](https://github.com/dchest/tweet Encrypted messages are built with these JSON parameters: - action - `test-associate`, `associate`, `get-logins`, `get-logins-count`, `set-login`... - message - Encrypted message, base64 encoded -- nonce - 24 bytes long random data, base64 encoded. This must be the same when responding to a request. +- nonce - 24 bytes long random data, base64 encoded. This is incremented to the response. - clientID - 24 bytes long random data, base64 encoded. This is used to identify different browsers if multiple are used with proxy application. Currently these messages are implemented: From d9809b3e5cb7fd9570a92a8809392986b780ffe6 Mon Sep 17 00:00:00 2001 From: varjolintu Date: Fri, 15 Dec 2017 07:24:14 +0200 Subject: [PATCH 2/2] Updated some old protocol text --- keepassxc-protocol.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/keepassxc-protocol.md b/keepassxc-protocol.md index 48ad101..46ff01a 100644 --- a/keepassxc-protocol.md +++ b/keepassxc-protocol.md @@ -8,7 +8,7 @@ Now the requests are encrypted by [TweetNaCl.js](https://github.com/dchest/tweet 3. All messages between the browser extension and KeePassXC are now encrypted. 4. When keepassxc-browser sends a message it is encrypted with KeePassXC's public key, a random generated nonce and keepassxc-browser's secret key. 5. When KeePassXC sends a message it is encrypted with keepassxc-browser's public key and an incremented nonce. -6. Databases are stored based on the current public key used with `associate`. A new key pair for data transfer is generated each time keepassxc-browser is launched. +6. Databases are stored based on the current public key used with `associate`. This public key used for indentification is not used again afterwards. A new key pair for data transfer is generated each time keepassxc-browser is launched. Encrypted messages are built with these JSON parameters: - action - `test-associate`, `associate`, `get-logins`, `get-logins-count`, `set-login`...