[Passwordsafe-devel] File Attachment Feature in V3 Format
Popular easy-to-use and secure password manager
Brought to you by:
ronys
Menu
▾
▴
[Passwordsafe-devel] File Attachment Feature in V3 Format
|
From: Mark M. <mar...@gm...> - 2018-09-30 13:42:28
|
Hi, I've just been chatting with Rony over email about adding a feature to the V3 format to allow people to store files (e.g. images, etc) as part of a record. He suggested it was best to mail this list with the idea, and see what your thoughts are here. I maintain the Strongbox iOS and Mac app (https://strongboxsafe.com), which are Password Safe clients. I get frequent feature requests from people to allow them to add images or attachments to their safes. This is a feature I'd like myself for my own safes too, I'm sure some of you feel the same. Rony had some concerns about performance, which I think are worth discussing. Also, I know that as part of V4 there is some expected support for file attachments. I think however that getting this feature in V3 would be a big win for all password safe users, and I think it could be done in a way that would satisfy a lot of users. As regards the performance given large file sizes, I think that clients could help protect against this by imposing a file size limit (perhaps 5-10MB), and explaining the consequences of adding many large files to the users. I've tested very large databases on iOS devices, and had pretty good results, but of course your mileage will vary, given the device and client implementations. Rony mentioned that it might be worth trying to back port the V4 work that had been done on this feature, into V3. I haven't had a chance to take a look at the feasibility of this just yet, it seems like a full service/Rolls Royce solution that would deal with the performance issues of large databases very well. Separately, I had my own idea of how to do this, that while not as robust and performant as Rony's model, would require very little design changes, and I think could be a fairly straightforward implementation for other clients/platforms. The idea is simply to create a new Record Field Type and some kind of (pseudo code) data structure like so: typedef struct _FileAttachment { char fileNameLength[4]; // 4 hexadecimal digit file name length (in TCHAR) - Password History Style Length char mimeTypeLength[4]; // 4 hexadecimal digit mime type length (in TCHAR) - Password History Style Length char filename[...]; // The file name char mimeType[...]; // a mime type such as 'image/jpeg' - to aid with opening / encoding / display etc unsigned char data[]; // The actual data of the file filled out to the end of the field } FileAttachment; I hope that makes sense. Would love to hear your thoughts. I think this could be a great feature for the Password Safe format. Thanks and all the best, -Mark |
