ioBroker.e3dc-rscp icon indicating copy to clipboard operation
ioBroker.e3dc-rscp copied to clipboard

Published 20 hours ago verified publisher icon git-kick

Use standard password encryption method

Open git-kick opened this issue 3 years ago • 3 comments

@Apollon77 wrote:

If you like you can remove all the encrypt/decrypt stuff and use the automatic solution ... see best practices in Readme of this repo for infos. YOu just need to add an "encrptedNative" and "protectedNative" sections to io-package and add a propoer admin globalDependency.

see https://github.com/ioBroker/ioBroker.repositories/pull/1589

git-kick avatar Jan 30 '22 08:01 git-kick

@Apollon77, I'm afraid I need your support again, because I cannot figure out the "automatic solution": in io-package.json, I can add encryptedNative and protectedNative as described, but...

  • what do you mean by "add a proper admin globalDependency"? Which file is affected here?
  • are myencrypt() and mydecrypt() definitions in index_m.html and decrypt() in main.js still neccessary?

In README, I found this hint:

if you need to store passwords please encrypt them in Admin! You can check e.g. Apollon77/iobroker.meross for example code in index_m.html and main.js

In ioBroker.meross, I found the xxxNative declarations in io-package.json, but index_m.html and main.js contain the well-known myencrypt()/mydecrypt() and decrypt() definitions, similar to what I'm doing in e3dc-rscp V1.0.0 I browsed some of your adapters, but found none besides meross having the xxxNative declarations in io-package.json.

So I'm kind of lost, could you give me a hint, perhaps an adapter example where only the automatic solution is implemented?

git-kick avatar Feb 01 '22 14:02 git-kick

Hi,

Dependency wise it is admin >=4.0.9

The myen/decrypt is not longer needed then., And yes merioss is not longer "tsta eof the art" - I will adjust taht soon

It is really just: "io-package" stuff

Apollon77 avatar Feb 02 '22 12:02 Apollon77

@Apollon77

Dependency wise it is admin >=4.0.9

I'm a bit lost... in iobroker-config.json, I can see "adminVersion": "admin5". Is this good enough? Or do I have to add a new dependency "admin": ">=4.0.9"under io-package.json/"common"/"dependencies"?

The myen/decrypt is not longer needed then., And yes merioss is not longer "tsta eof the art" - I will adjust taht soon

How do I decrypt then when I access this.config.myPassword? Could you point me to a working sample, please?

git-kick avatar Feb 27 '22 10:02 git-kick

With v1.3.0, we migrated to admin5 json-config and passwords are protectedNative and encryptedNative.

git-kick avatar Sep 09 '24 10:09 git-kick