thunderbird-android icon indicating copy to clipboard operation
thunderbird-android copied to clipboard
verified publisher icon thunderbird

Enables Encrypted Backups

Open mintsoft opened this issue 1 year ago • 3 comments

Fixes https://github.com/thunderbird/thunderbird-android/issues/3857

As discussed it is only enabled in the situation where client side encryption is enabled so the credentials are protected (https://github.com/thunderbird/thunderbird-android/pull/3846#issuecomment-450231455)

I don't think it's necessary to implement BackupAgent as the manifest assertions should be sufficient?

mintsoft avatar Sep 16 '24 14:09 mintsoft

Been testing the version compatibility with Android; Android 5 will ignore the requirement for client encryption (see testing for a different app: https://codeberg.org/Freeyourgadget/Gadgetbridge/pulls/4123#issuecomment-2347840)

I've not checked the minimum sdk version for thunderbird/k9 yet; but the "simplest" solution is to ensure minimum of sdk 23/Android 6 and it'll behave as desired.

mintsoft avatar Oct 13 '24 14:10 mintsoft

Thanks for the pull request :heart:

One thing we can't include in backups is OAuth access/refresh tokens. That could lead to multiple devices trying to use the same token. That would most likely be flagged by providers and could lead to the account being locked.

I currently don't have a suggestion on how to make backups work with that constraint in mind (other than using a custom BackupAgent). Do you have an idea?

cketti avatar Oct 15 '24 11:10 cketti

Hmm, where are they stored? If they're all together etc we can probably exclude them in the backup.xml et voila.

mintsoft avatar Oct 15 '24 15:10 mintsoft

@mintsoft Are there any other settings aside from OAuth access/refresh tokens that we should be excluding? I believe all current settings are stored together, so they would need to be separated. How would you be solving that, indeed a custom BackupAgent?

kewisch avatar Nov 18 '24 12:11 kewisch

AFAIK its only those tokens. How to separate depends on where they are, if they were in a dedicated file or under a sharedpref tree then you can exclude them in the backup.xml if it's not easily separable then yes, a BackupAgent is the only real option.

mintsoft avatar Nov 18 '24 17:11 mintsoft

We could move OAuth tokens to a separate file when implementing #8417. That will allow us to exclude OAuth tokens without having to write a custom BackupAgent.

cketti avatar Jan 07 '25 16:01 cketti

I'll put this on hold for now and revisit when we develop a solution to prevent OAuth tokens from being stored in backups.

wmontwe avatar Mar 05 '25 12:03 wmontwe