When a file is uploaded to a private drive, it by default also becomes private and leverages the same drive keys used for its parent drive. Each unique file in a drive will get its own set of file keys based off of that file’s unique File-Id. If a single file gets a new version, it’s File-Id will be reused, effectively leveraging the same File Key for all versions in that file’s history.
These file keys can be shared by the drive’s owner as needed.
Private File entities have both it’s metadata and data transactions encrypted using the same File Key, ensuring all facets of the data is truly private.
As such, both the file’s metadata and data transactions must both have a unique Cipher-IV and Cipher tag
Cipher?: "AES256-GCM" Cipher-IV?: "<12 byte initialization vector as Base64>"
When a file is private, it’s metadata and data transactions must have the following content type tag set
Content-Type: "application/octet-stream"
Comments
0 comments
Please sign in to leave a comment.