Merge branch 'develop'

Author: tobihagemann

docs/security/architecture.md

@@ -121,7 +121,9 @@ wrappedEncryptionMasterKey := aesKeyWrap(encryptionMasterKey, kek)
 wrappedMacMasterKey := aesKeyWrap(macMasterKey, kek)
 ```
 
-<Image src="/img/security/key-derivation.png" srcset="/img/security/key-derivation.png 1x, /img/security/key-[email protected] 2x" alt="KEK Derivation" width="336" height="71" style={{backgroundColor: '#ffffff', borderRadius: 'var(--ifm-global-radius)', padding: 'var(--ifm-pre-padding)', boxSizing: 'content-box'}} />
+<WhiteBox>
+  <Image src="/img/security/key-derivation.png" srcset="/img/security/key-derivation.png 1x, /img/security/[email protected] 2x" alt="KEK Derivation" width="336" height="71" />
+</WhiteBox>
 
 The wrapped keys and the parameters needed to derive the KEK are then stored as integers or Base64-encoded strings in a JSON file named `masterkey.cryptomator`, which is located in the root directory of the vault.
 
@@ -139,4 +141,6 @@ The wrapped keys and the parameters needed to derive the KEK are then stored as
 
 When unlocking a vault the KEK is used to unwrap (i.e. decrypt) the stored masterkeys.
 
-<Image src="/img/security/masterkey-decryption.png" srcset="/img/security/masterkey-decryption.png 1x, /img/security/masterkey-[email protected] 2x" alt="Masterkey Decryption" width="439" height="200" style={{backgroundColor: '#ffffff', borderRadius: 'var(--ifm-global-radius)', padding: 'var(--ifm-pre-padding)', boxSizing: 'content-box'}} />
+<WhiteBox>
+  <Image src="/img/security/masterkey-decryption.png" srcset="/img/security/masterkey-decryption.png 1x, /img/security/[email protected] 2x" alt="Masterkey Decryption" width="439" height="200" />
+</WhiteBox>

docs/security/vault.md

@@ -24,9 +24,10 @@ cleartextPayload := 0xFFFFFFFFFFFFFFFF . contentKey
 ciphertextPayload, tag := aesGcm(cleartextPayload, encryptionMasterKey, headerNonce)
 ```
 
-<Image src="/img/security/file-header-encryption.png" srcset="/img/security/file-header-encryption.png 1x, /img/security/file-[email protected] 2x" alt="File Header Encryption" width="433" height="199" style={{backgroundColor: '#ffffff', borderRadius: 'var(--ifm-global-radius)', padding: 'var(--ifm-pre-padding)', boxSizing: 'content-box'}} />
-
-*Random per file change
+<WhiteBox>
+  <Image src="/img/security/file-header-encryption.png" srcset="/img/security/file-header-encryption.png 1x, /img/security/[email protected] 2x" alt="File Header Encryption" width="433" height="199" />
+  <WhiteBoxCaption>*Random per file change</WhiteBoxCaption>
+</WhiteBox>
 
 ## File Content Encryption {#file-content-encryption}
 
@@ -54,9 +55,10 @@ for (int i = 0; i < length(cleartextChunks); i++) {
 ciphertextFileContent := join(ciphertextChunks[])
 ```
 
-<Image src="/img/security/file-content-encryption.png" srcset="/img/security/file-content-encryption.png 1x, /img/security/file-[email protected] 2x" alt="File Content Encryption" width="782" height="195" style={{backgroundColor: '#ffffff', borderRadius: 'var(--ifm-global-radius)', padding: 'var(--ifm-pre-padding)', boxSizing: 'content-box'}} />
-
-*Random per chunk change
+<WhiteBox>
+  <Image src="/img/security/file-content-encryption.png" srcset="/img/security/file-content-encryption.png 1x, /img/security/[email protected] 2x" alt="File Content Encryption" width="782" height="195" />
+  <WhiteBoxCaption>*Random per chunk change</WhiteBoxCaption>
+</WhiteBox>
 
 ## Directory IDs {#directory-ids}
 
@@ -94,9 +96,10 @@ Cryptomator uses [AES-SIV](https://tools.ietf.org/html/rfc5297) to encrypt names
 The directory ID of the parent folder is passed as associated data.
 This prevents undetected movement of files between directories.
 
-<Image src="/img/security/filename-encryption.png" srcset="/img/security/filename-encryption.png 1x, /img/security/filename-[email protected] 2x" alt="Filename Encryption" width="614" height="220" style={{backgroundColor: '#ffffff', borderRadius: 'var(--ifm-global-radius)', padding: 'var(--ifm-pre-padding)', boxSizing: 'content-box'}} />
-
-*Unencrypted directory ID of the parent dir [as described above](#directory-ids)
+<WhiteBox>
+  <Image src="/img/security/filename-encryption.png" srcset="/img/security/filename-encryption.png 1x, /img/security/[email protected] 2x" alt="Filename Encryption" width="614" height="220" />
+  <WhiteBoxCaption>*Unencrypted directory ID of the parent dir [as described above](#directory-ids)</WhiteBoxCaption>
+</WhiteBox>
 
 ```
 ciphertextName := base64url(aesSiv(cleartextName, parentDirId, encryptionMasterKey, macMasterKey)) + '.c9r'

src/components/Image.tsx

@@ -1,6 +1,7 @@
 import useBaseUrl from '@docusaurus/useBaseUrl';
 import React from 'react';
 import { GridContext } from './GridContext';
+import { WhiteBoxContext } from './WhiteBoxContext';
 
 interface ImageProps {
   src: string;
@@ -9,12 +10,12 @@ interface ImageProps {
   width?: number | string;
   height?: number | string;
   className?: string;
-  style?: React.CSSProperties;
 }
 
-export default function Image({ src, srcset, alt, width, height, className, style }: ImageProps) {
+export default function Image({ src, srcset, alt, width, height, className }: ImageProps) {
   const imageSrc = useBaseUrl(src);
   const isInsideGrid = React.useContext(GridContext);
+  const isInsideWhiteBox = React.useContext(WhiteBoxContext);
   const processedSrcset = srcset
     ? srcset
         .split(',')
@@ -34,10 +35,10 @@ export default function Image({ src, srcset, alt, width, height, className, styl
       className={className}
       decoding="async"
       loading="lazy"
-      style={{ height: 'auto', ...style }}
+      style={{ height: 'auto' }}
     />
   );
-  if (isInsideGrid) {
+  if (isInsideGrid || isInsideWhiteBox) {
     return imageElement;
   }
   return <p>{imageElement}</p>;

src/components/WhiteBox.tsx

@@ -0,0 +1,22 @@
+import React from 'react';
+import { WhiteBoxContext } from './WhiteBoxContext';
+
+interface WhiteBoxProps {
+  children: React.ReactNode;
+}
+
+export default function WhiteBox({ children }: WhiteBoxProps) {
+  return (
+    <WhiteBoxContext.Provider value={true}>
+      <p style={{
+        backgroundColor: '#ffffff',
+        borderRadius: 'var(--ifm-global-radius)',
+        boxShadow: 'var(--ifm-global-shadow-lw',
+        display: 'inline-block',
+        padding: 'var(--ifm-pre-padding)',
+      }}>
+        {children}
+      </p>
+    </WhiteBoxContext.Provider>
+  );
+}

src/components/WhiteBoxCaption.tsx

@@ -0,0 +1,19 @@
+import React from 'react';
+
+interface WhiteBoxCaptionProps {
+  children: React.ReactNode;
+}
+
+export default function WhiteBoxCaption({ children }: WhiteBoxCaptionProps) {
+  return (
+    <p style={{
+      color: 'var(--ifm-color-gray-900)',
+      display: 'block',
+      fontSize: 'var(--ifm-code-font-size)',
+      marginBottom: '0',
+      marginTop: 'var(--ifm-leading)'
+    }}>
+      {children}
+    </p>
+  );
+}

src/components/WhiteBoxContext.tsx

@@ -0,0 +1,3 @@
+import { createContext } from 'react';
+
+export const WhiteBoxContext = createContext(false);

src/theme/MDXComponents.js

@@ -1,11 +1,15 @@
 import Grid from '@site/src/components/Grid';
 import Image from '@site/src/components/Image';
 import MobileGrid from '@site/src/components/MobileGrid';
+import WhiteBox from '@site/src/components/WhiteBox';
+import WhiteBoxCaption from '@site/src/components/WhiteBoxCaption';
 import MDXComponents from '@theme-original/MDXComponents';
 
 export default {
   ...MDXComponents,
   Grid,
   Image,
   MobileGrid,
+  WhiteBox,
+  WhiteBoxCaption,
 };