Commit message (Collapse) | Author | Age | |
---|---|---|---|
* | todo0.20160831 | Joey Hess | 2016-08-31 |
| | |||
* | better message on bad password | Joey Hess | 2016-08-31 |
| | |||
* | prep release | Joey Hess | 2016-08-31 |
| | |||
* | update | Joey Hess | 2016-08-31 |
| | |||
* | updae | Joey Hess | 2016-08-31 |
| | |||
* | wording | Joey Hess | 2016-08-31 |
| | |||
* | update | Joey Hess | 2016-08-31 |
| | |||
* | add | Joey Hess | 2016-08-31 |
| | |||
* | add .desktop file | Joey Hess | 2016-08-31 |
| | |||
* | update | Joey Hess | 2016-08-31 |
| | |||
* | update | Joey Hess | 2016-08-31 |
| | |||
* | add systemd service, makefile, improve INSTALL | Joey Hess | 2016-08-31 |
| | |||
* | added --store-directory | Joey Hess | 2016-08-31 |
| | |||
* | comment | Joey Hess | 2016-08-31 |
| | |||
* | key encryption hash benchmark was off by a factor of 16, fix | Joey Hess | 2016-08-30 |
| | | | | | | f2fa457a7e45721e94a3f5d0307faf874150cdb4 did in fact fix a laziness issue in the benchmark. This explains why restore was taking so long, although I need to re-run a real restore to double-check this. | ||
* | add | Joey Hess | 2016-08-30 |
| | |||
* | todo | Joey Hess | 2016-08-30 |
| | |||
* | make sure to hash a different value each time, to avoid any laziness issues | Joey Hess | 2016-08-30 |
| | |||
* | fix build | Joey Hess | 2016-08-30 |
| | |||
* | prioritize | Joey Hess | 2016-08-30 |
| | |||
* | Added basic test suite. | Joey Hess | 2016-08-30 |
| | |||
* | format | Joey Hess | 2016-08-30 |
| | |||
* | Improve time estimates, taking into account the number of cores. | Joey Hess | 2016-08-30 |
| | | | | | This only affects time estimates while keysafe is generating hashes; it does not affect cost estimates to brute-force. | ||
* | Tuned argon2 hash parameters on better hardware than my fanless laptop. | Joey Hess | 2016-08-30 |
| | | | | | | | | | | | | | Used a Purism Librem 13. The name generation hash was already ok, but the key encryption key hash was quite off. This is not a total blazing top of the line server, but that's ok; keysafe's hashes are intended to be tuned for commodity hardware. It should not take a user more than an hour to restore a key. The spotAWS value is adjusted because AWS's c4.8xlarge instances run at up to 3.5Ghz, compared with the 2.20Ghz of the Librem 13. Basically it's one Moore's doubling ahead of the reference laptop. | ||
* | fix calculation of usedcores | Joey Hess | 2016-08-30 |
| | |||
* | rename var | Joey Hess | 2016-08-30 |
| | |||
* | oops | Joey Hess | 2016-08-30 |
| | |||
* | fence post | Joey Hess | 2016-08-30 |
| | |||
* | clarify | Joey Hess | 2016-08-30 |
| | |||
* | use number of physical cores, not including hyper-threading | Joey Hess | 2016-08-30 |
| | | | | CPUCost is per physical core | ||
* | add coreCost | Joey Hess | 2016-08-30 |
| | |||
* | show estimate for all rounds | Joey Hess | 2016-08-30 |
| | |||
* | refactor | Joey Hess | 2016-08-30 |
| | |||
* | improve calcuation of expected time for the key encryption key hash | Joey Hess | 2016-08-30 |
| | | | | Take randomSaltBytes into account rather than hardcoding | ||
* | adjust benchmark expected time based on the host's number of cores | Joey Hess | 2016-08-30 |
| | | | | | | The goal of benchmarking the expensive hash is to get an accurate time estimate for a single CPU, but argon2 uses 4 threads, so on a machine with 4 cores, it should only take a quarter as long. | ||
* | update | Joey Hess | 2016-08-29 |
| | |||
* | document * | Joey Hess | 2016-08-29 |
| | |||
* | make server default to only listening to localhost | Joey Hess | 2016-08-29 |
| | | | | | This way, the tor hidden service using it will be the only way it's exposed. | ||
* | comments | Joey Hess | 2016-08-29 |
| | |||
* | minor | Joey Hess | 2016-08-29 |
| | |||
* | support .onion addresses for servers | Joey Hess | 2016-08-29 |
| | |||
* | remove license of no longer embedded secret-sharing | Joey Hess | 2016-08-28 |
| | |||
* | refactor | Joey Hess | 2016-08-28 |
| | |||
* | better error for invalid object size | Joey Hess | 2016-08-28 |
| | |||
* | cleanup | Joey Hess | 2016-08-28 |
| | |||
* | simplify http api, remove apiversion | Joey Hess | 2016-08-28 |
| | | | | Not needed since all routes are tagged with the api version. | ||
* | todo | Joey Hess | 2016-08-28 |
| | |||
* | remove done item | Joey Hess | 2016-08-28 |
| | |||
* | belt and suspenders path injection check | Joey Hess | 2016-08-28 |
| | | | | | | | | | This does not seem to be necessary for the HTTP server, because servant parses the StorableObjectIdent out of query path, so it can't contain `/`. But, what if the HTTP server were running on windows? Then, `\` could be embedded in the StorableObjectIdent or perhaps a drive letter, etc. So, best to have a second level of defense against path injection. | ||
* | Fix gpg secret key list parser to support gpg 2. | Joey Hess | 2016-08-28 |
| | | | | Should also support gpg 1. |