summaryrefslogtreecommitdiffhomepage
Commit message (Collapse)AuthorAge
* todo0.20160831Joey Hess2016-08-31
|
* better message on bad passwordJoey Hess2016-08-31
|
* prep releaseJoey Hess2016-08-31
|
* updateJoey Hess2016-08-31
|
* updaeJoey Hess2016-08-31
|
* wordingJoey Hess2016-08-31
|
* updateJoey Hess2016-08-31
|
* addJoey Hess2016-08-31
|
* add .desktop fileJoey Hess2016-08-31
|
* updateJoey Hess2016-08-31
|
* updateJoey Hess2016-08-31
|
* add systemd service, makefile, improve INSTALLJoey Hess2016-08-31
|
* added --store-directoryJoey Hess2016-08-31
|
* commentJoey Hess2016-08-31
|
* key encryption hash benchmark was off by a factor of 16, fixJoey Hess2016-08-30
| | | | | | f2fa457a7e45721e94a3f5d0307faf874150cdb4 did in fact fix a laziness issue in the benchmark. This explains why restore was taking so long, although I need to re-run a real restore to double-check this.
* addJoey Hess2016-08-30
|
* todoJoey Hess2016-08-30
|
* make sure to hash a different value each time, to avoid any laziness issuesJoey Hess2016-08-30
|
* fix buildJoey Hess2016-08-30
|
* prioritizeJoey Hess2016-08-30
|
* Added basic test suite.Joey Hess2016-08-30
|
* formatJoey Hess2016-08-30
|
* Improve time estimates, taking into account the number of cores.Joey Hess2016-08-30
| | | | | This only affects time estimates while keysafe is generating hashes; it does not affect cost estimates to brute-force.
* Tuned argon2 hash parameters on better hardware than my fanless laptop.Joey Hess2016-08-30
| | | | | | | | | | | | | Used a Purism Librem 13. The name generation hash was already ok, but the key encryption key hash was quite off. This is not a total blazing top of the line server, but that's ok; keysafe's hashes are intended to be tuned for commodity hardware. It should not take a user more than an hour to restore a key. The spotAWS value is adjusted because AWS's c4.8xlarge instances run at up to 3.5Ghz, compared with the 2.20Ghz of the Librem 13. Basically it's one Moore's doubling ahead of the reference laptop.
* fix calculation of usedcoresJoey Hess2016-08-30
|
* rename varJoey Hess2016-08-30
|
* oopsJoey Hess2016-08-30
|
* fence postJoey Hess2016-08-30
|
* clarifyJoey Hess2016-08-30
|
* use number of physical cores, not including hyper-threadingJoey Hess2016-08-30
| | | | CPUCost is per physical core
* add coreCostJoey Hess2016-08-30
|
* show estimate for all roundsJoey Hess2016-08-30
|
* refactorJoey Hess2016-08-30
|
* improve calcuation of expected time for the key encryption key hashJoey Hess2016-08-30
| | | | Take randomSaltBytes into account rather than hardcoding
* adjust benchmark expected time based on the host's number of coresJoey Hess2016-08-30
| | | | | | The goal of benchmarking the expensive hash is to get an accurate time estimate for a single CPU, but argon2 uses 4 threads, so on a machine with 4 cores, it should only take a quarter as long.
* updateJoey Hess2016-08-29
|
* document *Joey Hess2016-08-29
|
* make server default to only listening to localhostJoey Hess2016-08-29
| | | | | This way, the tor hidden service using it will be the only way it's exposed.
* commentsJoey Hess2016-08-29
|
* minorJoey Hess2016-08-29
|
* support .onion addresses for serversJoey Hess2016-08-29
|
* remove license of no longer embedded secret-sharingJoey Hess2016-08-28
|
* refactorJoey Hess2016-08-28
|
* better error for invalid object sizeJoey Hess2016-08-28
|
* cleanupJoey Hess2016-08-28
|
* simplify http api, remove apiversionJoey Hess2016-08-28
| | | | Not needed since all routes are tagged with the api version.
* todoJoey Hess2016-08-28
|
* remove done itemJoey Hess2016-08-28
|
* belt and suspenders path injection checkJoey Hess2016-08-28
| | | | | | | | | This does not seem to be necessary for the HTTP server, because servant parses the StorableObjectIdent out of query path, so it can't contain `/`. But, what if the HTTP server were running on windows? Then, `\` could be embedded in the StorableObjectIdent or perhaps a drive letter, etc. So, best to have a second level of defense against path injection.
* Fix gpg secret key list parser to support gpg 2.Joey Hess2016-08-28
| | | | Should also support gpg 1.
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-19 10:16:03 +0000