sigtool

homelab/sigtool

Fork 0

Commit graph

Author	SHA1	Message	Date
Sudhi Herle	e22fae05f7	Better handling of sender verification * Sender identity is never shared in the encrypted payload * Sender signs the data-encryption key via Ed25519 if sender-auth is desired; else a "signature" of all zeroes is used. In either case, this signature is encrypted with the same data-encryption key. * cleaned up stale code and updated tests	2020-03-23 10:44:40 -07:00
Sudhi Herle	00542dec02	Major breaking changes: Reworked file encryption scheme * all encryption now uses ephmeral curve25519 keys * sender can identify themselves by providing a signing key * sign/verify now uses a string prefix for calculating checksum of the incoming message + known prefix [prevents us from verifying unknown blobs] * encrypt/decrypt key is now expanded with a known prefix _and_ the header checksum * protobuf definition changed to include an encrypted sender identification blob (sender public key) * moved protobuf files into an internal/pb directory * general code rearrangement to make it easy to find files * added extra validation for reading all keys * bumped version to 1.0.0	2020-03-20 17:40:52 -07:00

Author

SHA1

Message

Date

Sudhi Herle

e22fae05f7

Better handling of sender verification

* Sender identity is never shared in the encrypted payload
* Sender signs the data-encryption key via Ed25519 if sender-auth is
  desired; else a "signature" of all zeroes is used. In either case, this
  signature is encrypted with the same data-encryption key.
* cleaned up stale code and updated tests

2020-03-23 10:44:40 -07:00

Sudhi Herle

00542dec02

Major breaking changes: Reworked file encryption scheme

* all encryption now uses ephmeral curve25519 keys
* sender can identify themselves by providing a signing key
* sign/verify now uses a string prefix for calculating checksum of the
  incoming message + known prefix [prevents us from verifying unknown
  blobs]
* encrypt/decrypt key is now expanded with a known prefix _and_ the
  header checksum
* protobuf definition changed to include an encrypted sender
  identification blob (sender public key)
* moved protobuf files into an internal/pb directory
* general code rearrangement to make it easy to find files
* added extra validation for reading all keys
* bumped version to 1.0.0

2020-03-20 17:40:52 -07:00

2 commits