The idea is to create a new type (to avoid ugly string parsing) and
then, instead of iterating through delegations with the username, iterate
through the delegations and look for your username and matching slot. Also
in cases we don't have the slot (everything but delegation), find the slot
when we match a user.
This patch adds the /owners API endpoint that returns the list of users
that "own" the given secret. These are the users that can delegate their
passwords for decrypting the secret.
It also adds the "Get Owners" form in the web UI that uses the new API.
Fixes#62
LeftOwners and RightOwners can now be used as either disjoint
or overlapping sets of users for encrypting a message. Default
behavior is to set them to Owners given a non-empty Owners set.
One member from each group are required to decrypt the message.
There are a few changes made here:
* Comments have been updated to reflect the presence of ECC records.
* Variables named rsa* have been renamed pub* to reflect the general
use of public key cryptography, instead of RSA specifically.
* An if statement for RSA keys now handles both RSA and ECC keys.
The passvault's id is created with math.rand as a native int.
If the vault is created on a 64-bit system, it breaks compatibility
with 32-bit systems.
- Generate vaults with 32-bit ids.
- Update testcode
