mirrors/redoctober
1
0
Fork 0
mirror of https://github.com/cloudflare/redoctober.git synced 2026-02-13 00:02:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
196 Commits 12 Branches 0 Tags
c5da2f748e057e2f4219befcc2cda8182b65ddbb
Commit Graph

22 Commits

Author SHA1 Message Date
Brendan McMillion
7e56983fa6 Move field and matrix logic into their own files and abstractions. 
- Instead of using GF(2^127-1) as one of many options, move to GF(2^128) exclusively.
- Don't clear the first two bits of every secret key.
 2015-11-21 09:23:55 -08:00
Brendan McMillion
07b99b15f3 Update comments. 2015-11-20 10:22:59 -08:00
Brendan McMillion
61540eca4e Bug fixes from code audit. 
- Catch ignored error.
- Make sure that key data exists in the EncryptedData object as well as in the key cache.
 2015-11-13 16:21:30 -08:00
Brendan McMillion
2422b2920d Update owners API and README with predicates. 2015-11-11 15:23:14 -08:00
Brendan McMillion
d93709973e Track delegates when decrypting with shares. 2015-11-11 15:22:33 -08:00
Brendan McMillion
9e514e902a Shorten key by 2 bits. 2015-11-11 15:21:49 -08:00
Brendan McMillion
e652300f43 Vendored in Bren2010/MSP 2015-11-11 15:20:46 -08:00
Brendan Mc
becabb40e9 Integration with Bren2010/MSP 2015-11-11 15:20:17 -08:00
Alessandro Ghedini
4183569465 Add support for listing required delegations for an encrypted secret 
This patch adds the /owners API endpoint that returns the list of users
that "own" the given secret. These are the users that can delegate their
passwords for decrypting the secret.

It also adds the "Get Owners" form in the web UI that uses the new API.

Fixes #62
 2015-06-17 11:07:26 +02:00
Brendan Mc
fcf9b125d0 Fixed left & right owner logic. Closes issue #63. 2015-06-11 21:19:04 -07:00
Nick Sullivan
244288a4d3 Check for full set of keys before using delegation. 2015-05-19 17:20:26 -07:00
Brendan Mc
ef80162f14 Style changes 2015-05-07 13:51:00 -07:00
Brendan Mc
935b929dd5 Return to idiomatic style & Backwards compatible left&right owners 2015-05-04 19:05:19 -07:00
Brendan Mc
7e08548caf Patched HMAC vulnerability. 2015-05-01 16:46:57 -07:00
Brendan Mc
e61103147c Minimized global state and made user type an option. 2015-05-01 16:10:55 -07:00
Brendan Mc
c3c0e2182b Removed AES user type and reformatted more code. 2015-04-28 16:24:58 -07:00
Nick Sullivan
8e910c2035 Changes to delegation model 
- decryption can happen by non-admins
- encrypted files can be given labels
- delegation can limit decryption to specific users and labels
 2015-04-09 17:15:44 -07:00
Nick Sullivan
8c21db7ba4 Add support for left/right groups 
LeftOwners and RightOwners can now be used as either disjoint
or overlapping sets of users for encrypting a message. Default
behavior is to set them to Owners given a non-empty Owners set.

One member from each group are required to decrypt the message.
 2015-02-09 18:51:33 -08:00
Kyle Isom
91cd67f267 Decrypt returns the list of users used for delegation 
When decrypting a chunk of data, red october will now report the users
whose keys were used in the decryption.
 2014-09-14 19:13:37 -07:00
Kyle
1916f385ed Move {En,De}cryptCBC and MakeRandom to symcrypt. 
The symcrypt package now contains common secret-key code that is
redefined in a number of packages.
 2014-01-10 03:58:43 -07:00
Kyle
db0b10e671 Add ECC support to cryptor. 
There are a few changes made here:
  * Comments have been updated to reflect the presence of ECC records.
  * Variables named rsa* have been renamed pub* to reflect the general
    use of public key cryptography, instead of RSA specifically.
  * An if statement for RSA keys now handles both RSA and ECC keys.
 2014-01-09 19:20:06 -07:00
Albert Strasheim
9c5d08f665 Make repository work with go get 2013-11-21 12:01:25 -08:00