soledad.git/testing/tests/client, branch 0.9.3 [soledad] [refactor] pass soledad object to client secrets api 2017-02-25T11:53:38+00:00 drebs drebs@leap.se 2017-02-25T11:53:38+00:00 b433c1ed736f5d4c19da4cdb21108a02459ca7fd In order to be able to change passphrase, token and offline status of soledad from the bitmask client api, the secrets api also has to be able to use up-to-date values when encrypting/decrypting secrets and uploading/downloading them to the server. This commit makes public some soledad attributes that were previously "private" (i.e. used to start with "_" and were not meant to be accessed from outside), and passes the whole soledad object to the client secrets api. This makes the code cleaner and also allows for always getting newest values of soledad attributes. 
In order to be able to change passphrase, token and offline status of
soledad from the bitmask client api, the secrets api also has to be able
to use up-to-date values when encrypting/decrypting secrets and
uploading/downloading them to the server. This commit makes public some
soledad attributes that were previously "private" (i.e. used to start
with "_" and were not meant to be accessed from outside), and passes the
whole soledad object to the client secrets api. This makes the code
cleaner and also allows for always getting newest values of soledad
attributes.
[style] add deprecation warning on legacy decoder 2017-02-16T20:32:30+00:00 Victor Shyba victor1984@riseup.net 2017-02-16T20:18:06+00:00 ac6d87e83f91ed61b160e7cdd968f4a6f3d68f34 






[feature] add doc size to preamble
2017-02-16T07:48:58+00:00

Victor Shyba
victor1984@riseup.net

2017-02-16T07:48:58+00:00

d2ef605af73a592ea21c5bae005f53f483e310a6

That's necessary for blobs-io. Current code includes backwards
compatibility branching and tests, which shall be removed on next
releases.





That's necessary for blobs-io. Current code includes backwards
compatibility branching and tests, which shall be removed on next
releases.







[tests] add tests for preamble encoding
2017-02-15T20:43:17+00:00

Victor Shyba
victor1984@riseup.net

2017-02-15T20:43:17+00:00

e6ed77ce83a37dd4fffb8ac560ae34fbee8acc22












[refactor] remove leftover code from previous wsgi auth
2017-02-09T16:41:38+00:00

drebs
drebs@leap.se

2016-12-22T09:32:29+00:00

c3c8afb68330bdfb8fe70efc7d055b55ca9c1c3a












[feat] use twisted web http auth and creds
2017-02-09T16:41:35+00:00

drebs
drebs@leap.se

2016-12-18T18:36:39+00:00

260805b9967184841c4499f94713a9a48c49a813












[test] move client secrets tests to its own file
2017-02-09T16:41:30+00:00

drebs
drebs@leap.se

2017-01-21T22:13:27+00:00

71ab022aa12d5754d5845eae757b2f3531b4e50a












[bug] use derived key for local storage
2017-02-09T16:41:27+00:00

drebs
drebs@leap.se

2016-12-24T16:05:15+00:00

8d9782c689daa14aca495d7b6b2598b2743c4e7c












[refactor] improve secrets generation and storage code
2017-02-09T16:41:26+00:00

drebs
drebs@leap.se

2016-12-05T11:10:47+00:00

ff85c2a41fe933d9959fb84a0df2a13a6e199cec












[feature] Change CTR to GCM on secrets.py
2016-12-12T11:17:52+00:00

Victor Shyba
victor1984@riseup.net

2016-12-07T05:03:58+00:00

7877527fe64eaee1f7f107913a4a3dc78767a338

Current implementation can allow tampering and the CTR->GCM exchange can
help to avoid it.
This commits also alters a behaviour where we moved ahead after failing
to decrypt a recovery document. IMHO we can't move ahead as this is a
fatal error.

Signed-off-by: Victor Shyba <victor1984@riseup.net>





Current implementation can allow tampering and the CTR->GCM exchange can
help to avoid it.
This commits also alters a behaviour where we moved ahead after failing
to decrypt a recovery document. IMHO we can't move ahead as this is a
fatal error.

Signed-off-by: Victor Shyba <victor1984@riseup.net>