summaryrefslogtreecommitdiff
path: root/scripts
diff options
context:
space:
mode:
authordrebs <drebs@leap.se>2015-06-03 15:56:40 -0300
committerKali Kaneko <kali@leap.se>2015-07-27 09:58:29 -0400
commitbbfb3bb44915004a70702030aa1d2f9336a60938 (patch)
treef4736717fcf6eb436bfd9ac17f1e32a6c6bbb622 /scripts
parent3546eff73297945c1519e925c994e28d6ad523f4 (diff)
[bug] remove mac from secrets file
This is how a secret was stored in the secrets json file: * each secret is symmetrically encrypted amd MACed with keys derived from the user's passphrase. * the encrypted secrets dictionary is then MACed with another key derived * from the user's passphrase. * each key is derived using scrypt and a unique random salt. There are disadvantages to this approach: * repeating scrypt many times is a waste of time. * an attacker could crack whichever has weaker parameters, if they get out of sync. * if an attacker can modify the secret in a way it is good to decrypt the database, then she can also modify the MAC. The solution for this is: * completelly eliminate the MAC from the storage secrets file. * attempt to decrypt the database with whatever is got from the decryption of the secret. If that is wrong, report an error. Closes #6980.
Diffstat (limited to 'scripts')
0 files changed, 0 insertions, 0 deletions