Commit Graph

43 Commits

Author SHA1 Message Date
Ryan Heywood fa84a2ae5f
keyfork-shard: Be less strict about keys
Rationale: Keyfork Shard runs on Airgap systems. The biggest impact of
using StandardPolicy and checking whether keys are "alive" is the drift
between different Airgap systems where the keys may not be valid at the
same time. Because of this, it is impossible to shard a secret to all
keys at once using a StandardPolicy.

However, we consider these keys to be a trusted input, whether created
by a previous system or generated directly by Keyfork. Because of this,
we can use a NullPolicy to blanketly permit all keys, the same way we
blanketly permit all keys when reconstituting the sharded secret, and
disable the check for whether keys are alive (though, we are still
denying revoked keys).
2024-08-08 00:48:33 -04:00
Ryan Heywood 142bea3b9f
keyfork-shard: verify QR code length correctly 2024-05-29 16:16:55 -04:00
Ryan Heywood 491d19469a
crates: bump versions 2024-05-16 00:29:28 -04:00
Ryan Heywood d04989ef30
keyfork-derive-util: make key parsing fallible again, since secp256k1 isn't guaranteed correct 2024-05-03 23:20:50 -04:00
Ryan Heywood 1a036a0b5f
keyfork-shard: clean up documentation for encrypted shard padding 2024-05-03 22:41:38 -04:00
Ryan Heywood e0687434ef
keyfork-shard: display error message on duplicate key fingerprints found 2024-04-24 13:29:32 -04:00
Ryan Heywood 23db50956f
keyfork-shard: improve wording for counting shardholders 2024-04-24 13:13:48 -04:00
Ryan Heywood 94617722a0
keyfork-shard: ignore duplicate certificate entries 2024-04-22 17:06:13 -04:00
Ryan Heywood 6a265ad203
keyfork-mnemonic-util: add MnemonicBase::from_nonstandard_bytes 2024-04-18 23:53:59 -04:00
Ryan Heywood c0b19e2457
keyfork-shard: assert shared secrets are contributory 2024-04-17 15:36:42 -04:00
Ryan Heywood 0fe5301352
keyfork-shard: add in bug messages 2024-04-17 15:25:18 -04:00
Ryan Heywood 08a66e2365
keyfork-shard: base64 encode content instead of base16 2024-04-14 21:19:57 -04:00
Ryan Heywood 6fa434e89c
keyfork-shard: shorten length and pad inside encrypted block 2024-04-14 21:19:56 -04:00
Ryan Heywood 9394500f2f
keyfork-shard: generate nonce using hkdf 2024-04-14 21:19:52 -04:00
Ryan Heywood 194d475d59
keyfork-shard: validate signatures using shard-specific validation requirements 2024-04-10 15:17:30 -04:00
Ryan Heywood 752138bd35
crates: specify registry = distrust 2024-02-22 22:08:50 -05:00
Ryan Heywood 076bc3a1f5
keyfork-mnemonic-util: bump version before publish 2024-02-22 21:46:34 -05:00
Ryan Heywood 472d0288f9
keyfork-bug: initial commit, refactor use of unwrap() and expect() to use keyfork-bug 2024-02-20 20:39:28 -05:00
Ryan Heywood 354eae5a6a
keyfork-shard: first pass of reusable prompthandler 2024-02-20 18:33:54 -05:00
Ryan Heywood 425aa30aa6
keyfork-shard: remove old code! 2024-02-19 05:49:43 -05:00
Ryan Heywood 6a3018e5e8
keyfork-shard: bump after mnemonic refactor 2024-02-19 05:41:37 -05:00
Ryan Heywood d51ee36ace
keyfork-shard: fixup usage of smex 2024-02-19 05:40:43 -05:00
Ryan Heywood b75d45876a
keyfork-shard: refactor key discovery mechanisms 2024-02-19 05:36:27 -05:00
Ryan Heywood 2541d49fb8
keyfork-shard: add shard_and_encrypt 2024-02-19 05:36:26 -05:00
Ryan Heywood 3b5c1340db
keyfork-shard: add new methods to trait to support split() 2024-02-19 05:36:24 -05:00
Ryan Heywood 3c1d8e9784
cleanup use of keyfork-shard deprecated functions 2024-02-19 05:36:20 -05:00
Ryan Heywood 6093cf9be4
keyfork-shard: traitify functionality 2024-02-19 05:35:01 -05:00
Ryan Heywood dfcf4b1740
keyfork-mnemonic-util: reduce amount of generics for validated functions 2024-02-19 05:32:24 -05:00
Ryan Heywood 44d8cf2098
keyfork-mnemonic-util: major refactor of Mnemonic type, remove cloned Wordlist 2024-02-19 05:20:33 -05:00
Ryan Heywood d481c7e164
keyfork-mnemonic-util: deprecate from{_raw,}_bytes 2024-02-18 18:14:50 -05:00
Ryan Heywood 9cb953414f
tests, examples: make clippy happy 2024-02-18 17:59:23 -05:00
Ryan Heywood 278e5c84fd
crates: make Cargo.toml not include defaulted bin deps across crates 2024-02-12 03:09:35 -05:00
Ryan Heywood 053902bf43
keyfork-derive-util: make variable-length seeds opt-in 2024-02-12 00:30:28 -05:00
Ryan Heywood 4354be4304
keyfork-derive-util: add arbitrary length seeds, remove length-based errors 2024-02-11 20:35:26 -05:00
Ryan Heywood 8108f5e61a
keyfork-derive-util, keyforkd-client: support fearless conversions 2024-02-11 20:20:56 -05:00
Ryan Heywood 086e56bef0
keyfork-derive-util: minor refactor, tidy up publicness of modules 2024-02-11 01:04:13 -05:00
Ryan Heywood 1879a250c8
keyfork-shard: add instructions for sending QR code to operators 2024-02-05 20:29:43 -05:00
Ryan Heywood b3a05277e8
keyfork-shard: increase QR code read timeout from 30 to 60 seconds 2024-02-04 17:51:38 -05:00
Ryan Heywood 6af5ab663d
keyfork-shard: always use highest level of error correction 2024-02-02 01:23:37 -05:00
Ryan Heywood 019e390b94
keyforkd, keyfork-shard: add README.md 2024-01-20 01:17:56 -05:00
Ryan Heywood 2e3c387ae1
docs: better info about writing types containing data 2024-01-18 23:50:23 -05:00
Ryan Heywood 701f5ca4e9
all crates: add documentation 2024-01-15 21:44:48 -05:00
Ryan Heywood e8f327079b
reorganize crates 2024-01-15 00:12:34 -05:00