Closed KJLJon closed 6 years ago
Nice! There are a couple of changes I'd like to see, though, that touch a lot of those pieces.
Vault
API and allows CyptoKey
to just generate a random salt for each encrypted item. My understanding is that there's no security advantage to keeping the salt secret.I'm working on storing the salt inside the vault. I am hoping to have this fixed before the weekend :)
Wouldn't it be easier to just add the salt to the output of lock()?
@starekrow great recommendation. I think I was thinking about it too hard.
Your recommendation cleans it up a lot, and is much easier to implement :smile:
Anyways, I have added another commit to this PR, and changed it to use the salt in lock() and unlock()
i think #31 should be implemented with the key version bump and before the tagged 1.0.0 version
The PR looks good, with one nitpick: getNumericVerison
is a typo.
typo fixed.
and yea I even knew that the key version was independent of Secret, idk what I was thinking when I commented :smile:
Issue #5 and #11