wonderwall

github/wonderwall

Fork 0

mirror of https://github.com/nais/wonderwall.git synced 2026-05-20 07:12:48 +00:00

Commit Graph

Author	SHA1	Message	Date
Trong Huu Nguyen	0537c8172f	feat(session): use tickets for per-session data encryption Replace the usage of a single application-wide session crypter with per-session crypters. The application is no longer able to decrypt any session encrypted with its symmetric key alone. Instead, a session ticket with its associated data encryption key (DEK) is also required in order to decrypt the associated session data. The ticket itself is encrypted with the application's crypter; the latter of which is effectively a key-encryption key (KEK). Fixes #49.	2023-02-14 21:50:19 +01:00
Trong Huu Nguyen	61a7a8f161	refactor: clean up errors and reverseproxy logging	2023-02-10 14:57:53 +01:00
Trong Huu Nguyen	f51fe97b23	refactor(handler): flatten handler modules	2023-02-10 14:57:48 +01:00

Author

SHA1

Message

Date

Trong Huu Nguyen

0537c8172f

feat(session): use tickets for per-session data encryption

Replace the usage of a single application-wide session crypter
with per-session crypters.

The application is no longer able to decrypt any session
encrypted with its symmetric key alone. Instead, a session ticket
with its associated data encryption key (DEK) is also required in order
to decrypt the associated session data. The ticket itself is
encrypted with the application's crypter; the latter of which is
effectively a key-encryption key (KEK).

Fixes #49.

2023-02-14 21:50:19 +01:00

Trong Huu Nguyen

61a7a8f161

refactor: clean up errors and reverseproxy logging

2023-02-10 14:57:53 +01:00

Trong Huu Nguyen

f51fe97b23

refactor(handler): flatten handler modules

2023-02-10 14:57:48 +01:00

3 Commits