Vault - key management core of Passlock.
-
Master Keycan be of arbitrary length - Designed with
Migrationin mind -
Recovery Keyby design - Different
Serializationtypes
pod 'Crypto', :git => 'https://github.com/passlock/Crypto.git'
pod 'Vault1', :git => 'https://github.com/passlock/Vault.git'let password: String = ...
let databaseEncryptionKey: Bytes = ...
let created = Vault1.create(password: password, master: databaseEncryptionKey, serializer: ProtobufSerializer.self)let openedWithPassword = try Vault1.open(password: password, serialized: created.serialized, serializer: ProtobufSerializer.self)
let openedWithIntermediate = try Vault1.open(intermediate: created.vault.intermediate, serialized: created.serialized, serializer: ProtobufSerializer.self)let changedWithPassword = try Vault1.change(old: password, new: "newPassword", serialized: created.serialized, serializer: ProtobufSerializer.self)
let changedWithIntermediate = try Vault1.change(intermediate: created.vault.intermediate, new: "newPassword", serialized: created.serialized, serializer: ProtobufSerializer.self)Master Key - is an arbitrary length piece of Data, note that depending on your case it may be needed to pad that data.
Designed with Migration in mind, current branch is Vault1 intentionaly as for now it use 20 CPU, and 32MB of RAM. The idea is, if we need to modify CPU or RAM, we'll create another branch with this parameters.
Intermediate Key is used as a Spare Key, you are responsable to keep it safe. The idea is to not share with someone else your Master Password but some random characters. If you don't want to use Recovery Key you can safely ignore it.
-
Protobuf, default -
JSON - Support custom serialization
If you believe you have identified a security vulnerability with Vault, please report it as soon as possible via email to security@passlock.io and don't post it to a public issue tracker.