authelia

Commit Graph

Author	SHA1	Message	Date
James Elliott	255aaeb2ad	feat(storage): encrypt u2f key (#2664 ) Adds encryption to the U2F public keys. While the public keys cannot be used to authenticate, only to validate someone is authenticated, if a rogue operator changed these in the database they may be able to bypass 2FA. This prevents that.	2021-12-03 11:04:11 +11:00
James Elliott	347bd1be77	feat(storage): encrypted secret values (#2588 ) This adds an AES-GCM 256bit encryption layer for storage for sensitive items. This is only TOTP secrets for the time being but this may be expanded later. This will require a configuration change as per https://www.authelia.com/docs/configuration/migration.html#4330. Closes #682	2021-11-25 12:56:58 +11:00

Author

SHA1

Message

Date

James Elliott

255aaeb2ad

feat(storage): encrypt u2f key (#2664 )

Adds encryption to the U2F public keys. While the public keys cannot be used to authenticate, only to validate someone is authenticated, if a rogue operator changed these in the database they may be able to bypass 2FA. This prevents that.

2021-12-03 11:04:11 +11:00

James Elliott

347bd1be77

feat(storage): encrypted secret values (#2588 )

This adds an AES-GCM 256bit encryption layer for storage for sensitive items. This is only TOTP secrets for the time being but this may be expanded later. This will require a configuration change as per https://www.authelia.com/docs/configuration/migration.html#4330.

Closes #682

2021-11-25 12:56:58 +11:00

2 Commits (09fbffa3ac7061df045f7eaa61373f5736041c45)