1 unstable release
0.1.0 | Aug 31, 2024 |
---|
#2465 in Cryptography
210KB
3.5K
SLoC
Sequoia's keystore server.
This program is a simple wrapper around the sequoia-keystore
library, which runs as a server. Normally programs like sq
will
automatically start servers on demand (by default they look for the
executables in /usr/local/lib/sequoia
). This crate's binary,
sequoia-keystore
, should be installed in /usr/local/lib/sequoia
so
that sq
and other programs can find it.
Servers can also be started explicitly by just running the binary.
If the server can't be started, the server is also usually embedded in the programs, and an in-process server is used instead. The in-process server has several disadvantages, though:
-
Secret key material is in the same process, which makes the program more vulnerable to Heartbleed-style attacks.
-
It may be harder to use resources like smart cards from multiple process.
-
Passwords will only be cached locally.
In some cases, the in-process server is preferable, like early in the boot process when starting processes is hard, or the file system is not completely setup.
Dependencies
~24–43MB
~541K SLoC