Bob Wall

Need more regression tests with fixed inputs to verify expected outputs

1

Should have more tests that run hard-coded values through the recrypt algorithms to verify that the expected outputs are produced. For example: - For a fixed RNG (all zeroes, all...

If a user has access to a file that is encrypted to a group that they are not a part of via `ironhide file:info file.iron` Then they get an error...

Add flag to login to generate non-persisted keys

3

Use Case: you are generating keys to put on a machine where you can't log in and run a web browser to do the auth0 flow. Instead, run `ironhide` on...

Update version of adm-zip

1

Scans show that there is a vulnerability in the adm-zip component: A high severity vulnerability in adm-zip (versions < 0.4.11) suggested update: adm-zip ~> 0.4.11 Should be defined in `package-lock.json`....

Vulnerability scans in GitHub report this: A high severity vulnerability in parsejson (versions

Implement ironscp

1

Create iron version of scp - same end-to-end encryption, command line args for list of recipients

Currently, the user must have an RSA key in SSH in order to generate the ironssh keys. We should support non-RSA keys as the signing key when creating a new...

When we generate the signature packet for the subkey packet that contains the cv25519 subkey, we currently include the same set of sub packets that we put in the signature...

Little cmdline util to generate the passphrase for the user's IronCore GPG keys. Requires access to the user's private SSH key (via ssh-agent or re-entering the passphrase).