diff options
Diffstat (limited to 'schema.sql')
| -rw-r--r-- | schema.sql | 9 |
1 files changed, 6 insertions, 3 deletions
@@ -84,14 +84,17 @@ CREATE TABLE IF NOT EXISTS global ( -- Numeric minima for PBKDF2 iterations, length of PIN, and -- length of PBKDF2 salt are somewhat arbitrary, and will -- probably change over time (which is why they are minima). - -- Feel free to suggest better minima. + -- Initial testing was with 100000, which takes about 8 seconds + -- on a Novena with the current SHA256 and PBKDF2 + -- implementation, which seems a bit slow, so backed that down + -- a bit. Feel free to suggest better minima. - pbkdf2_iterations INTEGER NOT NULL DEFAULT 100000, + pbkdf2_iterations INTEGER NOT NULL DEFAULT 20000, so_pin BLOB, user_pin BLOB, so_pin_salt, BLOB, user_pin_salt BLOB, - CHECK ((pbkdf2_iterations >= 100000) AND + CHECK ((pbkdf2_iterations >= 10000) AND (so_pin IS NULL OR (typeof(so_pin) = "blob" AND length(so_pin) >= 32)) AND (user_pin IS NULL OR (typeof(user_pin) = "blob" AND length(user_pin) >= 32)) AND (so_pin_salt IS NULL OR (typeof(so_pin_salt) = "blob" AND length(so_pin_salt) >= 16)) AND |