Commit graph

6 commits

Author SHA1 Message Date
Sudhi Herle
42bbe5ddeb Refactored the core signing & encryption library, teach sigtool to use safe I/O.
* Added new SafeFile (io.WriteCloser) class + methods to atomically write a file.
* Teach core lib to use SafeFile for all file I/O
* Teach sigtool to use SafeFile for all file I/O
* Cleaned up the public interfaces of sign/ to be more coherent:
   - with uniform APIs for marshaling, unmarshaling, serialization.
   - removed KeyPair class/interface and stick to PrivateKey as the primary
     interface.
* collected common rand utility functions into rand.go
* Teach sigtool to NOT overwrite existing output files (keys, signatures etc.)
* Teach sigtool to use a new --overwrite option for every command that creates
  files (generate, sign, encrypt, decrypt)
* encrypt/decrypt will try to use the input file mode/perm where possible
  (unless input is stdin).
* Added more tests
2022-04-29 21:36:39 +05:30
Sudhi Herle
445c13ca6f Closes #5 and #6
- removed spurious check in decrypt() against blocksize
- added additional tests for small sized blocks and inputs smaller than
  the blocksize.
- updated README to capture dependencies (protobuf tools)
2022-04-27 08:54:44 +05:30
Sudhi Herle
00542dec02 Major breaking changes: Reworked file encryption scheme
* all encryption now uses ephmeral curve25519 keys
* sender can identify themselves by providing a signing key
* sign/verify now uses a string prefix for calculating checksum of the
  incoming message + known prefix [prevents us from verifying unknown
  blobs]
* encrypt/decrypt key is now expanded with a known prefix _and_ the
  header checksum
* protobuf definition changed to include an encrypted sender
  identification blob (sender public key)
* moved protobuf files into an internal/pb directory
* general code rearrangement to make it easy to find files
* added extra validation for reading all keys
* bumped version to 1.0.0
2020-03-20 17:40:52 -07:00
Sudhi Herle
1cd3a94180 Added new io.Reader and io.WriteCloser interface to Decryption and Encryption respectively.
* added test case for streaming read/write
* bumped version#
2020-02-14 18:47:25 -08:00
Sudhi Herle
8ed3bff6db Cleaned up chunk header encoding during encrypt/decrypt.
* encrypted chunk header now encodes _only_ plain text length
* the AEAD tag length is implicitly added when reading/writing
* added better sanity checks for short blocks during decrypt
* io.ReadAtLeast() reports ErrUnexpectedEOF for less than a full chunk;
  use this signal correctly
* major version bump to denote header incompatibility
2020-01-29 16:47:14 +05:30
Sudhi Herle
f32525a864 THIS IS A BREAKING CHANGE! Private Keys generated by previous versions won't work with this version.
* Refactored the private key protection to use standard AEAD
  construction.
* Fix sanity check of decrypted block length to stay within verified
  bounds
* Cleanup test harness to split into utility file (assert()); cleaned up
  names of test functions.
* Fixed scrypt params to not take too long (N=2^19)
* Updated README with these changes
2020-01-08 09:17:54 -08:00
Renamed from sign/crypt_test.go (Browse further)