ericonr
/
get-otp
mirror of https://github.com/ericonr/get-otp.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
19 Commits 1 Branch 0 Tags 51 KiB
Commit Graph

11 Commits

Author SHA1 Message Date
Érico Nogueira 19e26d42a9 Add comment to cbc-file about IV length. 2021-11-15 23:14:48 -03:00
Érico Nogueira cf9b0f6a7c Add missing newline to usage message. 2021-11-07 23:58:09 -03:00
Érico Nogueira 5c237bf3d6 Use costant time memcmp. 
Not strictly necessary for our threat model, since we won't be
continuously trying to decrypt an attacker's files, which means a timing
attack shouldn't be possible. It's still overall more correct.

Constant time implementation borrowed from [1], but most constant time
memcmp implementations I've seen used similar techniques.

[1] https://github.com/veorq/cryptocoding#compare-secret-strings-in-constant-time
 2021-11-07 23:46:49 -03:00
Érico Nogueira 9592de802c Always restore termios in cbc-file. 2021-10-24 23:12:27 -03:00
Érico Rolim afd45ea983 Disable echo in cbc-file for password input. 2021-01-12 12:00:44 -03:00
Érico Rolim ca118c2b0d Remove WIP comment from cbc-file. 2020-12-04 18:24:44 -03:00
Érico Rolim 2075f4b4d2 Add fread checking and fix order of parameters. 
Not a problem on little endian machines, potentially a problem on big
endian ones.

Thanks Riastradh from freenode.##crypto.
 2020-10-09 01:05:16 -03:00
Érico Rolim 2f1a62265c Use argon2id for key derivation. 2020-10-09 00:10:17 -03:00
Érico Rolim 731195cd5d Move to ChaCha20+Poly1305 for encryption. 2020-10-08 23:50:06 -03:00
Érico Rolim 13a596b7ea Initial fix-ups. 
- Switch to tab indentation.
- Add error handling to script.
 2020-10-08 18:23:07 -03:00
Érico Rolim 54aeb505e5 Initial commit. 2020-10-08 18:14:27 -03:00