Skip to content

Commit

Permalink
Multiple improvements in tird.py:
Browse files Browse the repository at this point in the history 
- New cryptoblob structure:
```
                     512B          0+B
                 +----------+---------------+
                 | comments | file contents |
                 +----------+---------------+
  16B     0+B    |        plaintext         | 64B     0+B     16B
+------+---------+--------------------------+-----+---------+------+
| salt | padding |        ciphertext        | MAC | padding | salt |
+------+---------+--------------------------+-----+---------+------+
|  urandom data  |      random-looking data       |  urandom data  |
+----------------+--------------------------------+----------------+
```
- Use new cipher: ChaCha20-IETF instead of SHAKE256-based cipher.
- Use a new KDF: `Argon2` instead of `scrypt` and `catpig`.
- Rename: `mode` to `action`, `hide` to `embed`, `unhide` to `extract`.
- Compare MAC tags in costant time using `hmac.compare_digest()`.
- Do not encrypt MAC tags.
- Forbid unknown CLI options.
- Do not convert specified file paths (input, output, keyfiles) to realpath before opening fd.
- Other minor improvements.
  • Loading branch information
@hakavlad
hakavlad committed Jan 14, 2024
1 parent 58090ff commit bc7bcc5
Showing 1 changed file with 1,226 additions and 1,370 deletions.
Loading

0 comments on commit bc7bcc5

Please sign in to comment.