Simple encryption software - Security & Cryptography
z3bra
This sectstore + factotum looks pretty interesting. It seems a bit more "complex" though in the sense that it would handle authentication of users on behalf of other programs, like kerberos would do. It happens to provide a file encryption/vault mechanism on top of it.

I'll read it up and try to steal some ideas here and there, most likely for the agent part of my program :)

Thanks for sharing!
Halfwit
Definitely! I use it frequently, both on plan9 proper and via plan9port on Unix; it's quite nice, and when it's integrated well into other things it's near perfect. (The secret store could be handled in a more paranoid manner, and you could impose 2fa; but this was written quite a while ago)
z3bra
It could be interesting for you to depict your current workflow with plan9 (what you use it for, why, how, ...) in a dedicated thread.
The more I work on re-implementing simple software (password manager, backup servers, ...), I end up looking at how plan9 does it the "good way" and I'm thinking more and more to setup a full plan9 server for my needs.
Halfwit
The factotum and secstore pair isn't without it's imperfections. Mostly due to age of it, the paranoia of the crypto isn't quite where you'd want it to be; though 9front (A plan9 fork) has done work on this front and brought the crypto to par.
Halfwit
Yeah I'd like that, I'll work on that over a few days' time here.
z3bra
I finally released something!
The software is now usable (even though it need polishing), and you can read about it here: http://z3bra.org/safe

The repository is here: http://git.z3bra.org/safe

Tell me what you think of it ☺
tudurom
This is super super cool!

I don't need all of this PGP bloat for keeping passwords. Public-private pairs are OK for bidirectional communication IMO. They're just a hassle for a password manager.
Also the agent is very fine.

I think I am going to transition to it. It would be cool if there was some Android client for it, for my phone.

Cheers!
tudurom
As for the auditing part, here is what the clang static analyzer reported

Command line:
Code:
scan-build -enable-checker security make

[Image: lfNw6C0.png]
z3bra
I got your patch! Thanks for that. I’ll review it and report back ;)
For android, I cannot do anything as I never programmed for it… But I have a workaround if you have an online server, so you can use ssh to retrieve your passwords over internet!

I still have to set this up someday, and I'll write a post about it.




Members  |  Stats  |  Night Mode