Skip to content
Commits on Jan 10, 2011
  1. Skeleton for the coming passwords functionality.

    Chris Drost committed Jan 10, 2011
  2. This __init__ file now provides shortcut definitions.

    For example, instead of adso.core.adso(stuff) we have adso.adso(stuff).
    Chris Drost committed Jan 10, 2011
  3. Gearing towards a text-based GUI for passwords.

    This commit contributes a bunch of new ideas, some of which were months old and
    not committed. In particular, there is now a method to create a system of dicts
    which are traversible by POSIX-style paths, a couple of methods to detect the
    local console width and format the output of a directory listing appropriately,
    and a file for creating a generic sh-style read-eval-print loop with high-level
    commands. (Although it at this stage lacks variables of any sort and any sort
    of expression chaining.)
    Chris Drost committed Jan 10, 2011
Commits on Sep 16, 2010
  1. For some reason not all of the changes to __init__.py are shown as ha…

    …ving gone through :<
    Chris Drost committed Sep 16, 2010
  2. Added new version of the README.

    Chris Drost committed Sep 16, 2010
  3. adso 1.0.0: added license, threefish, macs, and interface.

    License: adso is now GPL-licensed, in keeping with the fact that it uses the
    PySkein library. I am not exactly happy about this, but I'm willing to accept it
    for the sake of niceties.
    
    Threefish: adso uses Threefish512 as a block cipher. It uses a "tweak-counter"
    mode, where the tweak parameter is just set to 0, 1, 2, ... for each subsequent
    block. Rather than using the nonce to feed the tweak, I've decided that the
    nonce should be used as a salt in a key-derivation function provided by Skein,
    so that the 512-bit key of Threefish512 is composed by hashing together a
    password and a 256-bit nonce.
    
    Padding: adso used to just try to read its input, to see whether it could be
    parsed as JSON. For very short JSON like `[]` or `true`, this might lead to a
    difficult situation in the stream-cipher mode, where a random decryption might,
    with 2^-16 probability or so, appear as {} instead, and thus offer a successful
    decryption with an incorrect password. Notice that this applies even if you
    have a MAC, as you might /happen/ to decode it to its proper value. A padding
    string of between 0 and 500 characters has been added, so that the smallest
    encryptable string is now:
    
        {"padding": "", "data": []}
    
    This reduces the probability to something more like 2^-216 or so, in the 1/500
    cases where the message is as short as it could possibly be. Also, the variable
    length of the padding reduces information given in the stream-cipher mode when
    revision-tracked.
    
    MACs: As part of the above, I decided that it was probably proper to tell adso
    to compute a message authentication code on the decrypted contents before
    processing it, just to make absolutely sure I had guarded against forseeable
    problems.
    
    Interface: the core 'supported' and 'encryptors' functionality has been moved
    into a "ciphers" file in case it is later expanded; the adso-specific functions
    are still in __init__.py, and have had a couple name-changes etc.
    Chris Drost committed Sep 16, 2010
Commits on Aug 11, 2010
  1. code, version 0

    Chris Drost committed Aug 11, 2010
Commits on Aug 6, 2010
  1. Readme.

    Chris Drost committed Aug 6, 2010
Something went wrong with that request. Please try again.