Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix warning and improve encrypt #60

Closed
wants to merge 7 commits into from
Closed

fix warning and improve encrypt #60

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
3d8ade7
use idea as IDE, plugin bash support is really great
davidricardo1026 May 13, 2019
c8d6f47
default password length is 32 ,as 2 power 5
davidricardo1026 May 13, 2019
88806f0
use sha-1 instead of md5
davidricardo1026 May 13, 2019
6726b12
Specify the iteration count 128 and force use of PBKDF2
davidricardo1026 May 13, 2019
73bc43f
typo for sha-1,it should be sha1
davidricardo1026 May 13, 2019
ca85cb8
1. 128 line length limit
davidricardo1026 May 13, 2019
ffb2412
1. get the last 16 hex digits
davidricardo1026 May 13, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
.idea/**

transcrypt.iml
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These types of ignore patterns that aren't really project-specific should more naturally fall under your global user ~/.gitignore file:

git config --global core.excludesfile '~/.gitignore'

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for taking your time,this project was really simple and great,I will remember to exclude the project-specific file

12 changes: 7 additions & 5 deletions transcrypt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -193,7 +193,7 @@ get_password() {
# generate a random password if the user answered yes;
# otherwise prompt the user for a password
if [[ $answer =~ $YES_REGEX ]] || [[ ! $answer ]]; then
local password_length=30
local password_length=32
local random_base64=$(openssl rand -base64 $password_length)
password=$random_base64
else
Expand Down Expand Up @@ -292,8 +292,8 @@ save_helper_scripts() {
else
cipher=$(git config --get --local transcrypt.cipher)
password=$(git config --get --local transcrypt.password)
salt=$(openssl dgst -hmac "${filename}:${password}" -sha256 "$filename" | tail -c 16)
ENC_PASS=$password openssl enc -$cipher -md MD5 -pass env:ENC_PASS -e -a -S "$salt" -in "$tempfile"
salt=$(openssl dgst -hmac "${filename}:${password}" -sha256 "$filename" | tail -c 17)
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I went ahead and merged in #57 to fix the issue in #56 in a cross-platform manner, so this change can be reverted if you merge in the latest from the master branch.

ENC_PASS=$password openssl enc -$cipher -iter 128 -md sha1 -pass env:ENC_PASS -e -a -S "$salt" -in "$tempfile"
fi
fi
EOF
Expand All @@ -304,7 +304,8 @@ save_helper_scripts() {
trap 'rm -f "$tempfile"' EXIT
cipher=$(git config --get --local transcrypt.cipher)
password=$(git config --get --local transcrypt.password)
tee "$tempfile" | ENC_PASS=$password openssl enc -$cipher -md MD5 -pass env:ENC_PASS -d -a 2> /dev/null || cat "$tempfile"
tee "$tempfile" | ENC_PASS=$password openssl enc -$cipher -iter 128 -md sha1 -pass env:ENC_PASS -d -a 2> /dev/null ||
cat "$tempfile"
EOF

cat <<-'EOF' > "${GIT_DIR}/crypt/textconv"
Expand All @@ -314,7 +315,8 @@ save_helper_scripts() {
if [[ -s $filename ]]; then
cipher=$(git config --get --local transcrypt.cipher)
password=$(git config --get --local transcrypt.password)
ENC_PASS=$password openssl enc -$cipher -md MD5 -pass env:ENC_PASS -d -a -in "$filename" 2> /dev/null || cat "$filename"
ENC_PASS=$password openssl enc -$cipher -iter 128-md sha1 -pass env:ENC_PASS -d -a -in "$filename" 2> /dev/null ||
cat "$filename"
fi
EOF

Expand Down