enchive | Encrypted personal archives | Encryption library

by skeeto C Version: 3.5 License: Unlicense

X-Ray Key Features Code Snippets Community Discussions(1)Vulnerabilities Install Support

kandi X-RAY | enchive Summary

enchive is a C library typically used in Security, Encryption applications. enchive has no bugs, it has no vulnerabilities, it has a Permissive License and it has low support. You can download it from GitHub.

Enchive is a tool to encrypt files to yourself for long-term archival. It's a focused, simple alternative to more complex solutions such as GnuPG or encrypted filesystems. Enchive has no external dependencies and is trivial to build for local use. Portability is emphasized over performance. Supported platforms: Linux, BSD, macOS, Windows. The name is a portmanteau of "encrypt" and "archive," pronounced en'kīv. Files are secured with ChaCha20, Curve25519, and HMAC-SHA256.

Support

Quality

Security

License

Reuse

Support

enchive has a low active ecosystem.

It has 585 star(s) with 47 fork(s). There are 26 watchers for this library.

It had no major release in the last 12 months.

There are 5 open issues and 15 have been closed. On average issues are closed in 69 days. There are no pull requests.

It has a neutral sentiment in the developer community.

The latest version of enchive is 3.5

Quality

enchive has no bugs reported.

Security

enchive has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

License

enchive is licensed under the Unlicense License. This license is Permissive.

Permissive licenses have the least restrictions, and you can use them in most projects.

Reuse

enchive releases are available to install and integrate.

Installation instructions, examples and code snippets are available.

Top functions reviewed by kandi - BETA

kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of enchive

Get all kandi verified functions for this library.

enchive Key Features

No Key Features are available at this moment for enchive.

enchive Examples and Code Snippets

No Code Snippets are available at this moment for enchive.

Community Discussions

Trending Discussions on enchive

CryptGenRandom returns none uniform result

QUESTION

CryptGenRandom returns none uniform result

Asked 2018-Jun-21 at 02:23

On windows, I am using CryptGenRandom API in C (I thought it would be equivalent to /dev/random or /dev/urandom on Linux). To confirm it, I made random files using these with CryptGenRandom on Windows and read from /dev/urandom on Linux, and analyze the result using ent.

The code sample I used to generate the random file using CryptGenRandom (originally from here):

...

ANSWER

Answered 2018-Jun-21 at 02:23

FILE *tfile = fopen("random_file", "w");

You are opening the file in text mode, and you write each character about 4000 times each. Including the '\r' and '\n' characters.

Each time you write '\n', the program inserts an extra '\r', so there are about 8000 '\r' characters whose ASCII value is 13

In Windows, you should open the file in binary mode fopen("random_file", "wb") for non-text files.

Source https://stackoverflow.com/questions/50959262

Community Discussions, Code Snippets contain sources that include Stack Exchange Network

Vulnerabilities

No vulnerabilities reported

Install enchive

Clone this repository, then:. This will install both the compiled binary and manual page under PREFIX. For staged installs, DESTDIR is also supported. The binary doesn't have any external dependencies and doesn't actually need to be installed before use.

Support

This tool will never achieve critical mass, so what's the point?. Enchive doesn't need to interact with any other systems or people, so there's no need for critical mass, nor that there are any other users. Why can't you use an existing/established tool instead?. I'm not aware of any tool that does everything Enchive does. GnuPG comes close, but doesn't support deriving a key pair from a passphrase. If you're aware of an equal or better tool, please let me know. Isn't it dangerous to derive a key pair from a passphrase?. It is when it's done incorrectly. However, Enchive uses a memory-hard key derivation scheme that makes cracking passphrases very expensive — prohibitively so for any decent passphrase. This is because anyone who has access to even a single encrypted file can mount an offline attack. Deriving asymmetric keys from a passphrase is a standard practice in the Bitcoin world: brainwallets. The caveat is that the passphrase must be sufficiently long, preferably chosen by a computer or with dice. When generating a master key, Enchive's default configuration is extremely paranoid. It would be far cheaper to break into your home and perform an evil maid attack than it would be to crack even a short passphrase. This is not the weak point. Shouldn't the initialization vector (IV) be generated randomly?. The purpose of an IV is to allow the same key to be safely used multiple times. This is particularly important when the same key is derived on different occasions by Diffie-Hellman between the same key pair. Enchive generates a random ephemeral key pair each time a file is encrypted, so the IV is unnecessary. Since ChaCha20 requires an IV regardless, Enchive simply uses the hash of the key. This has the additional effect of allowing the client to verify its symmetric key before beginning decryption. Otherwise a wrong key would only be detected by the MAC after decryption has completed. I'm getting the error "Value too large for defined data type.".

Find more information at: