-
Notifications
You must be signed in to change notification settings - Fork 85
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Verify if the key is correct and check the hmac of the payload #45
Comments
Thanks! That would be nice. FYI, key verification has been implemented for some encryption method, e.g.,
I think key verification may be skipped by default but can be enforced in the strict mode or the like (or otherwise, enabled by default and skipped with the force option.) |
Thanks for letting me know! I did not notice it. I only searched the code of agile crypto and found nothing. It looks they are quite similar. (Update: the idea is similar, but of course the implementation differs) My intuition is we check the password and verify the integrity by default. Meantime, we allow the decryption to proceed even if the check fails, which is also the default. I will think about it later. |
I found this repo after I made my own ad-hoc implementation. The code here is well-structured. However, it seems you do not check if the key supplied by the user is correct before decrypting the file. Also, the hmac of the encrypted payload is not verified.
I have implemented them according to the spec. When I have some time, I will submit a pull request with these two features added.
As for Agile, one can verify if the key is correct using "encryptedVerifierHashInput" and "encryptedVerifierHashValue". And verify the hmac of the payload using "encryptedHmacKey" and "encryptedHmacValue". I did not check other cryptos supported by this repo.
The text was updated successfully, but these errors were encountered: