Skip to content

SimpleCrypt v1.3.0

Latest
Latest
Compare
Choose a tag to compare
@alessgorgo alessgorgo released this 19 Aug 18:02
· 6 commits to SimpleCrypt-log since this release
SimpleCrypt-v1.3.0
ff1c65a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Summary
SimpleCrypt v1.3.0 represents a complete transformation from a non-functional prototype to a production-ready file and directory encryption application, implementing robust security with PBKDF2 key derivation, comprehensive error handling, and user-friendly progress feedback across all operations.

New Features

  • Password-Based Key Derivation: Implemented PBKDF2 with SHA-256 (100,000 iterations) for secure key generation from user passwords, replacing insecure random key generation
  • Directory Operations: Added recursive encryption/decryption capabilities for entire directories with comprehensive file scanning and progress tracking
  • Progress Feedback System: Real-time progress indicators with emoji-enhanced status updates and completion summaries for large operations
  • Comprehensive Test Suite: Created 5 integration tests covering single file operations, directory processing, password validation, and help functionality

Improvements

  • Error Handling: Implemented detailed error messages with contextual guidance for common failure scenarios including permission issues, file corruption, and authentication failures
  • Memory Security: Enhanced security by implementing secure memory wiping using fill(0) to clear sensitive data (keys, salts, IVs) from memory after operations
  • Documentation: Created comprehensive README.md covering installation, usage, security best practices, troubleshooting, and advanced scripting examples
  • User Experience: Added command-line argument validation, password strength requirements, and intuitive progress indicators

Bug Fixes

  • Decryption Logic Mismatch: Fixed critical incompatibility where encryption output JSON format but decryption expected raw base64 data
  • Iterator Usage Errors: Corrected improper fs::read_dir() iteration patterns causing compilation failures
  • Missing Dependencies: Resolved zeroize dependency conflicts by replacing with standard memory clearing techniques
  • Password Validation: Added proper empty password validation to prevent insecure operations

Known Issues

  • AES-256-GCM Implementation: Currently using AES-256-CBC; GCM mode implementation planned for future releases to provide authenticated encryption
  • Memory Usage: Large files are loaded entirely into memory, which may impact performance with very large files (>1GB)
  • Cross-Platform Testing: Comprehensive testing primarily performed on macOS; additional platform validation recommended

License
MIT License - See full terms in LICENSE file. Software provided "as is" without warranty. Users responsible for maintaining secure password practices and regular backups.

Assets 2
Loading
0 Join discussion