Erik de Castro Lopo wrote:
The aim was to be secure enough that if I loose my laptop the file can't
be decrypted without a a large bunch of smarts and CPU grunt.
I think I need to re-evaluate what I'm doing.
Have a look at passwordsafe - as you noted below. They've made a
reasonable attempt to seperate out the core functions, and describe
their data format in the corelib dir. They also get around the editor
problem neatly by simplifying the input - generally you'll only want to
input a domain, username, password and some notes - so they just present
those fields to the user in a gui. I suspect they solve the
serialisation problem by using blowfish as a block cipher, but I'll be
the first to admit that I don't know enough about the crypto (yet :)) as
to whether that really is the case/solves the problem.
[..]
Anyone now of a nice lib for symmetrix crypto? I know gpg does symmetric
as well as PK, but libgpgme does not expose that.
OpenSSL's libcrypto. Can't say I've had opportunity to use it, but it
looked ok last I checked (and lots of people use it). Various bindings
are around, I gather.
Cheers,
Matt
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
