1ChangeLog 2 3v1.11 2018/07/27 4 (2018/07/26) PS1 - portability: check for more C compilers, 5 including clang. 6 (2018/07/26) PS1 - portability: use AC_USE_SYSTEM_EXTENSIONS 7 instead of individual feature test macros. 8 (2018/07/26) PS1 - include config.h before other header files. 9 (2018/07/26) PS1 - intl: updated tools 10 (2018/07/26) PS1 - autoconf: added --with-included-getopt to avoid 11 using the system-wide getopt library (it may still end up being 12 used on GNU systems). 13 (2018/07/26) PS1 - portability: moved getopt.h to a subdirectory, 14 to be included only when needed. 15 (2018/07/25) PS1 - emacs support: compatibility with Emacs 26, 16 reported by Zhang Jun and Duncan Bayne (bug #24). 17 (2017/03/08) PS1 - portability: fixed some pedantic warnings. 18 (2017/02/22) PS1 - emacs support: fixed warnings. 19 (2017/02/22) PS1 - fixed some compiler and configuration warnings. 20 (2016/11/13) PS1 - intl: added Estonian translations, thanks to 21 Estprog. 22 (2016/11/13) PS1 - emacs support: delete password from environment 23 after each use, reported by d8uoba (bug #23). 24 (2016/06/30) PS1 - ccguess: fixed a bug in the --non-printable option, 25 reported by dcb314 (bug #22). 26 (2014/09/07) PS1 - allow "-" as a filename meaning standard input 27 in cat and unixcrypt modes. 28 (2014/03/30) PS1 - man pages: fixed leading blank page with 29 groff -man -Tps, reported by Hugh McDonald. 30 (2012/12/28) PS1 - intl: updated tools 31 32v1.10 2012/10/18 33 (2012/10/16) PS1 - ccguess: tweaked the ordering of guesses 34 (2012/10/16) PS1 - ccguess: added -t option 35 (2012/10/15) PS1 - ccguess: use a 64-bit counter 36 (2012/10/14) PS1 - ccguess: updated exit status 37 (2012/10/14) PS1 - ccguess: added -n option 38 (2012/10/14) PS1 - ccguess: do not turn off character echoing on 39 password entry. 40 (2012/10/14) PS1 - ccguess: allow multiple files to be tested 41 simultaneously. 42 (2012/10/12) PS1 - ccguess: added -c option 43 (2012/10/11) PS1 - removed intltool build dependency 44 (2012/10/11) PS1 - fixed fchown() compiler warning, again 45 (2012/10/10) PS1 - added ccguess program 46 (2012/08/31) PS1 - man page: fixed name and usage of emacs package 47 (2011/05/13) PS1 - autoconf: new CADD variable to add to CFLAGS 48 (2011/01/08) PS1 - more error handling improvements: check output 49 of fflush, crypt 50 (2011/01/07) PS1 - fixed potential buffer overrun in make_nonce() 51 (2011/01/07) PS1 - better separation of i/o errors and other 52 system errors 53 (2011/01/07) PS1 - test suite: added environment variable 54 CHECK_CCRYPT to allow binaries outside the build tree to be tested 55 (2010/12/28) PS1 - emacs support: use existing buffer password 56 when re-reading a file; improved status messages 57 (2010/12/24) PS1 - more handling of unlikely errors 58 (2010/12/23) PS1 - fixed Rijndael reference code compiler warnings 59 (2010/12/23) PS1 - check for i/o errors in stream mode 60 (2010/12/23) PS1 - added frees in error handlers and at top level 61 (2010/12/23) PS1 - fixed fchown() compiler warning 62 (2010/11/10) PS1 - emacs support: fixed mapcar compiler warnings 63 (2010/08/08) PS1 - build a convenience library libccrypt.a 64 (2009/11/16) PS1 - rpm.spec: fix deprecated copyright tag, 65 reported by Johannes Ruscheinski. 66 (2009/09/09) PS1 - portability: made sources C++ compatible. 67 (2009/09/04) PS1 - autoconf: added --disable-emacs option. 68 (2009/09/04) PS1 - portability: fixed $EXEEXT error (bug 69 #2851058). 70 71v1.9 2009/08/28 72 (2009/06/15) PS1 - inlined functions, dropped -O3 compiler flag 73 (2009/06/14) PS1 - portability: fixed syntax in shell scripts 74 (2009/06/12) PS1 - portability: improved setmode() compatibility 75 (2009/06/12) PS1 - portability: work around /tmp bug on EMX-OS/2 76 77v1.8 2009/06/05 78 (2008/09/28) PS1 - autoconf: added test for crypt.h 79 (2008/07/29) PS1 - portability: moved platform-specific code to 80 platform.h and platform.h. 81 (2008/07/26) PS1 - autoconf: check if -lsocket is needed for 82 gethostname(), required by SCO OpenServer (reported by Predrag 83 Blagec). 84 (2008/05/01) PS1 - documentation: don't install html file. 85 (2008/02/07) PS1 - autoconf: renamed configure.in as configure.ac 86 (2008/02/07) PS1 - portability: avoid __argc and __argv 87 (2008/02/07) PS1 - intl: updated tools, disabled XML configuration 88 (2008/02/06) PS1 - if "key" does not match, try "key\r" for 89 backward compatibility with files encrypted under bug #1872759. 90 (2008/02/05) PS1 - ccryptlib: added multiple key capability. 91 (2008/02/04) PS1 - emacs support: better error message if ccrypt 92 command not found (in response to bug #1886118 by Jonathan Swartz) 93 (2008/01/18) PS1 - ccryptlib: invalidate state on error, to guard 94 against applications that fail to check for errors. 95 (2008/01/16) PS1 - recognize "\r\n" as an end-of-line marker for 96 password files and user input, in case automatic text mode 97 conversion fails (bug #1872759). 98 (2007/10/03) PS1 - added <locale.h> to src/main.c 99 (2007/06/11) PS1 - removed translatable strings from ccryptlib.c 100 (2007/06/10) PS1 - autoconf: simplified test for lispdir. 101 (2007/06/10) PS1 - added short option -y for --keyref. 102 (2007/04/08) PS1 - portability: use 'test' instead of '[' in shell 103 scripts. 104 (2007/04/07) PS1 - intl: added French translations. 105 (2007/04/01) PS1 - intl: updated tools 106 (2006/11/29) PS1 - portability: enabled large file support in AIX 107 (reported by Jon Hardt) 108 (2006/08/11) PS1 - emacs support: removed compression functions, 109 renamed emacs package as ps-ccrypt. This can now peacefully 110 coexist with jka-compr. 111 (2006/04/02) PS1 - fixed missing breaks in "switch" statement in 112 traverse.c. 113 (2006/04/02) PS1 - added --keyref option. 114 (2006/04/02) PS1 - intl: made gettext optional in ccryptlib.c 115 (2006/04/02) PS1 - added "unimplemented option" handler 116 (2006/02/04) PS1 - intl: added intl subdirectory. 117 (2006/02/04) PS1 - added "const" keyword to many strings, to 118 emphasize that translated strings can't be modified. 119 (2006/02/04) PS1 - man page: removed reference to MD5 hash 120 function, since it has been broken. 121 (2006/02/03) PS1 - emacs support: fixed bug where password was 122 lost on change of editing mode (reported by Steve Sullivan). 123 (2006/01/17) PS1 - intl: added German translations. 124 (2006/01/17) PS1 - intl: added internationalization support. 125 (2006/01/13) PS1 - fixed bug #1358164: new exit code 9 in case the 126 user did not enter a key, or in case the given keyfile or 127 environment variable could not be read. 128 (2006/01/13) PS1 - include generated file tables.c in distribution 129 (2006/01/13) PS1 - made rijndael.c and maketables.c more 130 architecture independent by fixing word alignment issues 131 (2006/01/13) PS1 - test suite: better quoting in shell scripts to 132 be more robust against spaces in filenames etc. 133 (2006/01/13) PS1 - test suite: respect TEMPDIR environment 134 variable, if set. 135 (2005/10/27) PS1 - updated Makefiles for Bourne shell 136 compatibility on Tru64 (reported by Hoshi Sepai). 137 (2005/10/13) PS1 - test suite: fixed bug where some versions of 138 diff refuse to read /dev/null (reported by Hoshi Sepai). 139 (2005/10/13) PS1 - commented out some dead code from rijndael.c, 140 to reduce compiler warnings. 141 (2005/10/13) PS1 - removed __const keyword from unixcrypt3.c, as 142 it bothered the Tru64 ANSI compiler (reported by Hoshi Sepai). 143 (2005/03/09) PS1 - fixed bug where --keyfile ignored its argument, 144 reported by Stefan Alfredsson. 145 146v1.7 2004/03/28 147 (2004/02/04) PS1 - large file support now works under cygwin due 148 to a newer cygwin version. 149 (2004/02/04) PS1 - configure: added --disable-libcrypt option. 150 (2003/12/12) PS1 - minor changes to wording of warning messages. 151 (2003/10/29) PS1 - as requested by many users, made --timid the 152 default behavior and added new --brave option to turn it off. 153 154v1.6 2003/08/26 155 (2003/08/26) PS1 - fixed potential segfault in 156 traverse.c:file_action, due to buffer freed too early. 157 (2003/08/26) PS1 - improved mktemp replacement in check/missing.sh 158 (2003/08/25) PS1 - removed a blank line in man page for better 159 whatis support 160 161v1.5 2003/08/25 162 (2003/08/25) PS1 - added check/missing.sh to supply missing 163 "mktemp" command on Solaris. 164 (2003/08/25) PS1 - new exit status 8 for non-fatal i/o 165 error. Also, exit status 4 is now also given in file mode, even if 166 processing continues after the failure (thanks to Juergen Klasen 167 for suggesting the change). 168 (2003/08/25) PS1 - emacs support: fixed a bug in 169 jka-compr-ccrypt.el 170 (2003/08/14) PS1 - made non-public procedures static 171 (2003/08/14) PS1 - eliminated exit status 5. 172 (2003/08/14) PS1 - made some minor changes so it will compile 173 under cc on HP-UX. Use char* instead of void* for buffers, 174 eliminate static allocation of non-constant sized arrays. Thanks 175 to Simon Chung for help with the HP-UX port. 176 (2003/08/13) JR1 - emacs support: provide jka-compr existence 177 functions in jka-compr-ccrypt.el, to keep info.el happy. 178 (2003/08/12) PS1 - CFLAGS are now set in ./configure and can be 179 overridden - not that I recommend it. 180 (2003/08/12) PS1 - new --with-lispdir=DIR configuration option 181 (2003/06/16) PS1 - re-enabled --mismatch option which was 182 inadvertently disabled when switching to ccryptlib in v1.3. Also 183 added a test for this to "check" target. 184 (2003/05/31) PS1 - removed unescaped newline characters in string 185 constants to compile under gcc-3.3. 186 (2003/05/30) PS1 - changed scripts in "check" target to be 187 independent of /dev/zero and put temporary files in /tmp. 188 (2003/03/31) PS1 - changed rpm.spec file to be more Mandrake 189 acceptable. Binaries will from now on be installed in /usr/bin, 190 man pages in /usr/share/man. 191 (2003/03/30) PS1 - fixed typo in usage message 192 193v1.4 2003/03/29 194 (2003/03/29) PS1 - added missing mode argument to open(2) calls. 195 (2003/03/29) PS1 - made custom sigint handlers for overwrite and 196 tmpfiles modes. 197 (2003/03/28) PS1 - added --tmpfiles option to use temporary files, 198 rather than in-place update, when overwriting a file 199 (2003/03/28) PS1 - removed a potential race condition for 200 chown/chmod. 201 (2003/03/28) PS1 - fixed unreachable "free" in prompt(). 202 (2003/03/28) PS1 - simplified logic in traverse.c:file_action(), 203 and broke it into several functions. 204 (2003/03/28) PS1 - eliminated perror(); included ccrypt program 205 name in all error messages and warnings (except verbose messages 206 and interactive prompts) 207 (2003/03/28) PS1 - allow unixcrypt mode to decrypt symbolic links, 208 and to use the -m option 209 (2002/12/14) PS1 - added support for large (>2GB) files. 210 (2002/12/14) PS1 - removed unnecessary "include"s from rijndael.c 211 212v1.3 2002/09/26 213 (2002/09/26) PS1 - added check/length-check.sh to the test suite 214 and added some tests to check/ccrypt-check.sh. Fixed bug where 215 some files were truncated on non-matching key. 216 (2002/09/24) PS1 - allow to operate on write-protected files with 217 user's permission, or if -f option is given. 218 (2002/09/24) PS1 - fixed behavior on some errors; don't rename 219 files or symlinks that could not be opened; don't rename hardlinks 220 if encryption/decryption of their inode has failed. 221 (2002/09/24) PS1 - added --strictsuffix option for refusing to 222 encrypt files that already have a .cpt suffix. 223 (2002/09/24) PS1 - added keychange test to check/ccrypt-check.sh. 224 (2002/09/24) PS1 - added command line options -F, -H, -Q for 225 handling the second keyword in keychange mode. 226 (2002/09/24) PS1 - linked ccryptlib into ccrypt sources and 227 abandoned old character-based i/o interface. This speeds up ccrypt 228 by about 20-30% (in file mode), 45-50% (in filter mode), and a 229 breathtaking 85% in unix crypt mode. 230 (2002/09/20) PS1 - started implementing ccryptlib, a buffer-based 231 encryption/decryption library. 232 (2002/08/22) PS1 - fixed bug #598800: result of xreadline 233 unchecked in traverse.c:prompt. 234 (2002/06/24) PS1 - renamed "no error" as "success". 235 (2002/04/09) PS1 - changed RPMs to use symlinks, rather than hard 236 links for ccdecrypt, ccencrypt, ccat. 237 (2002/04/09) PS1 - changed autoconf script to determine 32-bit 238 unsigned integer type at configure time. 239 (2002/04/09) PS1 - changed --timid option to prompt for encryption 240 keys twice even when operating as a filter. 241 (2002/04/09) PS1 - made nonce generation more random by using 242 microseconds, not just seconds, in the seed. 243 244v1.2 2002/01/29 245 (2002/01/28) PS1 - improved autoconf configuration in the case 246 where getopt is present but getopt_long is missing 247 (2002/01/22) PS1 - used profiling to make ccrypt about 55-65% 248 faster by optimizing one critical inner loop. 249 (2001/11/29) PS1 - updated man page to include new exit code 7. 250 (2001/11/29) PS1 - fixed bug #486857 - replace == by = in 251 {src,doc}/Makefile.am 252 253v1.1 2001/11/28 254 (2001/11/28) PS1 - added --timid option to prevent loss of data 255 from accidentally mistyped keys. This option causes ccrypt to 256 prompt twice for an encryption keys that will be used to update a 257 file destructively. If the two entered keys are not equal, ccrypt 258 will not proceed. 259 (2001/11/27) PS1 - added autoconf magic for SunOS, FreeBSD, MacOS, 260 AIX, and CygWin. 261 (2001/11/27) PS1 - added optional replacements for getopt and/or 262 crypt(3) libraries. 263 (2001/11/26) PS1 - added check targets for testing correctness of 264 binary 265 (2001/11/26) PS1 - major reorganization of sources, added 266 automake/autoconf configuration. 267 (2001/11/24) PS1 - ensured that data is treated as binary under 268 cygwin. 269 (2001/11/24) PS1 - changed signal handler for Ctrl-C. 270 (2001/11/24) PS1 - added --unixcrypt mode to simulate old unix 271 style "crypt" program. 272 (2001/11/24) PS1 - changed cat mode to operate as a filter when 0 273 filenames are given. 274 275v1.0 2001/10/30 276 (2001/10/30) PS1 - created web page, created html man page, 277 created RedHat rpms, upped version number to 1.0. First public 278 release. 279 (2001/10/30) PS1 - added signal handler for SIGINT. In overwrite 280 mode, delay exit on SIGINT until after the current file is 281 processed. Immediate exit can be forced by pressing SIGINT twice. 282 (2001/10/27) PS1 - updated man page. 283 (2001/10/27) PS1 - added exit code 5 for file format; this leaves 284 4 for non-matching key, thus enabling emacs mode to re-prompt for 285 the key. 286 (2001/10/27) PS1 - added option --keyfile to read key from a 287 file. "-" is a special case which replaces the old --pipekey 288 option. 289 (2001/10/27) PS1 - emacs support: pass keyword to ccrypt in 290 environment variable, not on command line. Renamed package as 291 jka-compr-ccrypt.el. 292 (2001/10/27) PS1 - changed main.c to erase password from command 293 line or environment (as displayed by "ps") immediately after 294 copying it. 295 (2001/10/26) PS1 - renamed -k option as -p 296 (2001/10/26) PS1 - added -m option to allow decryption with 297 mismatched key 298 (2001/10/26) PS1 - added --license option and kept --version short 299 (2001/10/26) PS1 - cleaned up concept of "modes" - now ccrypt is 300 always in precisely one of -e, -d, -c, -x. In particular, cat mode 301 is always decryption, since it does not make sense to concatenate 302 encrypted data, and a pipeline can be used for a single file. 303 (2001/10/26) PS1 - made a user interface for keychange feature - 304 prompt for keys as appropriate etc. Note that there is currently 305 no way to specify the second key on the command line or in an 306 environment variable, or to specify a prompt for it. 307 (2001/10/26) PS1 - changed implementation of --pipekey option to 308 not read the key immediately, but after some checks. 309 (2001/10/26) PS1 - converted to getopt() 310 (2001/10/26) PS1 - changed cipher mode to Cipher Feedback (CFB) - 311 this has the advantage that corrupted files may still be partially 312 decrypted. Also, CFB is an ANSI standard mode with well-understood 313 properties, which will encourage confidence in the security of the 314 encryption provided. This is an incompatible change; thus, 315 incrementing version number to 0.51 and magic cookie to c051. 316 Note that this mode is identical to that provided by ccrypt0.5, 317 except we omitted the 8-byte checksum at the end of the file. 318 319---------------------------- 320date: 2001/10/27 05:27:31; author: selinger; state: Exp; lines: +98 -285 321* ccrypt0.5, which was committed on 2001/02/13 without adequate log 322message, was a version of ccrypt which used a checksum to suggest file 323integrity. I since decided to discontinue this feature, since it is 324not provably safe and might thus be misleading. 325* the current commit is again called ccrypt0.4, because the file 326format was reverted to format 0.4. All file format changing 327features of 0.5 were reversed. 328* changes relative to ccrypt0.4 as committed on 2000/11/30: 329 * added Makefile as a dependency to some targets in Makefile 330 * changed usage of "unsigned long" to word32 etc 331 * changes to some comments and variable names in ccrypt.c 332 * if in filemode and 0 filenames follow, don't prompt for password 333 * updated todo file 334 * exit immediately on i/o error, rather than continuing with the 335 next file. This does not apply to non-existing files, but to 336 errors on read/write. 337 * added cypfaq01.txt to documentation 338 * added emacs mode for ccrypt 339* changes relative to ccrypt0.5 as committed on 2001/02/13: 340 * undid version number change and magic string change 341 * undid checksumming code 342 * edited comments in emacs mode 343---------------------------- 344date: 2001/02/27 03:46:12; author: selinger; state: Exp; lines: +10 -3 345* added check for empty list of filenames - in this case, print a 346 warning and don't prompt for keyword 347---------------------------- 348date: 2001/02/13 05:49:48; author: selinger; state: Exp; lines: +307 -98 349* across-the-board commit of versions existing on caiaphas 350---------------------------- 351date: 2000/11/30 07:49:16; author: selinger; state: Exp; lines: +172 -55 352Major changes: 353* Command line interface: discontinued --file and --filter options, 354 made semantics of --cat and -- more uniform. 355* Added a --keychange mode (command line interface still experimental). 356* Fixed a bug where file was deleted if wrong key given in overwrite 357 mode. 358---------------------------- 359date: 2000/11/17 02:14:42; author: selinger; state: Exp; lines: +3 -3 360Added LICENSE, modified manpage. Renamed --filemode option as --file. 361---------------------------- 362date: 2000/11/14 20:43:41; author: selinger; state: Exp; lines: +37 -210 363* separated stream/file handling from encryption: object-oriented 364 interface "readwriter" is now in io.c and io.h. 365---------------------------- 366date: 2000/11/06 16:08:06; author: selinger; state: Exp; lines: +13 -14 367* updated to new algorithm which uses a 1-1 state function relative to 368 fixed input or fixed output 369* small update of user interface: now complain if 0 files are given in 370 cat mode, or if >=1 files are given in filter mode 371* small changes to man page and paper 372---------------------------- 373date: 2000/10/04 10:31:38; author: selinger; state: Exp; lines: +10 -10 374* minor update to command line interface. 375* started paper stream.tex 376---------------------------- 377date: 2000/10/03 19:27:17; author: selinger; state: Exp; lines: +50 -25 378Improvements to command line interface and man page. 379---------------------------- 380date: 2000/10/01 14:22:45; author: selinger; state: Exp; lines: +304 -114 381* changed encryption algorithm to use seed 382* canceled keep mode 383* introduced aliases ccencrypt, ccdecrypt, ccat 384* now refuse to write/read encrypted data to/from terminal 385---------------------------- 386date: 2000/05/29 18:50:40; author: selinger; state: Exp; lines: +23 -322 387* Moved all the gory file logic into traverse.c; main.c now concentrates 388 on reading the command line. 389* Changed traverse.c so that directories are read in their entirety 390 before being traversed; there were some problems on Solaris. 391* Changes in defaults for symlinks in cat and keep modes. 392* Updated manpage and other minor changes. 393---------------------------- 394date: 2000/05/29 03:25:00; author: selinger; state: Exp; lines: +2 -2 395Edited man page 396---------------------------- 397date: 2000/05/29 03:13:44; author: selinger; state: Exp; lines: +2 -2 398Updated manpage to reflect new command line interface. 399---------------------------- 400date: 2000/05/29 02:47:07; author: selinger; state: Exp; lines: +15 -1 401New feature: preserve timestamp, modes and ownership whenever possible. 402---------------------------- 403date: 2000/05/29 02:13:16; author: selinger; state: Exp; lines: +247 -130 404Implemented behavior of symbolic links. 405Added proper keep and cat modes. 406cat follows symbolic links by default. 407Added check before overwriting existing files, and --force option. 408---------------------------- 409date: 2000/05/28 16:32:49; author: selinger; state: Exp; lines: +61 -71 410Added command line options for symlinks (functinoality yet unimplemented) 411Added long command line options 412---------------------------- 413date: 2000/05/28 04:21:55; author: selinger; state: Exp; lines: +5 -2 414Added global state for on/off of symbolic links 415---------------------------- 416date: 2000/05/25 17:56:14; author: selinger; state: Exp; lines: +51 -48 417Changed ccrypt to allow parallel encryption of many streams by 418localizing the state. 419---------------------------- 420date: 2000/05/18 02:48:50; author: selinger; state: Exp; lines: +109 -62 421Started working on suffix-adding and -removing in destroy mode. 422Maybe should ignore symlinks as gzip does? 423---------------------------- 424date: 2000/05/16 06:28:32; author: selinger; state: Exp; lines: +17 -13 425started re-vamping user interface. Renamed many command-line option to 426be similar to those of gzip. All file-reading commands now operate on 427multiple files. Explicit output file naming is no longer possible - 428use filter mode for this. 429The file-reading modes still need to be implemented. 430---------------------------- 431date: 2000/05/16 03:44:30; author: selinger; state: Exp; lines: +64 -22 432added -r and -m to main to allow traversal of files. Presently only in 433update mode. Need to rewrite command line interface completely. 434---------------------------- 435date: 2000/05/15 17:15:24; author: selinger; state: Exp; lines: +56 -46 436Added command line struct to main.c 437Added experimental file traverse.c (currently standalone) for 438traversing through a list of files, and optionally recursively through 439directories. 440---------------------------- 441date: 2000/05/15 03:11:53; author: selinger; state: Exp; lines: +2 -2 442Fixed bug in ccrypt.c which scrambled state rather than state+8. This 443changes encryption behavior, thus advanced to v0.2. 444---------------------------- 445date: 2000/04/26 04:33:51; author: selinger; state: Exp; lines: +8 -22 446Fixed bug in guess_outfile, where ".cpt" was removed even if it was 447not at the end of the infile name. (as in xxx.cpt2). 448---------------------------- 449date: 2000/04/26 03:59:16; author: selinger; state: Exp; lines: +85 -17 450Threw out most of the code in main.c that dealt with files, temporary 451files, renaming, checking for hard links, and all that. Instead, added 452the ability to update a file in place by using read/write mode on it. 453 454Also implemented the new OFB mode. Benchmarks yielded that if 32 state 455bytes were used in the non-linear function that encodes each byte, 456then the time spent in Rijndael and the time spent on calculating this 457non-linear function would be about equal. This seems too much overhead 458in return for the security of a single byte. Thus, I reduced the 459number of state bytes used in this calculation to 9. This makes an 460exhaustive search possible in the near future, but such a search is 461probably not worth the effort, especially considering it only helps to 462decrypt one byte, namely the first byte where a given ciphertext 463differs from one with known plaintext. 464 465Benchmark testing also showed that fseek is extremely expensive. The 466original implementation of in-place update called fseek twice per 467byte, which took 8 times more time that encryption itself. By using a 4681000 byte buffer, I reduced this overhead to about 0.8%. 469---------------------------- 470date: 2000/04/25 19:29:12; author: selinger; state: Exp; lines: +11 -16 471* Changed rijndael interface to operate on unsigned long arrays instead 472 of char arrays - this ensures that the arrays are aligned properly on 473 word boundaries. 474* Also made many changes to the user interface. Now use "stat" to check 475 inode of input and output file, test that they are regular files, and 476 use (manual) copy, rather than rename, to copy the temporary file to 477 the output (this overwrites all hardlink references). 478---------------------------- 479date: 2000/04/24 18:02:04; author: selinger; state: Exp; lines: +10 -3 480Changes to file handling. ccrypt now checks for input/output errors, 481and if such an error occurs, any partial output is deleted and the 482original file retained. Also, in file mode, we now output to a 483temporary file by default, since checking for identical filenames is 484not sufficient to detect physical equality of input and output file. 485---------------------------- 486date: 2000/04/18 07:59:41; author: selinger; state: Exp; lines: +5 -41 487Changed Makefile to run in directory rijndael recursively. 488Linked sboxes into ccrypt rather than repeating them. 489---------------------------- 490date: 2000/04/17 17:44:36; author: selinger; state: Exp; lines: +81 -40 491Updated ccrypt but it contains a bug: block cipher operates in 492electronic dictionary mode. Also streamlined rijndael.c decryption, 493and changed external interface to operate on strings rather than 4942-dimensional arrays. 495---------------------------- 496date: 2000/04/16 17:58:39; author: selinger; state: Exp; lines: +3 -1 497Fixed array index bug in ccrypt.init_random. Also added fflush to main. 498---------------------------- 499date: 2000/04/16 17:16:25; author: selinger; state: Exp; lines: +2 -1 500added "return 0" at end of main 501---------------------------- 502date: 2000/04/14 08:50:27; author: selinger; state: Exp; lines: +10 -12 503Improved hashing. It is now infeasible to find two passwords that hash 504to the same key. 505---------------------------- 506date: 2000/04/14 08:41:50; author: selinger; state: Exp; lines: +22 -15 507Changed password hashing to use rijndael instead of an ad hoc method. 508---------------------------- 509date: 2000/04/12 20:46:54; author: selinger; state: Exp; lines: +10 -14 510removed arbitrary line length on password read from terminal (but 511notice that Solaris still imposes 1024 character limit). 512Added #ifdef lines to .h files. 513Added Id tag to .in files. 514---------------------------- 515date: 2000/04/12 07:06:30; author: selinger; state: Exp; lines: +10 -6 516fixed bug where OFB mode was not self-inverse. Also updated manpage 517after reading more about block ciphers and modes. 518---------------------------- 519date: 2000/04/11 09:44:49; author: selinger; state: Exp; lines: +13 -13 520Added GNU license to man page, and updated Makefile and main.c to 521compile correctly on Solaris. Removed double global variable "key". 522---------------------------- 523date: 2000/04/11 09:25:37; author: selinger; state: Exp; lines: +49 -27 524Complete rewrite of encryption algorithm based on Rijndael. 525---------------------------- 526date: 2000/04/10 01:36:19; author: selinger; state: Exp; lines: +163 -30 527Added a man page, updated user interface, added config file and 528install script. 529---------------------------- 530date: 2000/04/09 22:09:39; author: selinger; state: Exp; lines: +3 -108 531Added Id headers, and separated ccrypt from main. 532---------------------------- 533date: 2000/04/09 21:40:20; author: selinger; state: Exp; lines: +26 -63 534Created custom random number generator, both for portability and 535because the GNU one is really bad. Also moved readkey to a separate 536module. 537---------------------------- 538date: 2000/04/09 06:30:21; author: selinger; state: Exp; lines: +12 -6 539Made it work with SUN rand() which produces 15-bit random integers. 540---------------------------- 541date: 2000/04/09 06:21:54; author: selinger; state: Exp; lines: +13 -4 542Added debug mode 543---------------------------- 544date: 2000/04/09 00:17:55; author: selinger; state: Exp; lines: +151 -12 545First working version. 546---------------------------- 547date: 2000/04/08 21:53:25; author: selinger; state: Exp; 548branches: 1.1.1; 549Initial revision 550---------------------------- 551date: 2000/04/08 21:53:25; author: selinger; state: Exp; lines: +0 -0 552Imported sources 553============================================================================= 554