replaced http://crypto.stackexchange.com/ with https://crypto.stackexchange.com/
- I read the RSA private key from
~/.ssh/id_rsa(default) - Use the private key to encrypt a random 32 byte symmetric key (PKCS#1 OAEP)
- Encrypt a stream of data with AES-256 in counter mode (no extra padding)
- Write all of this to the output stream in 65535 byte chunks
- Append an HMAC-SHA256 of the ciphertext of the ciphertext
- I read the RSA private key from
~/.ssh/id_rsa(default) - Use the private key to encrypt a random 32 byte symmetric key (PKCS#1 OAEP)
- Encrypt a stream of data with AES-256 in counter mode (no extra padding)
- Write all of this to the output stream in 65535 byte chunks
- Append an HMAC-SHA256 of the ciphertext
- I read the RSA private key from
~/.ssh/id_rsa(default) - Use the private key to encrypt a random 32 byte symmetric key (PKCS#1 OAEP)
- Encrypt a stream of data with AES-256 in counter mode (no extra padding)
- Write all of this to the output stream in 65535 byte chunks
- Append an HMAC-SHA256 of the ciphertext
Changes so far
- I'm including the entire file header (magic bytes, encrypted key length, encrypted key) in the HMAC-SHA256 calculation
- I'm using a random 128 bit number as the initial value for the counter instead of effectively 64 bits with zeros appended.
Changes so far
- I'm including the entire file header (magic bytes, encrypted key length, encrypted key) in the HMAC-SHA256 calculation
- I'm using a random 128 bit number as the initial value for the counter instead of effectively 64 bits with zeros appended.
Loading
Loading
lang-py