update deps, remove deoxys, and bump version

Antidote1911 · May 19, 2024 · 1eade1c · 1eade1c
1 parent 77cb5f6
commit 1eade1c
Show file tree

Hide file tree

Showing 10 changed files with 57 additions and 155 deletions.
diff --git a/README.md b/README.md
@@ -12,7 +12,11 @@ Latest Windows x64 release is [here](https://github.com/Antidote1911/cryptyrust/
 ## Usage for CLI:
 
 Exemples :
-You can choose algorithm encryption with `-a aesgcm` for aes256Gcm `-a chacha` for XChacha20Poly1305, `-a aesgcmsiv` for aes256GcmSiv or `-a deoxys` for DeoxysII256. If not specified, cryptyrust use XChacha20Poly1305. Decryption automatically detect the good algorithm. `-a` parameter is ignored if it's specified.
+You can choose algorithm encryption with:
+`-a aesgcm` for aes256Gcm
+`-a chacha` for XChacha20Poly1305
+`-a aesgcmsiv` for aes256GcmSiv.
+If not specified, cryptyrust use XChacha20Poly1305. Decryption automatically detect the good algorithm and ignore `-a` if présent.
 
 If no output file is specified with `-o`, Cryptyrust generate an incremental unique file name with .crypty extension.
 
@@ -22,16 +26,16 @@ If no output file is specified with `-o`, Cryptyrust generate an incremental uni
 ./cryptyrust_cli -d test.mp4.crypty -p 12345678
 
 # encrypt the file test.mp4 with password 12345678 and show the hash of the output file, and décrypt it:
-./cryptyrust_cli -e test.mp4 -p 12345678 -h
-./cryptyrust_cli -d test.mp4.crypty -p 12345678 -h
+./cryptyrust_cli -e test.mp4 -p 12345678 --hash
+./cryptyrust_cli -d test.mp4.crypty -p 12345678 --hash
 
 # encrypt the file test.mp4 with password 12345678, with moderate key derivation, and décrypt it:
 ./cryptyrust_cli -e test.mp4 -p 12345678 -s moderate
 ./cryptyrust_cli -d test.mp4.crypty -p 12345678
 
 # encrypt the file test.mp4 with password 12345678 with xchacha20poly1305 and décrypt it:
 ./cryptyrust_cli -e test.mp4 -a chacha -p 12345678
-./cryptyrust_cli -d test.mp4.crypty -p 12345678  
+./cryptyrust_cli -d test.mp4.crypty -p 12345678
 
 # Or you can enter an output file name with -o flag if you want:
 ./cryptyrust_cli -e test.mp4 -o myEncryptedFile -p 12345678
@@ -44,25 +48,20 @@ If no output file is specified with `-o`, Cryptyrust generate an incremental uni
 - [aes256Gcm](https://github.com/RustCrypto/AEADs/tree/master/aes-gcm) in [Stream Mode](https://github.com/miscreant/meta/wiki/STREAM).
 - [aes256GcmSiv](https://github.com/RustCrypto/AEADs/tree/master/aes-gcm-siv) in [Stream Mode](https://github.com/miscreant/meta/wiki/STREAM).
 - [XChacha20Poly1305](https://github.com/RustCrypto/AEADs/tree/master/chacha20poly1305) in [Stream Mode](https://github.com/miscreant/meta/wiki/STREAM).
-- [DeoxysII256](https://github.com/RustCrypto/AEADs/tree/master/deoxys) in [Stream Mode](https://github.com/miscreant/meta/wiki/STREAM).
 
 
 ## Technical description: ##
 
-Cryptyrust use some code portions from [Dexios](https://github.com/brxken128/dexios). A really good cli encryption tool made by [brxken](https://github.com/brxken128). Notably the logic for header serialization, calculate the hash of the output files etc...
-Thx [brxken](https://github.com/brxken128).
-
-**Password Derivation :**  
-A 32 bytes "Rawkey" is generated by Argon2 from the user password and a 16 bytes random salt to prevent brute force attack.  
+**Password Derivation :**
+A 32 bytes "Rawkey" is generated by Argon2 from the user password and a 16 bytes random salt to prevent brute force attack.
 This "Rawkey" and a random nonce is used to encrypt with the selected algorithm.
 
 **Nonce (or initialization vectors) :**
-The nonce is randomly generated.  
+The nonce is randomly generated.
 - For aes256Gcm and aes256GcmSiv noncelen = 8 bytes
 - For XChacha20Poly1305 20 bytes
-- For DeoxysII256 14 bytes.  
 
-Cryptyrust encrypt in [stream mode](https://github.com/miscreant/meta/wiki/STREAM). This is why nonce len is 4 bytes shorter than usual size for given algorithm. This 4 bytes are reserved for LE counter.  
+Cryptyrust encrypt in [stream mode](https://github.com/miscreant/meta/wiki/STREAM). This is why nonce len is 4 bytes shorter than usual size for given algorithm. This 4 bytes are reserved for LE counter.
 Nonce is incremented after all encrypted chunk.
 
 the output file is :
@@ -72,7 +71,7 @@ the output file is :
 - Argon strength (2 bytes)
 - The Argon2 Salt (16 bytes)
 - Padding some 0 for future usage (16 bytes)
-- Nonce (8 bytes for aes, 20 for chacha, 14 for deoxys)
+- Nonce (8 bytes for aes, 20 for chacha)
 - Padding some 0 for always have a 64 bytes header
 - encrypted chunk_1  ( BUFFER_SIZE + 16 bytes Authentication tag )
 - encrypted chunk_2  ( BUFFER_SIZE + 16 bytes Authentication tag )
@@ -87,7 +86,7 @@ Executable will be at `target/release/cryptyrust_cli'.
 
 ## Windows Compilation instructions:
 
-- Install [Visual Studio Build Tools 2019](https://visualstudio.microsoft.com/fr/thank-you-downloading-visual-studio/?sku=BuildTools&rel=16)  
+- Install [Visual Studio Build Tools 2019](https://visualstudio.microsoft.com/fr/thank-you-downloading-visual-studio/?sku=BuildTools&rel=16)
 - Make sure rust use msvc. Run in command line :
 `rustup default stable-x86_64-pc-windows-msvc`
 - Build rust CLI App and core project : `cargo build --release`
@@ -110,6 +109,6 @@ cd build
 cmake -G "NMake Makefiles" -DCMAKE_BUILD_TYPE=Release ..
 nmake
 ```
-**Data Loss Disclaimer:**  
-if you lose or forget your password, **your data cannot be recovered !**  
+**Data Loss Disclaimer:**
+if you lose or forget your password, **your data cannot be recovered !**
 Use a password manager or another secure form of backup.<br/>
diff --git a/adapter/src/lib.rs b/adapter/src/lib.rs
@@ -1,3 +1,5 @@
+mod secret;
+
 use std::ffi::{CStr, CString};
 use std::os::raw::c_char;
 use std::ptr::null_mut;
@@ -31,8 +33,7 @@ pub extern "C" fn makeConfig(
     let algo = match algorithm {
         0 => Algorithm::XChaCha20Poly1305,
         1 => Algorithm::Aes256Gcm,
-        2 => Algorithm::DeoxysII256,
-        3 => Algorithm::Aes256GcmSiv,
+        2 => Algorithm::Aes256GcmSiv,
         _ => panic!("received invalid algorithm enum from c++"),
     };
 

diff --git a/cli/Cargo.toml b/cli/Cargo.toml
@@ -1,20 +1,20 @@
 [package]
 name = "cryptyrust_cli"
-version = "3.0.0"
+version = "3.1.0"
 authors = ["Antidote1911 <[email protected]>"]
 description = "A simple but strong file encryption utility in Rust."
 repository = "https://github.com/Antidote1911/cryptyrust/"
 edition = "2021"
 
 [dependencies]
 cryptyrust_core = { path = "../core" }
-rpassword = "6.0.1"
-clap = { version = "3.1.18", features = ["derive","cargo"] }
-anyhow = "1.0.57"
+rpassword = "7.3.1"
+clap = { version = "4.5.4", features = ["derive","cargo"] }
+anyhow = "1.0.86"
 
 [dev-dependencies]
-assert_cmd = "2.0.4"
-assert_fs = "1.0.7"
+assert_cmd = "2.0.14"
+assert_fs = "1.1.1"
 
 [[bin]]
 name = "cryptyrust_cli"

diff --git a/cli/src/cli.rs b/cli/src/cli.rs
@@ -1,14 +1,15 @@
-use clap::{AppSettings, ArgGroup, ArgEnum, Parser};
+use clap::{ArgGroup, Parser};
 use cryptyrust_core::{Algorithm, BenchMode, DeriveStrength, HashMode};
 
-const AUTHOR: &str = "
+const ABOUT: &str = "
+A simple but strong file encryption utility in Rust.
 Author : Fabrice Corraire <[email protected]>
 Github : https://github.com/Antidote1911/
 ";
 
 #[derive(Parser)]
-#[clap(global_setting(AppSettings::DeriveDisplayOrder))]
-#[clap(about, author=AUTHOR, version)]
+
+#[clap(about=ABOUT, author, version)]
 
 #[clap(group(ArgGroup::new("mode").required(true)
 .args(&["encrypt", "decrypt"]),
@@ -37,36 +38,35 @@ pub struct Cli {
     password: Option<String>,
 
     /// Choose algorithm. Ignored in decryption mode
-    #[clap(short, long, arg_enum,value_name = "ALGO", default_value = "aesgcm")]
+    #[clap(short, long, value_enum,value_name = "ALGO", default_value = "aesgcm")]
     algo: Algo,
 
     /// Choose password derivation strength
-    #[clap(short, long, arg_enum,value_name = "STRENGTH", default_value = "interactive")]
+    #[clap(short, long, value_enum,value_name = "STRENGTH", default_value = "interactive")]
     strength: Strength,
 
     /// File should be valid UTF-8 and contain only the password with no newline.
     #[clap(short='f', long, value_name = "PASSWORD_FILE")]
     passwordfile: Option<String>,
 
     /// Optional, output hash
-    #[clap(short, long)]
+    #[clap(long)]
     hash: bool,
 
     /// Optional, bench mode
-    #[clap(short, long)]
+    #[clap(long)]
     bench: bool,
 
 }
 
-#[derive(Copy, Clone, PartialEq, Eq, PartialOrd, Ord, ArgEnum)]
+#[derive(Copy, Clone, PartialEq, Eq, PartialOrd, Ord, clap::ValueEnum)]
 pub enum Algo {
     Aesgcm,
     Chacha,
-    Deoxys,
     Aesgcmsiv,
 }
 
-#[derive(Copy, Clone, PartialEq, Eq, PartialOrd, Ord, ArgEnum)]
+#[derive(Copy, Clone, PartialEq, Eq, PartialOrd, Ord, clap::ValueEnum)]
 pub enum Strength {
     Interactive,
     Moderate,
@@ -95,7 +95,6 @@ impl Cli {
             Algo::Aesgcm => Algorithm::Aes256Gcm,
             Algo::Aesgcmsiv => Algorithm::Aes256GcmSiv,
             Algo::Chacha => Algorithm::XChaCha20Poly1305,
-            Algo::Deoxys => Algorithm::DeoxysII256,
         }
     }
 

diff --git a/core/Cargo.toml b/core/Cargo.toml
@@ -1,21 +1,20 @@
 [package]
 name = "cryptyrust_core"
-version = "3.0.0"
+version = "3.0.1"
 authors = ["Antidote1911 <[email protected]>"]
 edition = "2021"
 
 [dependencies]
-argon2 = "0.4.0"
+argon2 = "0.4.1"
 aead = { version = "0.4.3", features = ["std", "stream"] }
 aes-gcm = "0.9.4"
 aes-gcm-siv = "0.10.3"
-chacha20poly1305 = "0.9.0"
-deoxys = "0.0.2"
-sha3 = "0.10.1"
-blake3 = "1.3.1"
+chacha20poly1305 = "0.9.1"
+sha3 = "0.10.8"
+blake3 = "1.5.1"
 rand = "0.8.5"
-thiserror = "1.0.30"
-indicatif = "0.17.6"
+thiserror = "1.0.61"
+indicatif = "0.17.8"
 zeroize = "1.3.0"
 
 [dev-dependencies]

diff --git a/core/src/config.rs b/core/src/config.rs
@@ -5,7 +5,6 @@ use aead::{
 use aes_gcm::Aes256Gcm;
 use aes_gcm_siv::Aes256GcmSiv;
 use chacha20poly1305::XChaCha20Poly1305;
-use deoxys::DeoxysII256;
 use crate::secret::Secret;
 
 #[derive(PartialEq, Clone, Copy)]
@@ -30,7 +29,6 @@ pub enum Direction {
 pub enum Algorithm {
     Aes256Gcm,
     XChaCha20Poly1305,
-    DeoxysII256,
     Aes256GcmSiv
 }
 
@@ -46,7 +44,6 @@ impl std::fmt::Display for Algorithm {
         match *self {
             Algorithm::Aes256Gcm => write!(f, "AES-256-GCM"),
             Algorithm::XChaCha20Poly1305 => write!(f, "XChaCha20-Poly1305"),
-            Algorithm::DeoxysII256 => write!(f, "Deoxys-II-256"),
             Algorithm::Aes256GcmSiv => write!(f, "Aes256-Gcm-Siv"),
         }
     }
@@ -67,14 +64,12 @@ pub struct Config {
 pub enum EncryptStreamCiphers {
     Aes256Gcm(Box<EncryptorLE31<Aes256Gcm>>),
     XChaCha(Box<EncryptorLE31<XChaCha20Poly1305>>),
-    DeoxysII(Box<EncryptorLE31<DeoxysII256>>),
     Aes256GcmSiv(Box<EncryptorLE31<Aes256GcmSiv>>),
 }
 
 pub enum DecryptStreamCiphers {
     Aes256Gcm(Box<DecryptorLE31<Aes256Gcm>>),
     XChaCha(Box<DecryptorLE31<XChaCha20Poly1305>>),
-    DeoxysII(Box<DecryptorLE31<DeoxysII256>>),
     Aes256GcmSiv(Box<DecryptorLE31<Aes256GcmSiv>>),
 }
 
@@ -86,7 +81,6 @@ impl EncryptStreamCiphers {
         match self {
             EncryptStreamCiphers::Aes256Gcm(s) => s.encrypt_next(payload),
             EncryptStreamCiphers::XChaCha(s) => s.encrypt_next(payload),
-            EncryptStreamCiphers::DeoxysII(s) => s.encrypt_next(payload),
             EncryptStreamCiphers::Aes256GcmSiv(s) => s.encrypt_next(payload),
         }
     }
@@ -98,7 +92,6 @@ impl EncryptStreamCiphers {
         match self {
             EncryptStreamCiphers::Aes256Gcm(s) => s.encrypt_last(payload),
             EncryptStreamCiphers::XChaCha(s) => s.encrypt_last(payload),
-            EncryptStreamCiphers::DeoxysII(s) => s.encrypt_last(payload),
             EncryptStreamCiphers::Aes256GcmSiv(s) => s.encrypt_last(payload),
         }
     }
@@ -112,7 +105,6 @@ impl DecryptStreamCiphers {
         match self {
             DecryptStreamCiphers::Aes256Gcm(s) => s.decrypt_next(payload),
             DecryptStreamCiphers::XChaCha(s) => s.decrypt_next(payload),
-            DecryptStreamCiphers::DeoxysII(s) => s.decrypt_next(payload),
             DecryptStreamCiphers::Aes256GcmSiv(s) => s.decrypt_next(payload),
         }
     }
@@ -124,7 +116,6 @@ impl DecryptStreamCiphers {
         match self {
             DecryptStreamCiphers::Aes256Gcm(s) => s.decrypt_last(payload),
             DecryptStreamCiphers::XChaCha(s) => s.decrypt_last(payload),
-            DecryptStreamCiphers::DeoxysII(s) => s.decrypt_last(payload),
             DecryptStreamCiphers::Aes256GcmSiv(s) => s.decrypt_last(payload),
         }
     }

diff --git a/core/src/crypto.rs b/core/src/crypto.rs
@@ -12,7 +12,6 @@ use std::{io::{Read, Write}};
 use std::fs::File;
 use aead::stream::{DecryptorLE31, EncryptorLE31};
 use aes_gcm_siv::Aes256GcmSiv;
-use deoxys::DeoxysII256;
 use rand::prelude::StdRng;
 use indicatif::{ProgressBar, ProgressStyle};
 
@@ -65,26 +64,6 @@ pub fn init_encryption_stream(
                 header,
             ))
         }
-        Algorithm::DeoxysII256 => {
-            let nonce_bytes = StdRng::from_entropy().gen::<[u8; 11]>();
-
-            let cipher = match DeoxysII256::new_from_slice(key.expose()) {
-                Ok(cipher) => cipher,
-                Err(_) => return Err(CoreErr::CreateCipher)
-            };
-
-            let header = Header {
-                header_type,
-                nonce: nonce_bytes.to_vec(),
-                salt,
-            };
-
-            let stream = EncryptorLE31::from_aead(cipher, nonce_bytes.as_slice().into());
-            Ok((
-                EncryptStreamCiphers::DeoxysII(Box::new(stream)),
-                header,
-            ))
-        }
         Algorithm::Aes256GcmSiv => {
             let nonce_bytes = StdRng::from_entropy().gen::<[u8; 8]>();
 
@@ -133,14 +112,6 @@ pub fn init_decryption_stream(
             let stream = DecryptorLE31::from_aead(cipher, header.nonce.as_slice().into());
             Ok(DecryptStreamCiphers::XChaCha(Box::new(stream)))
         }
-        Algorithm::DeoxysII256 => {
-            let cipher = match DeoxysII256::new_from_slice(key.expose()) {
-                Ok(cipher) => cipher,
-                Err(_) => return Err(CoreErr::CreateCipher)
-            };
-            let stream = DecryptorLE31::from_aead(cipher, header.nonce.as_slice().into());
-            Ok(DecryptStreamCiphers::DeoxysII(Box::new(stream)))
-        }
         Algorithm::Aes256GcmSiv => {
             let cipher = match Aes256GcmSiv::new_from_slice(key.expose()) {
                 Ok(cipher) => cipher,

diff --git a/core/src/header.rs b/core/src/header.rs
@@ -112,7 +112,6 @@ fn calc_nonce_len(header_info: &HeaderType) -> usize {
     let mut nonce_len = match header_info.algorithm {
         Algorithm::XChaCha20Poly1305 => 24,
         Algorithm::Aes256Gcm => 12,
-        Algorithm::DeoxysII256 => 15,
         Algorithm::Aes256GcmSiv => 12,
     };
     nonce_len -= 4; // the last 4 bytes are dynamic in streamLE mode
@@ -138,12 +137,8 @@ fn serialize(header_info: &HeaderType) -> ([u8; 2], [u8; 2], [u8; 2]) {
             let info: [u8; 2] = [0x0E, 0x02];
             info
         }
-        Algorithm::DeoxysII256 => {
-            let info: [u8; 2] = [0x0E, 0x03];
-            info
-        }
         Algorithm::Aes256GcmSiv => {
-            let info: [u8; 2] = [0x0E, 0x04];
+            let info: [u8; 2] = [0x0E, 0x03];
             info
         }
     };
@@ -181,8 +176,7 @@ fn deserialize(
     let algorithm = match algorithm_info {
         [0x0E, 0x01] => Algorithm::XChaCha20Poly1305,
         [0x0E, 0x02] => Algorithm::Aes256Gcm,
-        [0x0E, 0x03] => Algorithm::DeoxysII256,
-        [0x0E, 0x04] => Algorithm::Aes256GcmSiv,
+        [0x0E, 0x03] => Algorithm::Aes256GcmSiv,
         _ => return Err(CoreErr::DecryptFail("Invalid algorithm".to_string())),
     };