Skip to content

paolostivanin/GTKCrypto

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

387 Commits

.ci

.ci

 
 

.circleci

.circleci

 
 

.github/workflows

.github/workflows

 
 

cmake

cmake

 
 

data

data

 
 

src

src

 
 

.gitignore

.gitignore

 
 

CMakeLists.txt

CMakeLists.txt

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

SECURITY.md

SECURITY.md

 
 

Repository files navigation

GTKCrypto

CircleCI

Features

  • Encrypt and decrypt files using AES, Twofish, Serpent or Camellia using either CBC or CTR mode. Key size for all algorithms is 256 bits.
  • Encrypt and decrypt text using one of the aforementioned algorithms;
  • Sign a given file using one of your GPG keys. Of course you can also verify the signature for a given file;
  • Compute hashes for a chosen file (MD5, GOST94, SHA1, SHA2, SHA3, and Whirlpool);

Security

  • Encrypt-then-MAC. The plain text is encrypted and then the MAC of the encrypted text is computed and appended to the cipher text.
  • Confidentiality is given by AES/Twofish/Serpent/Camellia operating in either CBC or CTR mode using a key size of 256 bits;
  • Integrity is given by the MAC calculation (MAC = HMAC+SHA3-512);
  • The input key is derived using PBKDF2 with 100'000 iterations and using SHA3-512 as hash algo;
  • The key is temporarily stored inside a portion of secure memory which is erased before the program exits;

Text Encryption

  • Encrypt-then-TAG
  • Plaintext is encrypted using AES-256 in GCM mode
  • The input key is derived using PBKDF2 with 150'000 iterations and using SHA3-256 as hash algo;
  • Data is always stored in a secure memory pool allocated by Gcrypt
  • The resulting buffer has the following structure: base64(IV,SALT,encrypt(plaintext),TAG)

Requirements

Name Min Version
GTK+ 3.20
Glib 2.48.0
libgcrypt 1.7.0
gpgme 1.8.0

Screenshots

Main window

How to compile

  • $ git clone https://github.com/paolostivanin/GTKCrypto.git
  • $ cd GTKCrypto
  • $ mkdir build && cd $_
  • $ cmake -DCMAKE_INSTALL_PREFIX=/usr ..
  • $ make
  • $ sudo make install

How can I trust your program?

Don't trust me, trust the code. But if you really want to be sure that I'm not doing things in the wrong way, then you can just encrypt a file using GTKCrypto and write your own decryption program. This is a relatively quick and easy task to achieve, just be sure to first understand the structure of the encrypted file (spoiler: enc_file = metadata + encrypted_data + HMAC). More info HERE.

Testing

  • Before each release, I run PVS Studio in order to catch even more errors and/or corner cases
  • With every commit to master, GTKCrypto is compiled in CircleCI against different distros

Latest version

Stable and pre-release versions can be found HERE

Notes

This software is licensed under the GNU General Public License version 3 and above.

About

GTKCrypto allows you to easily encrypt, sign and compute hash of your data.

Topics

c hash gtk3 md5 sha2 aes-256 hmac cbc-mode serpent encrypt decrypt sha3 twofish decrypt-files camellia ctr-mode

Resources

Readme

License

GPL-3.0 license

Security policy

Security policy
Activity

Stars

9 stars

Watchers

7 watching

Forks

2 forks
Report repository

Releases 2

v1.0.2 Latest
Mar 9, 2022
+ 1 release

Packages

No packages published

Contributors 2

  •  
  •  

Languages