Skip to content
/ note1 Public

A very hacky fun project to play around with.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bytefire/note1

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

37 Commits
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
README
README
 
 

Repository files navigation

A very hacky fun project to play around with.

DO NOT USE FOR REAL LIFE PURPESES. It's a fun project, parts of which were
written at extremely high speeds due to shortage of time. As a result, it
may contain security or other problems. Use it at your own risk.

note1 has a CLI which allows users to store, view and edit key-value pairs. The
CLI wraps lib.rs which exposes HTTP verbs get, post, put and delete to operate
on the key-value pairs.

Key-value pairs can undergo a transform operation before being saved to file
and after being loaded from file. Depending upon transform, there can be
different applications. E.g. if transform is encryption then note1 can be used
as a password store.

As a next step we would want a more organized and extensible header format.
Perhaps something like the following:

+------------------------------------------------------------------------+
| MAJOR_VERSION_NUMBER (4 bytes)  | MINOR_VERSION_NUMBER (4 bytes)       |
+------------------------------------------------------------------------+
| HEADER_LEN (4 bytes)            |                                      |
+------------------------------------------------------------------------+
| SALT (16 bytes)                 |                                      |
+------------------------------------------------------------------------+
| ENCR-FEK (32 bytes)             |                                      |
+------------------------------------------------------------------------+
| MAX_RECORDS (4 bytes)           | RECORD_COUNT (4 bytes)               |
+------------------------------------------------------------------------+
| RESERVED (HEADER_LEN - 68 bytes)                                       |
+------------------------------------------------------------------------+

We can start with 4096 bytes HEADER_LEN. Such a header will be followed by
all the tags which will be encrypted using the key wrapped inside ENCR-FEK,
i.e. encrypted file encryption key. Each tag will contain the key for value
corresponding to that key. So each value is separately encrypted. This will
help with key rotation.

Each value will be encrypted using AEAD and each value's AAD should contain
hash of the corresponding tag. That way someone can't swap values belonging to
different tags.

For now, we stick with bare minimum :)

About

A very hacky fun project to play around with.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages