Follow

phew! I did a big update to Medic, my CLI that checks KeePass databases for breached/weak/duplicate passwords. It's now more of a real CLI!

github.com/sts10/medic

big h/t to @bugaevc for tipping me off to structopt (github.com/TeXitoi/structopt), which was pretty intuitive!

cc @codesections

related: if anybody wants to help make keepass-rs compatible with KDBX 4.0 databases (and Argon2 KDF), that'd be super cool!

github.com/sseemayer/keepass-r

and I've updated my old blog post about Medic with some of the new things I learned updating it

sts10.github.io/2019/02/01/med

@schlink Interested, although I'd need a lot of mentoring, I don't know as much about crypto as I should

@necaris I'm not that mentor unfortunately — it feels really daunting to me! — but I might be able to jam on this next week.

I'm hoping it's mostly a matter of (a) figuring out how to parse the somewhat-different KDBX 4 header, then (b) finding an Argon2 crate (maybe this one: github.com/sru-systems/rust-ar) with a hashing function we can use.

So I don't think it'll involve a lot of what makes crypto hard?

@schlink hoping not although I'm a little paranoid about making little mistakes in crypto ;-)

Sign in to participate in the conversation
Octodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!