phew! I did a big update to Medic, my CLI that checks KeePass databases for breached/weak/duplicate passwords. It's now more of a real CLI!

big h/t to @bugaevc for tipping me off to structopt (, which was pretty intuitive!

cc @codesections

related: if anybody wants to help make keepass-rs compatible with KDBX 4.0 databases (and Argon2 KDF), that'd be super cool!

and I've updated my old blog post about Medic with some of the new things I learned updating it

@schlink Interested, although I'd need a lot of mentoring, I don't know as much about crypto as I should

@necaris I'm not that mentor unfortunately — it feels really daunting to me! — but I might be able to jam on this next week.

I'm hoping it's mostly a matter of (a) figuring out how to parse the somewhat-different KDBX 4 header, then (b) finding an Argon2 crate (maybe this one: with a hashing function we can use.

So I don't think it'll involve a lot of what makes crypto hard?

@schlink hoping not although I'm a little paranoid about making little mistakes in crypto ;-)

Sign in to participate in the conversation

Octodon is a nice general purpose instance. more