From 6f3cbb0a38e2757556961fe467d10553de42d36e Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Thu, 10 Apr 2025 00:27:36 -0400 Subject: [PATCH 1/8] Auto press start/process button on Enter key --- src/Picocrypt.go | 205 +++++++++++++++++++++++++---------------------- 1 file changed, 108 insertions(+), 97 deletions(-) diff --git a/src/Picocrypt.go b/src/Picocrypt.go index 10baa94..430b94f 100644 --- a/src/Picocrypt.go +++ b/src/Picocrypt.go @@ -173,10 +173,117 @@ func (p *compressorProgress) Read(data []byte) (int, error) { return read, err } +var onClickStartButton = func() { + // Start button should be disabled if these conditions are true; don't do anything if so + if (len(keyfiles) == 0 && password == "") || (mode == "encrypt" && password != cpassword) { + return + } + + if keyfile && keyfiles == nil { + mainStatus = "Please select your keyfiles" + mainStatusColor = RED + return + } + tmp, err := strconv.Atoi(splitSize) + if split && (splitSize == "" || tmp <= 0 || err != nil) { + mainStatus = "Invalid chunk size" + mainStatusColor = RED + return + } + + // Check if output file already exists + _, err = os.Stat(outputFile) + + // Check if any split chunks already exist + if split { + names, _ := filepath.Glob(outputFile + ".*") + if len(names) > 0 { + err = nil + } else { + err = os.ErrNotExist + } + } + + // If files already exist, show the overwrite modal + if err == nil && !recursively { + showOverwrite = true + modalId++ + giu.Update() + } else { // Nothing to worry about, start working + showProgress = true + fastDecode = true + canCancel = true + modalId++ + giu.Update() + if !recursively { + go func() { + work() + working = false + showProgress = false + giu.Update() + }() + } else { + // Store variables as they will be cleared + oldPassword := password + oldKeyfile := keyfile + oldKeyfiles := keyfiles + oldKeyfileOrdered := keyfileOrdered + oldKeyfileLabel := keyfileLabel + oldComments := comments + oldParanoid := paranoid + oldReedsolo := reedsolo + oldDeniability := deniability + oldSplit := split + oldSplitSize := splitSize + oldSplitSelected := splitSelected + oldDelete := delete + files := allFiles + go func() { + for _, file := range files { + // Simulate dropping the file + onDrop([]string{file}) + + // Restore variables and options + password = oldPassword + cpassword = oldPassword + keyfile = oldKeyfile + keyfiles = oldKeyfiles + keyfileOrdered = oldKeyfileOrdered + keyfileLabel = oldKeyfileLabel + comments = oldComments + paranoid = oldParanoid + reedsolo = oldReedsolo + deniability = oldDeniability + split = oldSplit + splitSize = oldSplitSize + splitSelected = oldSplitSelected + delete = oldDelete + + work() + if !working { + resetUI() + cancel(nil, nil) + showProgress = false + giu.Update() + return + } + } + working = false + showProgress = false + giu.Update() + }() + } + } +} + // The main user interface func draw() { giu.SingleWindow().Flags(524351).Layout( giu.Custom(func() { + if giu.IsKeyReleased(giu.KeyEnter) { + onClickStartButton() + return + } if showPassgen { giu.PopupModal("Generate password:##"+strconv.Itoa(modalId)).Flags(6).Layout( giu.Row( @@ -653,103 +760,7 @@ func draw() { return startLabel } return "Process" - }()).Size(giu.Auto, 34).OnClick(func() { - if keyfile && keyfiles == nil { - mainStatus = "Please select your keyfiles" - mainStatusColor = RED - return - } - tmp, err := strconv.Atoi(splitSize) - if split && (splitSize == "" || tmp <= 0 || err != nil) { - mainStatus = "Invalid chunk size" - mainStatusColor = RED - return - } - - // Check if output file already exists - _, err = os.Stat(outputFile) - - // Check if any split chunks already exist - if split { - names, _ := filepath.Glob(outputFile + ".*") - if len(names) > 0 { - err = nil - } else { - err = os.ErrNotExist - } - } - - // If files already exist, show the overwrite modal - if err == nil && !recursively { - showOverwrite = true - modalId++ - giu.Update() - } else { // Nothing to worry about, start working - showProgress = true - fastDecode = true - canCancel = true - modalId++ - giu.Update() - if !recursively { - go func() { - work() - working = false - showProgress = false - giu.Update() - }() - } else { - // Store variables as they will be cleared - oldPassword := password - oldKeyfile := keyfile - oldKeyfiles := keyfiles - oldKeyfileOrdered := keyfileOrdered - oldKeyfileLabel := keyfileLabel - oldComments := comments - oldParanoid := paranoid - oldReedsolo := reedsolo - oldDeniability := deniability - oldSplit := split - oldSplitSize := splitSize - oldSplitSelected := splitSelected - oldDelete := delete - files := allFiles - go func() { - for _, file := range files { - // Simulate dropping the file - onDrop([]string{file}) - - // Restore variables and options - password = oldPassword - cpassword = oldPassword - keyfile = oldKeyfile - keyfiles = oldKeyfiles - keyfileOrdered = oldKeyfileOrdered - keyfileLabel = oldKeyfileLabel - comments = oldComments - paranoid = oldParanoid - reedsolo = oldReedsolo - deniability = oldDeniability - split = oldSplit - splitSize = oldSplitSize - splitSelected = oldSplitSelected - delete = oldDelete - - work() - if !working { - resetUI() - cancel(nil, nil) - showProgress = false - giu.Update() - return - } - } - working = false - showProgress = false - giu.Update() - }() - } - } - }), + }()).Size(giu.Auto, 34).OnClick(onClickStartButton), giu.Style().SetColor(giu.StyleColorText, mainStatusColor).To( giu.Label(mainStatus), ), From d9473f777bf020f79db8b057ca7510413df138d8 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Thu, 10 Apr 2025 00:38:09 -0400 Subject: [PATCH 2/8] Bump to 1.48, update changelog --- Changelog.md | 5 +++++ VERSION | 2 +- src/Picocrypt.go | 4 ++-- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/Changelog.md b/Changelog.md index 8a81c2e..4ede0b6 100644 --- a/Changelog.md +++ b/Changelog.md @@ -3,6 +3,11 @@
  • Migrate golang.org/x/crypto to standard library imports (https://github.com/golang/go/issues/65269)
    • +# v1.48 (Released 04/11/2025) + + # v1.47 (Released 02/19/2025) +# Caveats +When encrypting multiple files, Picocrypt will automatically zip them into one file before encrypting it. However, this requires a two-step process that creates an unencrypted temporary `.zip.tmp` file in the same destination folder. This has two implications: +
      +
    1. There must be at least double the available free space on the target drive as the combined total size of input files
      2. +
    2. The target drive must be safe to save confidential data; if not, the unencrypted temporary file may be recoverable even after deletion
      3. +
    +To mitigate these caveats, Picocrypt will show info and warning labels accordingly. However, it is best to prevent these issues altogether by always encrypting and decrypting on your main host drive and then copying encrypted volumes to and from external sources, or zipping up input files beforehand and encrypting that single file which doesn't have these caveats. + # Security For more information on how Picocrypt handles cryptography, see Internals for the technical details. If you're worried about the safety of me or this project, let me assure you that this repository won't be hijacked or backdoored. I have 2FA (TOTP) enabled on all accounts with a tie to Picocrypt (GitHub, Reddit, Google, etc.), in addition to full-disk encryption on all of my portable devices. For further hardening, Picocrypt uses my isolated forks of dependencies and I fetch upstream only when I have taken a look at the changes and believe that there aren't any security issues. This means that if a dependency gets hacked or deleted by the author, Picocrypt will be using my fork of it and remain completely unaffected. You can feel confident about using Picocrypt as long as you understand: From 55ec72864e941fd39e0c43fcc40b285988d73aaa Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Thu, 10 Apr 2025 12:27:49 -0400 Subject: [PATCH 5/8] Only show info/warnings if status is "Ready" If not, it's probably showing some error message which would happen after starting encryption, so user would've already seen the info/warning status --- src/Picocrypt.go | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/Picocrypt.go b/src/Picocrypt.go index 2c2cc0a..3587e44 100644 --- a/src/Picocrypt.go +++ b/src/Picocrypt.go @@ -781,21 +781,27 @@ func draw() { return "Process" }()).Size(giu.Auto, 34).OnClick(onClickStartButton), giu.Custom(func() { + if mainStatus != "Ready" { + giu.Style().SetColor(giu.StyleColorText, mainStatusColor).To( + giu.Label(mainStatus), + ).Build() + return + } if temporaryZip && externalDst { giu.Style().SetColor(giu.StyleColorText, YELLOW).To( giu.Label("Warning: unencrypted temp files will be created"), ).Build() } else if temporaryZip { giu.Style().SetColor(giu.StyleColorText, WHITE).To( - giu.Label(mainStatus + " (info: will create temporary files)"), + giu.Label("Ready (info: will create a temporary zip file)"), ).Build() } else if externalDst { giu.Style().SetColor(giu.StyleColorText, WHITE).To( - giu.Label(mainStatus + " (info: target may be an external drive)"), + giu.Label("Ready (info: target may be an external drive)"), ).Build() } else { giu.Style().SetColor(giu.StyleColorText, mainStatusColor).To( - giu.Label(mainStatus), + giu.Label("Ready"), ).Build() } }), From f429f1b1eeb8f4589bbbaf7c7b298411f7bc2094 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Thu, 10 Apr 2025 12:29:10 -0400 Subject: [PATCH 6/8] README.md: remove installer link Maybe will add in a future release, but not for 1.48 --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index 2b15221..ecf5b3e 100644 --- a/README.md +++ b/README.md @@ -18,8 +18,6 @@ Picocrypt is a very small (hence Pico), very simple, yet very secure encr ## Windows Picocrypt for Windows is as simple as it gets. To download the latest, standalone, and portable executable for Windows, click here. If Microsoft Defender or your antivirus flags Picocrypt as a virus, please do your part and submit it as a false positive for the betterment of everyone. -If you use Picocrypt frequently, you can download an installer here for easier launching. It does not require any admin permissions to install and it also bundles a software OpenGL renderer for compatibility, so if the portable executable isn't working, this installer likely will. - ## macOS Picocrypt for macOS is very simple as well. Download Picocrypt here, open the container, and drag Picocrypt to your Applications. You may need to manually trust the app from a terminal and control-click on the app if macOS prevents you from opening it: ``` From 9287fca7b72fad93be223b4968c33726f29c6a74 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Thu, 10 Apr 2025 12:33:21 -0400 Subject: [PATCH 7/8] Remove future section from changelog The golang.org/x/crypto -> stdlib migration done in Go 1.24 is not a simple find and replace as some types changed. Will stick with golang.org/x/crypto for the foreseeable future. --- Changelog.md | 5 ----- 1 file changed, 5 deletions(-) diff --git a/Changelog.md b/Changelog.md index 3a088ad..fffc47f 100644 --- a/Changelog.md +++ b/Changelog.md @@ -1,8 +1,3 @@ -# Future - - # v1.48 (Released 04/11/2025)