From 6f3cbb0a38e2757556961fe467d10553de42d36e Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Thu, 10 Apr 2025 00:27:36 -0400 Subject: [PATCH 01/35] Auto press start/process button on Enter key --- src/Picocrypt.go | 205 +++++++++++++++++++++++++---------------------- 1 file changed, 108 insertions(+), 97 deletions(-) diff --git a/src/Picocrypt.go b/src/Picocrypt.go index 10baa94..430b94f 100644 --- a/src/Picocrypt.go +++ b/src/Picocrypt.go @@ -173,10 +173,117 @@ func (p *compressorProgress) Read(data []byte) (int, error) { return read, err } +var onClickStartButton = func() { + // Start button should be disabled if these conditions are true; don't do anything if so + if (len(keyfiles) == 0 && password == "") || (mode == "encrypt" && password != cpassword) { + return + } + + if keyfile && keyfiles == nil { + mainStatus = "Please select your keyfiles" + mainStatusColor = RED + return + } + tmp, err := strconv.Atoi(splitSize) + if split && (splitSize == "" || tmp <= 0 || err != nil) { + mainStatus = "Invalid chunk size" + mainStatusColor = RED + return + } + + // Check if output file already exists + _, err = os.Stat(outputFile) + + // Check if any split chunks already exist + if split { + names, _ := filepath.Glob(outputFile + ".*") + if len(names) > 0 { + err = nil + } else { + err = os.ErrNotExist + } + } + + // If files already exist, show the overwrite modal + if err == nil && !recursively { + showOverwrite = true + modalId++ + giu.Update() + } else { // Nothing to worry about, start working + showProgress = true + fastDecode = true + canCancel = true + modalId++ + giu.Update() + if !recursively { + go func() { + work() + working = false + showProgress = false + giu.Update() + }() + } else { + // Store variables as they will be cleared + oldPassword := password + oldKeyfile := keyfile + oldKeyfiles := keyfiles + oldKeyfileOrdered := keyfileOrdered + oldKeyfileLabel := keyfileLabel + oldComments := comments + oldParanoid := paranoid + oldReedsolo := reedsolo + oldDeniability := deniability + oldSplit := split + oldSplitSize := splitSize + oldSplitSelected := splitSelected + oldDelete := delete + files := allFiles + go func() { + for _, file := range files { + // Simulate dropping the file + onDrop([]string{file}) + + // Restore variables and options + password = oldPassword + cpassword = oldPassword + keyfile = oldKeyfile + keyfiles = oldKeyfiles + keyfileOrdered = oldKeyfileOrdered + keyfileLabel = oldKeyfileLabel + comments = oldComments + paranoid = oldParanoid + reedsolo = oldReedsolo + deniability = oldDeniability + split = oldSplit + splitSize = oldSplitSize + splitSelected = oldSplitSelected + delete = oldDelete + + work() + if !working { + resetUI() + cancel(nil, nil) + showProgress = false + giu.Update() + return + } + } + working = false + showProgress = false + giu.Update() + }() + } + } +} + // The main user interface func draw() { giu.SingleWindow().Flags(524351).Layout( giu.Custom(func() { + if giu.IsKeyReleased(giu.KeyEnter) { + onClickStartButton() + return + } if showPassgen { giu.PopupModal("Generate password:##"+strconv.Itoa(modalId)).Flags(6).Layout( giu.Row( @@ -653,103 +760,7 @@ func draw() { return startLabel } return "Process" - }()).Size(giu.Auto, 34).OnClick(func() { - if keyfile && keyfiles == nil { - mainStatus = "Please select your keyfiles" - mainStatusColor = RED - return - } - tmp, err := strconv.Atoi(splitSize) - if split && (splitSize == "" || tmp <= 0 || err != nil) { - mainStatus = "Invalid chunk size" - mainStatusColor = RED - return - } - - // Check if output file already exists - _, err = os.Stat(outputFile) - - // Check if any split chunks already exist - if split { - names, _ := filepath.Glob(outputFile + ".*") - if len(names) > 0 { - err = nil - } else { - err = os.ErrNotExist - } - } - - // If files already exist, show the overwrite modal - if err == nil && !recursively { - showOverwrite = true - modalId++ - giu.Update() - } else { // Nothing to worry about, start working - showProgress = true - fastDecode = true - canCancel = true - modalId++ - giu.Update() - if !recursively { - go func() { - work() - working = false - showProgress = false - giu.Update() - }() - } else { - // Store variables as they will be cleared - oldPassword := password - oldKeyfile := keyfile - oldKeyfiles := keyfiles - oldKeyfileOrdered := keyfileOrdered - oldKeyfileLabel := keyfileLabel - oldComments := comments - oldParanoid := paranoid - oldReedsolo := reedsolo - oldDeniability := deniability - oldSplit := split - oldSplitSize := splitSize - oldSplitSelected := splitSelected - oldDelete := delete - files := allFiles - go func() { - for _, file := range files { - // Simulate dropping the file - onDrop([]string{file}) - - // Restore variables and options - password = oldPassword - cpassword = oldPassword - keyfile = oldKeyfile - keyfiles = oldKeyfiles - keyfileOrdered = oldKeyfileOrdered - keyfileLabel = oldKeyfileLabel - comments = oldComments - paranoid = oldParanoid - reedsolo = oldReedsolo - deniability = oldDeniability - split = oldSplit - splitSize = oldSplitSize - splitSelected = oldSplitSelected - delete = oldDelete - - work() - if !working { - resetUI() - cancel(nil, nil) - showProgress = false - giu.Update() - return - } - } - working = false - showProgress = false - giu.Update() - }() - } - } - }), + }()).Size(giu.Auto, 34).OnClick(onClickStartButton), giu.Style().SetColor(giu.StyleColorText, mainStatusColor).To( giu.Label(mainStatus), ), From d9473f777bf020f79db8b057ca7510413df138d8 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Thu, 10 Apr 2025 00:38:09 -0400 Subject: [PATCH 02/35] Bump to 1.48, update changelog --- Changelog.md | 5 +++++ VERSION | 2 +- src/Picocrypt.go | 4 ++-- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/Changelog.md b/Changelog.md index 8a81c2e..4ede0b6 100644 --- a/Changelog.md +++ b/Changelog.md @@ -3,6 +3,11 @@
  • Migrate golang.org/x/crypto to standard library imports (https://github.com/golang/go/issues/65269)
    • +# v1.48 (Released 04/11/2025) + + # v1.47 (Released 02/19/2025) +# Caveats +When encrypting multiple files, Picocrypt will automatically zip them into one file before encrypting it. However, this requires a two-step process that creates an unencrypted temporary `.zip.tmp` file in the same destination folder. This has two implications: +
      +
    1. There must be at least double the available free space on the target drive as the combined total size of input files
      2. +
    2. The target drive must be safe to save confidential data; if not, the unencrypted temporary file may be recoverable even after deletion
      3. +
    +To mitigate these caveats, Picocrypt will show info and warning labels accordingly. However, it is best to prevent these issues altogether by always encrypting and decrypting on your main host drive and then copying encrypted volumes to and from external sources, or zipping up input files beforehand and encrypting that single file which doesn't have these caveats. + # Security For more information on how Picocrypt handles cryptography, see Internals for the technical details. If you're worried about the safety of me or this project, let me assure you that this repository won't be hijacked or backdoored. I have 2FA (TOTP) enabled on all accounts with a tie to Picocrypt (GitHub, Reddit, Google, etc.), in addition to full-disk encryption on all of my portable devices. For further hardening, Picocrypt uses my isolated forks of dependencies and I fetch upstream only when I have taken a look at the changes and believe that there aren't any security issues. This means that if a dependency gets hacked or deleted by the author, Picocrypt will be using my fork of it and remain completely unaffected. You can feel confident about using Picocrypt as long as you understand: From 55ec72864e941fd39e0c43fcc40b285988d73aaa Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Thu, 10 Apr 2025 12:27:49 -0400 Subject: [PATCH 05/35] Only show info/warnings if status is "Ready" If not, it's probably showing some error message which would happen after starting encryption, so user would've already seen the info/warning status --- src/Picocrypt.go | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/src/Picocrypt.go b/src/Picocrypt.go index 2c2cc0a..3587e44 100644 --- a/src/Picocrypt.go +++ b/src/Picocrypt.go @@ -781,21 +781,27 @@ func draw() { return "Process" }()).Size(giu.Auto, 34).OnClick(onClickStartButton), giu.Custom(func() { + if mainStatus != "Ready" { + giu.Style().SetColor(giu.StyleColorText, mainStatusColor).To( + giu.Label(mainStatus), + ).Build() + return + } if temporaryZip && externalDst { giu.Style().SetColor(giu.StyleColorText, YELLOW).To( giu.Label("Warning: unencrypted temp files will be created"), ).Build() } else if temporaryZip { giu.Style().SetColor(giu.StyleColorText, WHITE).To( - giu.Label(mainStatus + " (info: will create temporary files)"), + giu.Label("Ready (info: will create a temporary zip file)"), ).Build() } else if externalDst { giu.Style().SetColor(giu.StyleColorText, WHITE).To( - giu.Label(mainStatus + " (info: target may be an external drive)"), + giu.Label("Ready (info: target may be an external drive)"), ).Build() } else { giu.Style().SetColor(giu.StyleColorText, mainStatusColor).To( - giu.Label(mainStatus), + giu.Label("Ready"), ).Build() } }), From f429f1b1eeb8f4589bbbaf7c7b298411f7bc2094 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Thu, 10 Apr 2025 12:29:10 -0400 Subject: [PATCH 06/35] README.md: remove installer link Maybe will add in a future release, but not for 1.48 --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index 2b15221..ecf5b3e 100644 --- a/README.md +++ b/README.md @@ -18,8 +18,6 @@ Picocrypt is a very small (hence Pico), very simple, yet very secure encr ## Windows Picocrypt for Windows is as simple as it gets. To download the latest, standalone, and portable executable for Windows, click here. If Microsoft Defender or your antivirus flags Picocrypt as a virus, please do your part and submit it as a false positive for the betterment of everyone. -If you use Picocrypt frequently, you can download an installer here for easier launching. It does not require any admin permissions to install and it also bundles a software OpenGL renderer for compatibility, so if the portable executable isn't working, this installer likely will. - ## macOS Picocrypt for macOS is very simple as well. Download Picocrypt here, open the container, and drag Picocrypt to your Applications. You may need to manually trust the app from a terminal and control-click on the app if macOS prevents you from opening it: ``` From 9287fca7b72fad93be223b4968c33726f29c6a74 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Thu, 10 Apr 2025 12:33:21 -0400 Subject: [PATCH 07/35] Remove future section from changelog The golang.org/x/crypto -> stdlib migration done in Go 1.24 is not a simple find and replace as some types changed. Will stick with golang.org/x/crypto for the foreseeable future. --- Changelog.md | 5 ----- 1 file changed, 5 deletions(-) diff --git a/Changelog.md b/Changelog.md index 3a088ad..fffc47f 100644 --- a/Changelog.md +++ b/Changelog.md @@ -1,8 +1,3 @@ -# Future - - # v1.48 (Released 04/11/2025) -# v1.48 (Released 04/11/2025) +# v1.48 (Released 04/15/2025) # v1.47 (Released 02/19/2025) diff --git a/src/Picocrypt.go b/src/Picocrypt.go index e61c08a..a9b97c0 100644 --- a/src/Picocrypt.go +++ b/src/Picocrypt.go @@ -1040,7 +1040,7 @@ func onDrop(names []string) { } // Set the input and output paths - inputFile = filepath.Join(filepath.Dir(names[0]), "Encrypted") + ".zip" + inputFile = filepath.Join(filepath.Dir(names[0]), "encrypted-"+strconv.Itoa(int(time.Now().Unix()))) + ".zip" outputFile = inputFile + ".pcv" usingTempZip = true } From bad71f95ceb1f26e7913e656059cb0768c9d9258 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Sun, 13 Apr 2025 14:40:52 -0400 Subject: [PATCH 15/35] use 0600 for auto unzip file permissions prevent executing for safety and only allow user to have access --- Changelog.md | 1 + src/Picocrypt.go | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/Changelog.md b/Changelog.md index d6dba27..1f6d76d 100644 --- a/Changelog.md +++ b/Changelog.md @@ -9,6 +9,7 @@
  • ✓ Encrypt previously unencrypted temporary zip files
  • ✓ Add `.incomplete` to filenames while work is in progress
  • ✓ Use `encrypted-*.zip.pcv` output name instead of `Encrypted.zip.pcv`
    • +
  • ✓ Use 0600 permissions when auto unzipping for optimal security
    • # v1.47 (Released 02/19/2025) diff --git a/src/Picocrypt.go b/src/Picocrypt.go index a9b97c0..d6a3e8d 100644 --- a/src/Picocrypt.go +++ b/src/Picocrypt.go @@ -2502,7 +2502,7 @@ func unpackArchive(zipPath string) error { outPath := filepath.Join(extractDir, f.Name) // Otherwise create necessary parent directories - if err := os.MkdirAll(filepath.Dir(outPath), 0755); err != nil { + if err := os.MkdirAll(filepath.Dir(outPath), 0600); err != nil { return err } From 6a8fdeaa532c607316260c8ff2d27bde28d5e479 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Sun, 13 Apr 2025 14:47:18 -0400 Subject: [PATCH 16/35] Remove caveats from README No longer needed because temporary zip files are now encrypted. --- README.md | 8 -------- 1 file changed, 8 deletions(-) diff --git a/README.md b/README.md index b8f356e..b5491e9 100644 --- a/README.md +++ b/README.md @@ -90,14 +90,6 @@ While being simple, Picocrypt also strives to be powerful in the hands of knowle
  • Recursively: If you want to encrypt and/or decrypt a large set of files individually, this option will tell Picocrypt to go through every recursive file that you drop in and encrypt/decrypt it separately. This is useful, for example, if you are encrypting thousands of large documents and want to be able to decrypt any one of them in particular without having to download and decrypt the entire set of documents. Keep in mind that this is a very complex feature that should only be used if you know what you are doing.
    • -# Caveats -When encrypting multiple files, Picocrypt will automatically zip them into one file before encrypting it. However, this requires a two-step process that creates an unencrypted temporary `.zip.tmp` file in the same destination folder. This has two implications: -
      -
    1. There must be at least double the available free space on the target drive as the combined total size of input files
      2. -
    2. The target drive must be safe to save confidential data; if not, the unencrypted temporary file may be recoverable even after deletion
      3. -
    -To mitigate these caveats, Picocrypt will show info and warning labels accordingly. However, it is best to prevent these issues altogether by always encrypting and decrypting on your main host drive and then copying encrypted volumes to and from external sources, or zipping up input files beforehand and encrypting that single file which doesn't have these caveats. - # Security For more information on how Picocrypt handles cryptography, see Internals for the technical details. If you're worried about the safety of me or this project, let me assure you that this repository won't be hijacked or backdoored. I have 2FA (TOTP) enabled on all accounts with a tie to Picocrypt (GitHub, etc.), in addition to full-disk encryption on all of my portable devices. For further hardening, Picocrypt uses my isolated forks of dependencies and I fetch upstream only when I have taken a look at the changes and believe that there aren't any security issues. This means that if a dependency gets hacked or deleted by the author, Picocrypt will be using my fork of it and remain completely unaffected. I've also meticulously gone through every single setting in the Picocrypt organization and repos, locking down access behind multiple layers of security such as read-only base-level member permissions, required PRs and mandatory approvals (which no one can do but me), mandatory CODEOWNERS approvals, and I'm the only member of the Picocrypt organization and repos (except for PicoGo). You can feel confident about using Picocrypt as long as you understand: From c63cf926721b96d3d4d633f52f1f1fd95f334ed8 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Sun, 13 Apr 2025 15:15:43 -0400 Subject: [PATCH 17/35] Start button show "Zip and Encrypt" if temp zip needed --- Changelog.md | 2 ++ src/Picocrypt.go | 49 ++++++++++++++++++++++++++++++++---------------- 2 files changed, 35 insertions(+), 16 deletions(-) diff --git a/Changelog.md b/Changelog.md index 1f6d76d..60a5a05 100644 --- a/Changelog.md +++ b/Changelog.md @@ -6,6 +6,8 @@ # v1.48 (Released 04/15/2025) # v1.47 (Released 02/19/2025) diff --git a/src/Picocrypt.go b/src/Picocrypt.go index 339be2b..dcd25fe 100644 --- a/src/Picocrypt.go +++ b/src/Picocrypt.go @@ -2486,7 +2486,7 @@ func unpackArchive(zipPath string) error { // Make directory if current entry is a folder if f.FileInfo().IsDir() { - if err := os.MkdirAll(outPath, f.Mode()); err != nil { + if err := os.MkdirAll(outPath, 0700); err != nil { return err } } @@ -2505,7 +2505,7 @@ func unpackArchive(zipPath string) error { outPath := filepath.Join(extractDir, f.Name) // Otherwise create necessary parent directories - if err := os.MkdirAll(filepath.Dir(outPath), 0600); err != nil { + if err := os.MkdirAll(filepath.Dir(outPath), 0700); err != nil { return err } From b26137d959036f1037542b4bb9b6fd5b5b182300 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Sun, 13 Apr 2025 19:51:27 -0400 Subject: [PATCH 19/35] Update default.yml --- .github/ISSUE_TEMPLATE/default.yml | 24 +++++++++++++++--------- 1 file changed, 15 insertions(+), 9 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/default.yml b/.github/ISSUE_TEMPLATE/default.yml index 9aa09e5..2dff020 100644 --- a/.github/ISSUE_TEMPLATE/default.yml +++ b/.github/ISSUE_TEMPLATE/default.yml @@ -12,11 +12,11 @@ body: - type: markdown attributes: value: | - Picocrypt is a "finished" piece of software and is in a maintenance-only stage. This does not mean the software is old, outdated, or abandonware, but that the focus is on fixing bugs and ensuring the software continues to work smoothly as opposed to actively developing new features. As well, my time as the developer is limited considering that Picocrypt brings me no monetary benefit and is entirely a gift of my time and skill to the community. + Picocrypt is a "finished" piece of software and is in a maintenance-only stage. This does not mean the software is old, outdated, or abandonware, but that the sole focus is on fixing bugs and ensuring the software continues to work smoothly as opposed to actively developing new features. As well, my time as the developer is very limited considering that Picocrypt brings me no monetary benefit and is entirely a gift of my time and skill to the community. - type: markdown attributes: value: | - *To ensure that issues remain relevant and as time-efficient as possible for me, please follow the guidelines below depending on the type/topic of your issue.* + *Therefore, to save me time so that I can focus on the important things, please follow the guidelines below depending on your topic.* - type: markdown attributes: value: | @@ -24,7 +24,7 @@ body: - type: markdown attributes: value: | - These are high-priority issues and the main purpose of this repository's issue tracker. Make the issue with a short description, and then once the issue is created, add a comment with as many details as possible. Ping me (@HACKERALERT) in the comment so that I can get to it as soon as possible. Keep in mind that I define "bug" as something wrong with Picocrypt's code itself. If it's not Picocrypt's fault, it's not a bug. + These are important; make the issue with a short description, and then once the issue is created, add a comment with as many details as possible. Ping me (@HACKERALERT) in the comment so that I can get to it as soon as possible. Keep in mind that I define "bug" as something wrong with Picocrypt's code itself. If it's not Picocrypt's fault, it's not a bug. - type: markdown attributes: value: | @@ -32,7 +32,7 @@ body: - type: markdown attributes: value: | - Usually these issues are not directly caused by Picocrypt's code. Create the issue and in a separate comment, provide details about the environment you're running in (like OS, DE, etc.). **Do not ping me initially.** Let the issue sit for at least *3 days* to allow other users to potentially help you resolve the issue. If after 3 days, you haven't figured things out, then you may ping me (@HACKERALERT). + Usually these issues are not directly caused by Picocrypt's code. If you're on Windows, see [here](https://github.com/Picocrypt/Picocrypt/issues/91). If you're on Linux, install some packages and try again (see [here](https://github.com/Picocrypt/Picocrypt/tree/main/src#1-prerequisites)). Picocrypt only targets Windows 11, Ubuntu 24/Debian 12, and macOS 15 or later, so *do not create an issue if your OS is older than those; that is your problem, not mine*. If none of the points above help, create the issue and in a separate comment, provide details about the environment you're running in (like OS, DE, etc.). **Do not ping me initially.** Let the issue sit for at least *5 days* to allow other users to potentially help you resolve the issue. If after 5 days, you haven't figured things out, then you may ping me (@HACKERALERT). - type: markdown attributes: value: | @@ -40,7 +40,7 @@ body: - type: markdown attributes: value: | - These are unpreventable; Picocrypt is cryptography, file deletion, and passwords bundled into an executable... which looks similar to ransomware, unfortunately. Please report these false positives to your antivirus software provider and do not create an issue about it. + These are unpreventable; report them as false positives to your antivirus software provider and **do not create an issue about it**. - type: markdown attributes: value: | @@ -48,7 +48,7 @@ body: - type: markdown attributes: value: | - Create the issue and ask your question or support request in a separate comment. **Do not ping me initially.** Let the issue sit for at least *5 days* to give other users a chance to help you first. If after 5 days, you have not received any assistance, then you may ping me (@HACKERALERT). + Create the issue and ask your question or support request in a separate comment. **Do not ping me initially.** Let the issue sit for at least *10 days* to give other users a chance to help you first. If after 10 days, you have not received any assistance, then you may ping me (@HACKERALERT). - type: markdown attributes: value: | @@ -56,7 +56,7 @@ body: - type: markdown attributes: value: | - Picocrypt is mature software; I do not intend to add any new features. Generally, do not create any feature requests unless it's very minor and can be implemented with low effort and minimal impact on reliability and security. What is considered "minor" is subjective, but here is an example: "the ability to decrypt a volume entirely in-memory" is pretty significant, while "auto start encryption on pressing the Enter key" is relatively minor. A proof-of-concept link to code or a fork would be appreciated. + Picocrypt is mature software; I do not intend to add any new features. **Do not create these types of issues.** - type: markdown attributes: value: | @@ -64,7 +64,7 @@ body: - type: markdown attributes: value: | - Picocrypt prioritizes correctness and reliability over performance, so many parts of the code are written sequentially and don't use concurrency. This is intentional and need not be pointed out. Unless performance is absolutely atrocious to the point where it is indicative of a potential bug, do not make issues about performance. + Picocrypt prioritizes correctness and reliability over performance, so many parts of the code are written sequentially and don't use concurrency. This is intentional and need not be pointed out. Unless performance is absolutely atrocious to the point where it is indicative of a potential bug, **do not make issues about performance**. - type: markdown attributes: value: | @@ -72,8 +72,9 @@ body: - type: markdown attributes: value: | - You will have to use your best judgement here. Read the sections above to get an idea of what I expect to see and do what you think is best. Ideally, ping me only if sufficient time has passed for other users to assist/answer you, or it is best addressed by me directly. + You will have to use your best judgement here. Read the sections above to get an idea of what I expect to see and do what you think is best. Ideally, ping me only if sufficient time has passed for other users to assist/answer you, or it is best addressed by me directly. You must first look through existing issues or do a web search (AI can help!) before creating the issue. While I am allowing these generic issues to be made, if they become a hassle, I reserve the right to disallow them in the future. - type: checkboxes + id: confirmation attributes: label: "Please confirm:" options: @@ -83,7 +84,12 @@ body: required: true - label: "I acknowledge my issue may be ignored or closed without explanation" required: true + - label: "I have looked through previous issues and related info already" + required: true + - label: "I will remember to close my issue when it is resolved" + required: true - type: input + id: summary attributes: label: "Describe the issue briefly in a few sentences:" description: "You can add more details in a separate comment after creating the issue." From f58f5ce249f435466f9e22951fde139a4f019d95 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Sun, 13 Apr 2025 19:59:07 -0400 Subject: [PATCH 20/35] Create close-issues.yml --- .github/workflows/close-issues.yml | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 .github/workflows/close-issues.yml diff --git a/.github/workflows/close-issues.yml b/.github/workflows/close-issues.yml new file mode 100644 index 0000000..8b962ab --- /dev/null +++ b/.github/workflows/close-issues.yml @@ -0,0 +1,21 @@ +name: Close inactive issues +on: + schedule: + - cron: "30 1 * * *" +jobs: + close-issues: + runs-on: ubuntu-latest + permissions: + issues: write + pull-requests: write + steps: + - uses: actions/stale@v9 + with: + days-before-issue-stale: 30 + days-before-issue-close: 14 + stale-issue-label: "stale" + stale-issue-message: "This issue is stale because it has been open for 30 days with no activity." + close-issue-message: "This issue was closed because it has been inactive for 14 days since being marked as stale." + days-before-pr-stale: -1 + days-before-pr-close: -1 + repo-token: ${{ secrets.GITHUB_TOKEN }} From 9b2b69e44220c8a8c19917c3244855941c6b1c46 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Sun, 13 Apr 2025 20:06:21 -0400 Subject: [PATCH 21/35] Update versioninfo.rc --- dist/windows/versioninfo.rc | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dist/windows/versioninfo.rc b/dist/windows/versioninfo.rc index 51e4afc..f2678e3 100644 --- a/dist/windows/versioninfo.rc +++ b/dist/windows/versioninfo.rc @@ -1,6 +1,6 @@ 1 VERSIONINFO -FILEVERSION 1,47,0,0 -PRODUCTVERSION 1,47,0,0 +FILEVERSION 1,48,0,0 +PRODUCTVERSION 1,48,0,0 FILEOS 0x40004 FILETYPE 0x1 { @@ -8,7 +8,7 @@ BLOCK "StringFileInfo" { BLOCK "040904B0" { - VALUE "FileVersion", "1.47" + VALUE "FileVersion", "1.48" VALUE "LegalCopyright", "\xA9 Evan Su & contributors, GPLv3" VALUE "ProductName", "Picocrypt" } From 75c0a017f96b684d2379ced0b11a557d83f9c3e9 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Thu, 17 Apr 2025 23:37:36 -0400 Subject: [PATCH 22/35] Much more reliable free space estimator --- src/Picocrypt.go | 34 ++++++++++++++++++++++++++-------- 1 file changed, 26 insertions(+), 8 deletions(-) diff --git a/src/Picocrypt.go b/src/Picocrypt.go index dcd25fe..d616ae3 100644 --- a/src/Picocrypt.go +++ b/src/Picocrypt.go @@ -790,8 +790,21 @@ func draw() { return } if requiredFreeSpace > 0 { + multiplier := 1 + if len(allFiles) > 1 || len(onlyFolders) > 0 { // need a temporary zip file + multiplier++ + } + if deniability { + multiplier++ + } + if split { + multiplier++ + } + if recombine { + multiplier++ + } giu.Style().SetColor(giu.StyleColorText, WHITE).To( - giu.Label("Ready (ensure " + sizeify(requiredFreeSpace) + " of disk space is free)"), + giu.Label("Ready (ensure " + sizeify(requiredFreeSpace*int64(multiplier)) + " of disk space is free)"), ).Build() } else { giu.Style().SetColor(giu.StyleColorText, WHITE).To( @@ -858,7 +871,12 @@ func onDrop(names []string) { // One item dropped if len(names) == 1 { - stat, _ := os.Stat(names[0]) + stat, err := os.Stat(names[0]) + if err != nil { + mainStatus = "Failed to stat dropped item" + mainStatusColor = RED + return + } // A folder was dropped if stat.IsDir() { @@ -873,10 +891,10 @@ func onDrop(names []string) { if err != nil { panic(err) } - requiredFreeSpace = 2 * size + requiredFreeSpace = size } else { // A file was dropped files++ - requiredFreeSpace += stat.Size() + requiredFreeSpace = stat.Size() // Is the file a part of a split volume? nums := []string{"0", "1", "2", "3", "4", "5", "6", "7", "8", "9"} @@ -913,8 +931,8 @@ func onDrop(names []string) { } totalFiles++ compressTotal += stat.Size() - requiredFreeSpace += stat.Size() } + requiredFreeSpace = compressTotal } else { outputFile = names[0][:len(names[0])-4] } @@ -1017,7 +1035,7 @@ func onDrop(names []string) { allFiles = append(allFiles, name) compressTotal += stat.Size() - requiredFreeSpace += 2 * stat.Size() + requiredFreeSpace += stat.Size() inputLabel = fmt.Sprintf("Scanning files... (%s)", sizeify(compressTotal)) giu.Update() } @@ -1056,7 +1074,7 @@ func onDrop(names []string) { if err == nil && !stat.IsDir() { allFiles = append(allFiles, path) compressTotal += stat.Size() - requiredFreeSpace += 2 * stat.Size() + requiredFreeSpace += stat.Size() inputLabel = fmt.Sprintf("Scanning files... (%s)", sizeify(compressTotal)) giu.Update() } @@ -1101,7 +1119,7 @@ func work() { }() // Combine/compress all files into a .zip file if needed - if len(allFiles) > 1 || len(onlyFolders) > 0 || compress { + if len(allFiles) > 1 || len(onlyFolders) > 0 { // Consider case where compressing only one file files := allFiles if len(allFiles) == 0 { From ee2abd053c15e915f0be9fe19e4e0efc02a661e9 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Thu, 17 Apr 2025 23:46:04 -0400 Subject: [PATCH 23/35] remove duplicate single folder size counting --- src/Picocrypt.go | 20 +------------------- 1 file changed, 1 insertion(+), 19 deletions(-) diff --git a/src/Picocrypt.go b/src/Picocrypt.go index d616ae3..e27631f 100644 --- a/src/Picocrypt.go +++ b/src/Picocrypt.go @@ -803,6 +803,7 @@ func draw() { if recombine { multiplier++ } + fmt.Println(multiplier, requiredFreeSpace) giu.Style().SetColor(giu.StyleColorText, WHITE).To( giu.Label("Ready (ensure " + sizeify(requiredFreeSpace*int64(multiplier)) + " of disk space is free)"), ).Build() @@ -887,11 +888,6 @@ func onDrop(names []string) { onlyFolders = append(onlyFolders, names[0]) inputFile = filepath.Join(filepath.Dir(names[0]), "encrypted-"+strconv.Itoa(int(time.Now().Unix()))) + ".zip" outputFile = inputFile + ".pcv" - size, err := dirSize(names[0]) - if err != nil { - panic(err) - } - requiredFreeSpace = size } else { // A file was dropped files++ requiredFreeSpace = stat.Size() @@ -2571,20 +2567,6 @@ func unpackArchive(zipPath string) error { return nil } -func dirSize(path string) (int64, error) { - var size int64 - err := filepath.Walk(path, func(_ string, info os.FileInfo, err error) error { - if err != nil { - return err - } - if !info.IsDir() { - size += info.Size() - } - return err - }) - return size, err -} - func main() { // Create the main window window = giu.NewMasterWindow("Picocrypt "+version[1:], 318, 507, giu.MasterWindowFlagsNotResizable) From 99a04de2633eceac886414282202b5a59edd5961 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Thu, 17 Apr 2025 23:46:35 -0400 Subject: [PATCH 24/35] oops remove debug print statement --- src/Picocrypt.go | 1 - 1 file changed, 1 deletion(-) diff --git a/src/Picocrypt.go b/src/Picocrypt.go index e27631f..6f28c92 100644 --- a/src/Picocrypt.go +++ b/src/Picocrypt.go @@ -803,7 +803,6 @@ func draw() { if recombine { multiplier++ } - fmt.Println(multiplier, requiredFreeSpace) giu.Style().SetColor(giu.StyleColorText, WHITE).To( giu.Label("Ready (ensure " + sizeify(requiredFreeSpace*int64(multiplier)) + " of disk space is free)"), ).Build() From 7a1d105a432603866f0d1468f2d175e65ff5b6bc Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Thu, 17 Apr 2025 23:52:22 -0400 Subject: [PATCH 25/35] also increase multiplier if auto unzip --- src/Picocrypt.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/Picocrypt.go b/src/Picocrypt.go index 6f28c92..3994195 100644 --- a/src/Picocrypt.go +++ b/src/Picocrypt.go @@ -803,6 +803,9 @@ func draw() { if recombine { multiplier++ } + if autoUnzip { + multiplier++ + } giu.Style().SetColor(giu.StyleColorText, WHITE).To( giu.Label("Ready (ensure " + sizeify(requiredFreeSpace*int64(multiplier)) + " of disk space is free)"), ).Build() From 6140e2beb6bc79b1cfc0fb33253493ff47b54ea6 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Fri, 18 Apr 2025 00:06:01 -0400 Subject: [PATCH 26/35] change tooltips for deniability and recursively to a warning Average user should never need to use these options. Better warn them against it or at least to read the README about the features to understand what they do. These two options can cause funky/unexpected/unintuitive behaviour unless the user understands what they do. --- src/Picocrypt.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/Picocrypt.go b/src/Picocrypt.go index 3994195..49addba 100644 --- a/src/Picocrypt.go +++ b/src/Picocrypt.go @@ -651,13 +651,13 @@ func draw() { giu.Row( giu.Checkbox("Deniability", &deniability), - giu.Tooltip("Add plausible deniability to the volume\nIf enabled, comments will not be usable"), + giu.Tooltip("Warning: only use this if you know what it does!"), giu.Dummy(-170, 0), giu.Style().SetDisabled(!(len(allFiles) > 1 || len(onlyFolders) > 0)).To( giu.Checkbox("Recursively", &recursively).OnChange(func() { compress = false }), - giu.Tooltip("Encrypt and decrypt recursive files individually"), + giu.Tooltip("Warning: only use this if you know what it does!"), ), ).Build() @@ -690,7 +690,7 @@ func draw() { sameLevel = false } }), - giu.Tooltip("Extract .zip upon decryption (may overwrite)"), + giu.Tooltip("Extract .zip upon decryption (may overwrite files)"), ), giu.Dummy(-170, 0), giu.Style().SetDisabled(!autoUnzip).To( @@ -807,7 +807,7 @@ func draw() { multiplier++ } giu.Style().SetColor(giu.StyleColorText, WHITE).To( - giu.Label("Ready (ensure " + sizeify(requiredFreeSpace*int64(multiplier)) + " of disk space is free)"), + giu.Label("Ready (ensure >" + sizeify(requiredFreeSpace*int64(multiplier)) + " of disk space is free)"), ).Build() } else { giu.Style().SetColor(giu.StyleColorText, WHITE).To( From df5ef8e9ee7c57d87732fa16e6f2ca735635d565 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Fri, 18 Apr 2025 02:03:10 -0400 Subject: [PATCH 27/35] add TODO to .gitignore I store some TODOs locally and don't want them in vc --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index 6f6f5e6..e06e4dc 100644 --- a/.gitignore +++ b/.gitignore @@ -20,3 +20,5 @@ # Go workspace file go.work go.work.sum + +TODO From 397ff8a9f982047e12e218a9855da265ae431c15 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Fri, 18 Apr 2025 13:42:44 -0400 Subject: [PATCH 28/35] Update Changelog.md --- Changelog.md | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/Changelog.md b/Changelog.md index 87ac649..1adf30a 100644 --- a/Changelog.md +++ b/Changelog.md @@ -1,9 +1,4 @@ -# Future - - -# v1.48 (Released 04/15/2025) +# v1.48 (Released 04/18/2025) # v1.47 (Released 02/19/2025) From a8dcc6ffbda5616d14471226bdf17b1eae7cc127 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Fri, 18 Apr 2025 13:44:16 -0400 Subject: [PATCH 29/35] Update io.github.picocrypt.Picocrypt.metainfo.xml --- .../io.github.picocrypt.Picocrypt.metainfo.xml | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/dist/flatpak/io.github.picocrypt.Picocrypt.metainfo.xml b/dist/flatpak/io.github.picocrypt.Picocrypt.metainfo.xml index b304d69..a1b3a5d 100644 --- a/dist/flatpak/io.github.picocrypt.Picocrypt.metainfo.xml +++ b/dist/flatpak/io.github.picocrypt.Picocrypt.metainfo.xml @@ -44,17 +44,20 @@ - - https://github.com/Picocrypt/Picocrypt/blob/main/Changelog.md#v146-released-01292025 + + https://github.com/Picocrypt/Picocrypt/blob/main/Changelog.md#v148-released-04182025
      -
    • Added Picocrypt version to the window title.
      • -
    • Added ability to automatically unpack zip archives during decryption.
      • +
    • Allow pressing 'Enter' key to press Start/Process button
      • +
    • Update "Encrypt" button to "Zip and Encrypt" if multiple files
      • +
    • Give user estimated required free disk space in status label
      • +
    • Encrypt previously unencrypted temporary zip files
      • +
    • Add `.incomplete` to filenames while work is in progress
      • +
    • Use `encrypted-*.zip.pcv` output name instead of `Encrypted.zip.pcv`
      • +
    • Use 0700 permissions when auto unzipping and creating folders
      • +
    • Handle many more errors in the code where they were ignored previously
         - - -     From 66693564f15bf25797b49c47071036c63bdd759e Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Fri, 18 Apr 2025 14:03:37 -0400 Subject: [PATCH 30/35] remove description from flatpak; go to gh repo for more info --- ...io.github.picocrypt.Picocrypt.metainfo.xml | 20 +------------------ 1 file changed, 1 insertion(+), 19 deletions(-) diff --git a/dist/flatpak/io.github.picocrypt.Picocrypt.metainfo.xml b/dist/flatpak/io.github.picocrypt.Picocrypt.metainfo.xml index a1b3a5d..fd76ad0 100644 --- a/dist/flatpak/io.github.picocrypt.Picocrypt.metainfo.xml +++ b/dist/flatpak/io.github.picocrypt.Picocrypt.metainfo.xml @@ -11,31 +11,13 @@ https://github.com/Picocrypt/Picocrypt https://github.com/Picocrypt/Picocrypt/issues - -

    - Picocrypt is a very small (hence Pico), very simple, yet very secure encryption tool that you can use to protect your files. It is designed to be the go-to tool for encryption, with a focus on security, simplicity, and reliability. Picocrypt uses the secure XChaCha20 cipher and the Argon2id key derivation function to provide a high level of security, even from three-letter agencies like the NSA. Your privacy and security is under attack. Take it back with confidence by protecting your files with Picocrypt. For more info, please visit the project's GitHub repository. -

    -

    A list of features:

    - +

    Visit the project's GitHub repository to learn more.

     - Utility Security - io.github.picocrypt.Picocrypt.desktop From 475e89395fff7b970249b8b71deb8a23cac549fe Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Fri, 18 Apr 2025 14:08:10 -0400 Subject: [PATCH 31/35] flatpak metainfo.xml: point to latest screenshot.png --- dist/flatpak/io.github.picocrypt.Picocrypt.metainfo.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dist/flatpak/io.github.picocrypt.Picocrypt.metainfo.xml b/dist/flatpak/io.github.picocrypt.Picocrypt.metainfo.xml index fd76ad0..05ebab2 100644 --- a/dist/flatpak/io.github.picocrypt.Picocrypt.metainfo.xml +++ b/dist/flatpak/io.github.picocrypt.Picocrypt.metainfo.xml @@ -21,7 +21,7 @@ io.github.picocrypt.Picocrypt.desktop - https://github.com/Picocrypt/Picocrypt/raw/4d4bd47efe88ff25f372db81c4249920d399226b/images/screenshot.png + https://raw.githubusercontent.com/Picocrypt/Picocrypt/refs/heads/main/images/screenshot.png Main window From 693d0c4754ea2fa5a4315ae7cb8179283cf33fd1 Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Fri, 18 Apr 2025 14:30:44 -0400 Subject: [PATCH 32/35] handle more errors --- src/Picocrypt.go | 30 ++++++++++++++++++------------ 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/src/Picocrypt.go b/src/Picocrypt.go index 49addba..4e4f1ca 100644 --- a/src/Picocrypt.go +++ b/src/Picocrypt.go @@ -48,10 +48,11 @@ import ( ) // Constants -var KiB = 1 << 10 -var MiB = 1 << 20 -var GiB = 1 << 30 -var TiB = 1 << 40 +const KiB = 1 << 10 +const MiB = 1 << 20 +const GiB = 1 << 30 +const TiB = 1 << 40 + var WHITE = color.RGBA{0xff, 0xff, 0xff, 0xff} var RED = color.RGBA{0xff, 0x00, 0x00, 0xff} var GREEN = color.RGBA{0x00, 0xff, 0x00, 0xff} @@ -141,13 +142,13 @@ var eta string var canCancel bool // Reed-Solomon encoders -var rs1, _ = infectious.NewFEC(1, 3) -var rs5, _ = infectious.NewFEC(5, 15) -var rs16, _ = infectious.NewFEC(16, 48) -var rs24, _ = infectious.NewFEC(24, 72) -var rs32, _ = infectious.NewFEC(32, 96) -var rs64, _ = infectious.NewFEC(64, 192) -var rs128, _ = infectious.NewFEC(128, 136) +var rs1, rsErr1 = infectious.NewFEC(1, 3) +var rs5, rsErr2 = infectious.NewFEC(5, 15) +var rs16, rsErr3 = infectious.NewFEC(16, 48) +var rs24, rsErr4 = infectious.NewFEC(24, 72) +var rs32, rsErr5 = infectious.NewFEC(32, 96) +var rs64, rsErr6 = infectious.NewFEC(64, 192) +var rs128, rsErr7 = infectious.NewFEC(128, 136) var fastDecode bool // Compression variables and passthrough @@ -197,7 +198,9 @@ func (ezr *encryptedZipReader) Read(data []byte) (n int, err error) { if err == nil && n > 0 { dst := make([]byte, n) ezr._cipher.XORKeyStream(dst, src[:n]) - copy(data, dst) + if copy(data, dst) != n { + panic(errors.New("built-in copy() function failed")) + } } return n, err } @@ -2570,6 +2573,9 @@ func unpackArchive(zipPath string) error { } func main() { + if rsErr1 != nil || rsErr2 != nil || rsErr3 != nil || rsErr4 != nil || rsErr5 != nil || rsErr6 != nil || rsErr7 != nil { + panic(errors.New("rs failed to init")) + } // Create the main window window = giu.NewMasterWindow("Picocrypt "+version[1:], 318, 507, giu.MasterWindowFlagsNotResizable) From e72f687ae9a44de791f4078e0015ea1626f4818b Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Fri, 18 Apr 2025 14:52:36 -0400 Subject: [PATCH 33/35] handle more errors, hide main modal title bar --- src/Picocrypt.go | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/src/Picocrypt.go b/src/Picocrypt.go index 4e4f1ca..f62ccab 100644 --- a/src/Picocrypt.go +++ b/src/Picocrypt.go @@ -205,7 +205,7 @@ func (ezr *encryptedZipReader) Read(data []byte) (n int, err error) { return n, err } -var onClickStartButton = func() { +func onClickStartButton() { // Start button should be disabled if these conditions are true; don't do anything if so if (len(keyfiles) == 0 && password == "") || (mode == "encrypt" && password != cpassword) { return @@ -214,12 +214,14 @@ var onClickStartButton = func() { if keyfile && keyfiles == nil { mainStatus = "Please select your keyfiles" mainStatusColor = RED + giu.Update() return } tmp, err := strconv.Atoi(splitSize) - if split && (splitSize == "" || tmp <= 0 || err != nil) { + if split && (splitSize == "" || err != nil || tmp <= 0) { mainStatus = "Invalid chunk size" mainStatusColor = RED + giu.Update() return } @@ -228,7 +230,10 @@ var onClickStartButton = func() { // Check if any split chunks already exist if split { - names, _ := filepath.Glob(outputFile + ".*") + names, err2 := filepath.Glob(outputFile + ".*") + if err2 != nil { + panic(err2) + } if len(names) > 0 { err = nil } else { @@ -320,7 +325,7 @@ func draw() { giu.PopupModal("Generate password:##"+strconv.Itoa(modalId)).Flags(6).Layout( giu.Row( giu.Label("Length:"), - giu.SliderInt(&passgenLength, 4, 64).Size(giu.Auto), + giu.SliderInt(&passgenLength, 12, 64).Size(giu.Auto), ), giu.Checkbox("Uppercase", &passgenUpper), giu.Checkbox("Lowercase", &passgenLower), @@ -421,7 +426,8 @@ func draw() { } if showProgress { - giu.PopupModal(" ##"+strconv.Itoa(modalId)).Flags(6).Layout( + giu.PopupModal("Progress:##"+strconv.Itoa(modalId)).Flags(6|1<<0).Layout( + giu.Dummy(0, 0), giu.Row( giu.ProgressBar(progress).Size(210, 0).Overlay(progressInfo), giu.Style().SetDisabled(!canCancel).To( @@ -438,7 +444,7 @@ func draw() { ), giu.Label(popupStatus), ).Build() - giu.OpenPopup(" ##" + strconv.Itoa(modalId)) + giu.OpenPopup("Progress:##" + strconv.Itoa(modalId)) giu.Update() } }), From 89d461ce9c09d0a0c4122fb04e158474edb6ac1a Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Fri, 18 Apr 2025 15:01:37 -0400 Subject: [PATCH 34/35] more error handling around keyfile generator --- src/Picocrypt.go | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/src/Picocrypt.go b/src/Picocrypt.go index f62ccab..c1ab376 100644 --- a/src/Picocrypt.go +++ b/src/Picocrypt.go @@ -587,22 +587,27 @@ func draw() { } return filepath.Dir(onlyFolders[0]) }()) - f.SetInitFilename("Keyfile") + f.SetInitFilename("keyfile-" + strconv.Itoa(int(time.Now().Unix())) + ".bin") file, err := f.Save() if file == "" || err != nil { return } - fout, _ := os.Create(file) - data := make([]byte, 32) - if _, err := rand.Read(data); err != nil { - panic(err) - } - _, err = fout.Write(data) - fout.Close() + fout, err := os.Create(file) if err != nil { - insufficientSpace(nil, nil) - os.Remove(file) + return + } + data := make([]byte, 32) + if n, err := rand.Read(data); err != nil || n != 32 { + panic(errors.New("fatal crypto/rand error")) + } + n, err := fout.Write(data) + if n != 32 { + fout.Close() + panic(errors.New("failed to write full keyfile")) + } + if err := fout.Close(); err != nil { + panic(err) } else { mainStatus = "Ready" mainStatusColor = WHITE From 3403cd68a8c6618ef047251363b2da9b685d84ab Mon Sep 17 00:00:00 2001 From: Evan Su <48808396+HACKERALERT@users.noreply.github.com> Date: Fri, 18 Apr 2025 15:03:26 -0400 Subject: [PATCH 35/35] show keyfile gen errors instead of crashing --- src/Picocrypt.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/Picocrypt.go b/src/Picocrypt.go index c1ab376..a4caeef 100644 --- a/src/Picocrypt.go +++ b/src/Picocrypt.go @@ -595,6 +595,9 @@ func draw() { fout, err := os.Create(file) if err != nil { + mainStatus = "Failed to create keyfile" + mainStatusColor = RED + giu.Update() return } data := make([]byte, 32) @@ -611,6 +614,8 @@ func draw() { } else { mainStatus = "Ready" mainStatusColor = WHITE + giu.Update() + return } }), giu.Tooltip("Generate a cryptographically secure keyfile"),