cpdu
Security
Description:

Cryptographic Data Utility
Cryptographic Package Distribution Utility
is a secure command line file encryption tool that allows for archiving encrypted files
with secure memory allocation, zlib and bzip compression

it currently supports the following ciphers
aes/rijndael: 256 bit key, 128 block
twofish: 256 bit key, 128 block
blowfish: 448 bit key, 64 block
cast: 128 bit key, 64 block
serpent: 256 bit key, 128 block
tripledes: 168 bit key, 64 block

aes is default cipher

it has more room for improvement and in the future will allow transferring encrypted files over the internet using a server and client implementation, the tar file has bcp(brutal copy) along with it so you can use that for now to transfer encrypted files however no public key implementation has been added so there must be an high level key transfer method.

notice: logging disabled in this version due to an undefined bug.
Last changelog:

8 years ago

0.3.1b:
added aes/rijndael cipher
bugfixes
0.3.2b:
minor feature enhancements
important bugfixes
0.3.32b-bf#1:
important bugfixes
added new ciphers
bf#1:another important bugfix
0.3.4b:
important bugfixes
added recovery directory/database:
all files specified for encryption are stored in a recovery database as plaintext for now, the permissions on the recover directory are set to 0(zero) and recoverydb files will not be able to modified or read unless permissions are changed by the user explicitely
added security mode: for encryption,
the '--secure, -f' flag specifies to not store encrypted plaintext files in the recovery database for the session
0.3.4b-bf#1:
important bugfix
0.3.5b:
important bugfixes
added new option ' --masterkey, -m':
all encryption keys are written in a master key list in the '~/.cpdu/.keystore' directory. any encryption key used can be used as a session key in a decryption session simply by using the ' --masterkey, -m' flag. the program searches for the appropriate key based on hash data in the encrypted file.
it is not encrypted internally but to make it a point, it is "exportable" so you can save it when you leave for a while to an external media/disk to keep files safe. this way you will never lose your encryption keys as well as making the program much more useful.

an example is when we encrypt the file 'hackermeeting.mpg' with:
cpdu -ep hackermeeting.mpg -f
afterwards we can use the -m flag to decrypt with the proper key without having to type it in:
cpdu -dmp hackermeeting.mpg
then you can cut/move the key list to an external media for security.

remember to read the README-0.3.5b in the source directory

0.3.5b-bf#1:
important bugfix

0.3.6b:
very important decryption bugfix
added generate random keyfile
added use file/keyfile for session key
bugfix

0.3.7b:
header information is now encrypted so margin of security for cpdu is now high level in tandem with compression primitive
base64 is disabled until bug is fixed

0.3.8b:
bzip compression added
bzip works but sometimes there is zero byte truncation of files so i added a simple loop into the decompression routine again. is there randomization in bzip ? probably not...

bf-1: serious bugfix sorry but i didnt know about somthing that could hurt alot of encrypted files, its actually not that bad if you have encrypted files without the compression flag and you get the error truncation detected just do the following:
add // in front of line 665,
if ( vencrypt[0] > 0 ) decompress = 1; else decompress = 0;
and make it
// if ( vencrypt[0] > 0 ) decompress = 1; else decompress = 0;

then decrypt the files and then change the line back to,
if ( vencrypt[0] > 0 ) decompress = 1; else decompress = 0;

bf-2: improved encryption/decryption routine to handle crypt blocks correctly

bf-3: improved progress info code

0.3.81b:
permission bugfix
progress update fix
client/server code in progress...

0.3.82b:
added create volatile key...
this option enables making low length/entropy keys to full keyspace keys with secure random (volatile) key data and commits the new volatile key to the key database... this is dangerous if you accidentally missplace the keydb or delete it but accordingly makes all low entropy keys full entropy and allows them not to be lost...
this is good key security/management practice and makes the program much more secure

client/server code in progress... need coder help if anyone wants to help me with it....

0.3.83b-cygwin:
latest version for cygwin and hopefully linux due to not being able to utilize a linux machine. ive been using windows for a while becuase my computer had gotten stolen. archiveing updates have been made like an auto naming feature for naming archives with the first specified file specified on the command line or the directory specified to be archived if a directory is specified. also there is a -A archive feature to manually specify an archive name and if an extension is not specified the ext. '.cpdu.ar' will be used. so -a is for autonaming archives with first file entry name and -A is for direct specification of an archive name. also i added a wipearchdir, -W flag for wiping encrypted archive directories after archive creation. the entries are secure wiped....
progress updates have been made also as well as program status updates iterating program status while running

0.3.84b:
added functional log capability and edited progress update to make it to a state in compliance

0.3.85b: added file transfer capabilities without public key encryption support and its functionality. you can send encrypted files over the net using a client server notation but considering the point to have said, you need to transfer keys with a contrived escrow method for now. logging is not included with this version.
bugfixes
progress update fixes

renci

8 years ago

it is imperative that you email me if you have any problems requests or personal interests with the program. i would love to recieve your email.
it will not take long for this program to achieve its full capability. please join in developing and email me your changes so that i can upload them.
richardenciu@gmail.com
thanks very much for downloading and be careful as to not lose your encryption keys.

Report

8 years ago

0.3.1b:
added aes/rijndael cipher
bugfixes
0.3.2b:
minor feature enhancements
important bugfixes
0.3.32b-bf#1:
important bugfixes
added new ciphers
bf#1:another important bugfix
0.3.4b:
important bugfixes
added recovery directory/database:
all files specified for encryption are stored in a recovery database as plaintext for now, the permissions on the recover directory are set to 0(zero) and recoverydb files will not be able to modified or read unless permissions are changed by the user explicitely
added security mode: for encryption,
the '--secure, -f' flag specifies to not store encrypted plaintext files in the recovery database for the session
0.3.4b-bf#1:
important bugfix
0.3.5b:
important bugfixes
added new option ' --masterkey, -m':
all encryption keys are written in a master key list in the '~/.cpdu/.keystore' directory. any encryption key used can be used as a session key in a decryption session simply by using the ' --masterkey, -m' flag. the program searches for the appropriate key based on hash data in the encrypted file.
it is not encrypted internally but to make it a point, it is "exportable" so you can save it when you leave for a while to an external media/disk to keep files safe. this way you will never lose your encryption keys as well as making the program much more useful.

an example is when we encrypt the file 'hackermeeting.mpg' with:
cpdu -ep hackermeeting.mpg -f
afterwards we can use the -m flag to decrypt with the proper key without having to type it in:
cpdu -dmp hackermeeting.mpg
then you can cut/move the key list to an external media for security.

remember to read the README-0.3.5b in the source directory

0.3.5b-bf#1:
important bugfix

0.3.6b:
very important decryption bugfix
added generate random keyfile
added use file/keyfile for session key
bugfix

0.3.7b:
header information is now encrypted so margin of security for cpdu is now high level in tandem with compression primitive
base64 is disabled until bug is fixed

0.3.8b:
bzip compression added
bzip works but sometimes there is zero byte truncation of files so i added a simple loop into the decompression routine again. is there randomization in bzip ? probably not...

bf-1: serious bugfix sorry but i didnt know about somthing that could hurt alot of encrypted files, its actually not that bad if you have encrypted files without the compression flag and you get the error truncation detected just do the following:
add // in front of line 665,
if ( vencrypt[0] > 0 ) decompress = 1; else decompress = 0;
and make it
// if ( vencrypt[0] > 0 ) decompress = 1; else decompress = 0;

then decrypt the files and then change the line back to,
if ( vencrypt[0] > 0 ) decompress = 1; else decompress = 0;

bf-2: improved encryption/decryption routine to handle crypt blocks correctly

bf-3: improved progress info code

0.3.81b:
permission bugfix
progress update fix
client/server code in progress...

0.3.82b:
added create volatile key...
this option enables making low length/entropy keys to full keyspace keys with secure random (volatile) key data and commits the new volatile key to the key database... this is dangerous if you accidentally missplace the keydb or delete it but accordingly makes all low entropy keys full entropy and allows them not to be lost...
this is good key security/management practice and makes the program much more secure

client/server code in progress... need coder help if anyone wants to help me with it....

0.3.83b-cygwin:
latest version for cygwin and hopefully linux due to not being able to utilize a linux machine. ive been using windows for a while becuase my computer had gotten stolen. archiveing updates have been made like an auto naming feature for naming archives with the first specified file specified on the command line or the directory specified to be archived if a directory is specified. also there is a -A archive feature to manually specify an archive name and if an extension is not specified the ext. '.cpdu.ar' will be used. so -a is for autonaming archives with first file entry name and -A is for direct specification of an archive name. also i added a wipearchdir, -W flag for wiping encrypted archive directories after archive creation. the entries are secure wiped....
progress updates have been made also as well as program status updates iterating program status while running

0.3.84b:
added functional log capability and edited progress update to make it to a state in compliance

0.3.85b: added file transfer capabilities without public key encryption support and its functionality. you can send encrypted files over the net using a client server notation but considering the point to have said, you need to transfer keys with a contrived escrow method for now. logging is not included with this version.
bugfixes
progress update fixes

File (click to download) Version Description Filetype Packagetype License Downloads Date Filesize OCS-Install
Score 57%
57.00 Likes
43 Dislikes
Details
version
0.3.89b-linux-unix
updated May 10 2017
added Oct 28 2008
downloads
page views 592