Version v0.3.44 - -m Disable pad integrity check during decryption for performance - trust filename checksum

2025-12-27 11:59:37 -05:00
parent 3bef639cc3
commit 6f3976bc07
3 changed files with 12 additions and 34 deletions
--- a/README.md
+++ b/README.md
@@ -58,14 +58,14 @@ One-time pads can be trivially encrypted and decrypted using pencil and paper, m

 ### Download Pre-Built Binaries

-**[Download Current Linux x86](https://git.laantungir.net/laantungir/otp/releases/download/v0.3.42/otp-v0.3.42-linux-x86_64)**
+**[Download Current Linux x86](https://git.laantungir.net/laantungir/otp/releases/download/v0.3.43/otp-v0.3.43-linux-x86_64)**

-**[Download Current Raspberry Pi 64](https://git.laantungir.net/laantungir/otp/releases/download/v0.3.42/otp-v0.3.42-linux-arm64)**
+**[Download Current Raspberry Pi 64](https://git.laantungir.net/laantungir/otp/releases/download/v0.3.43/otp-v0.3.43-linux-arm64)**

 After downloading:
 ```bash
 # Rename for convenience, then make executable
-mv otp-v0.3.42-linux-x86_64 otp
+mv otp-v0.3.43-linux-x86_64 otp
 chmod +x otp

 # Run it
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -587,36 +587,14 @@ int universal_decrypt(const char* input_data, const char* output_target, decrypt
        return 1;
    }

-    // Validate pad integrity
-    int integrity_result = validate_pad_integrity(pad_path, stored_chksum);
-    if (integrity_result == 3) {
-        if (mode == DECRYPT_MODE_SILENT) {
-            fprintf(stderr, "Error: Pad integrity check failed!\n");
-            return 1;
-        } else if (mode == DECRYPT_MODE_INTERACTIVE) {
-            printf("Warning: Pad integrity check failed!\n");
-            printf("Expected: %s\n", stored_chksum);
-            printf("Continue anyway? (y/N): ");
-            fflush(stdout);
+    // Pad integrity validation disabled for performance
+    // The checksum is already verified by matching the filename
+    // If you need to verify pad integrity, the pad file would need to be read entirely
+    // which is very slow for large pads (multi-GB files)
    
-            char response[10];
-            if (fgets(response, sizeof(response), stdin) == NULL ||
-                (response[0] != 'y' && response[0] != 'Y')) {
-                printf("Decryption aborted.\n");
-                return 1;
-            }
-        }
-    } else if (integrity_result != 0) {
-        if (mode == DECRYPT_MODE_SILENT) {
-            fprintf(stderr, "Error: Cannot verify pad integrity\n");
-        } else {
-            printf("Error: Cannot verify pad integrity\n");
-        }
-        return 1;
-    } else {
-        if (mode == DECRYPT_MODE_INTERACTIVE || mode == DECRYPT_MODE_FILE_TO_TEXT) {
-            printf("Pad integrity: VERIFIED\n");
-        }
+    // Skip integrity check - trust the filename checksum
+    if (mode == DECRYPT_MODE_INTERACTIVE || mode == DECRYPT_MODE_FILE_TO_TEXT) {
+        printf("Using pad: %s\n", stored_chksum);
    }

    // Decode base64 ciphertext
--- a/src/main.h
+++ b/src/main.h
@@ -23,7 +23,7 @@
 #include <ctype.h>

 // Version - Updated automatically by build.sh
-#define OTP_VERSION "v0.3.42"
+#define OTP_VERSION "v0.3.43"

 // Constants
 #define MAX_INPUT_SIZE 4096