bjk's blog

April 22, 2015

Pwmd version 3.0.15 released

Filed under: projects, pwmd, security — bjk @ 6:39 pm

This version fixes a couple important security issues. Please change your passphrase for all non-gpg-agent data files. Note that after doing this the data file will not be compatible with previous versions of pwmd.

Download it here.

April 18, 2015

Pwmd and cipher iterations

Filed under: projects, pwmd — bjk @ 7:56 pm

I’m going to change how pwmd 3.0.x handles the “SAVE --cipher-iterations” command. Rather than make the parameter a count of the number of times to encrypt the XML data, it will be more like OpenPGP and to use it as the number of times to re-hash the passphrase that is used to encrypt the XML data.

Since the XML data is always encrypted using a 256-bit cipher key derived from the hash function, no matter the cipher, then it makes sense to spend time hashing the passphrase rather than encrypting the XML data.

The way it is now in pwmd 3.0.x is that an attacker could brute force the passphrase by taking the salt which is stored in the data file header and rehash a dictionary word the default number of times (1000 as it is) then test the hash against the generated hash at attack runtime. An attack like this is unlikely as far as I understand, but this attack may be much quicker than brute forcing the (hashed) 256-bit cipher key used to encrypt the XML even when there are no XML cipher iterations.

April 6, 2015

Pwmd OpenPGP status update

Filed under: projects, pwmd — bjk @ 9:48 pm

OpenPGP support in pwmd is working but there are a few things to do before making a release. For details please see this pwmd-devel post.

April 5, 2015

QPwmc version 0.3.2 released

Filed under: projects, qpwmc — bjk @ 10:38 am

This version requires Pwmd 3.0.14 do to ACL changes and LIST command updates. It also contains a couple DnD validation fixes.

Note that the git repository has changed to

Download it here.

Pwmd version 3.0.14 released

Filed under: projects, pwmd — bjk @ 10:34 am

This version contains additional ACL features and fixes, requires GnuTLS >= 3.0.0 when –enable-gnutls is passed to configure, fixes a couple LIST command bugs and fixes bulding for Android. Read the NEWS for details.

Download it here.

March 12, 2015

Update git repository from gitorious to gitlab

Filed under: projects — bjk @ 6:10 pm

Since Gitorious has been bought by GitLab the project repository links needed to be updated. Projects hosted by will remain there for hopefully a long time. Thanks to all for their repository hosting services!

January 18, 2015

CBoard version 0.7.3 released

Filed under: cboard, projects — bjk @ 12:48 pm

This version fixes a few bugs found by Coverity.

Download it here.

Userinfo version 2.5 released

Filed under: projects, userinfo — bjk @ 12:47 pm

This version fixes a few bugs found by Coverity.

Download it here.

January 17, 2015

QPmwc version 0.3.1 released

Filed under: projects, qpwmc — bjk @ 8:26 pm

This version adds a Clients tab to the program Options to show connected clients and the ability to terminate them and adds the -d command line option to write the socket, data file and selected element path the to the specified file descriptor. It also contains a few bug fixes.

Download it here.

Libpwmd version 7.2.1 released

Filed under: libpwmd, projects — bjk @ 8:22 pm

This version fixes pwmc --output-fd, adds the --status-ignore command line option, changes the default TLS priority string to deal with newer GnuTLS versions and changes the libtool versioning scheme. The libtool change may be a pain but it is nessicary. Sorry for any hassle.

Download it here.

Older Posts »

The Silver is the New Black Theme. Create a free website or blog at


Get every new post delivered to your Inbox.