* defaults to unauthenticated encryption
* buries its one authenticated mode
* requires explicit command-line nonces
* defaults to an MD5 KDF
You could probably keep going for another 10 bullets. Never use the OpenSSL CLI for anything other than TLS stuff.
Sure, we can build a 25519-specific tool with a less footgun-y interface. Fine, whatever, for that one use case.
Or we can build an alternative OpenSSL CLI that explodes OpenSSL and its numerous useful features in a general way and helps fix lots of use cases.
You can also use age[1] to encrypt payloads targeting ssh public keys. And decrypt using ssh private keys.
hmm
> It is a weird and footgun-shaped middle ground.
Oh? HMMMMM :|
Is the project trying to compete with GPG for worst interface ? Magic numbers BAD, especially in something that will mostly be used in scripts
alexjurkiewicz•1d ago
My favourite part of these tools is the zany use of numbered file descriptors. `keypair` outputs the public key on fd 5 and secret key on fd 9. But signing reads the secret key on fd 8, while verification reads the public key on fd 4! Why aren't they the same?? I have to read the manpage every time.
Retr0id•1d ago
I'd have otherwise guessed that this tool mainly exists just to test lib25519. Personally I'd only ever want a library, or some higher-level tool. A CLI tool that just does raw signing feels like a weird (and footgun-shaped) middle ground.
XorNot•1d ago
adastra22•23h ago
XorNot•22h ago
C4K3•21h ago
tptacek•1d ago
Fnoord•1d ago
FTA:
> These tools allow lib25519 to be easily used from shell scripts.
I've never used ed25519-cli, but not having to use a library is nice for someone who isn't a programmer.
tptacek•1d ago
alexjurkiewicz•23h ago
kfreds•22h ago
Retr0id•16h ago
PunchyHamster•19h ago
Retr0id•15h ago
loeg•1d ago
jedahan•1d ago
yellowapple•21h ago
gnull•21h ago
chuckadams•1d ago
tptacek•1d ago
https://www.openbsd.org/papers/bsdcan-signify.html
gnull•21h ago
Makes your commands unreadable without a manual, leaves a lot of room for errors that are quietly ignored. And forces you into using a shell that comes with its own set of gotchas, bash is not known to be a particularly good tool for security.
And to those who stay this adds flexibility: it doesn't. Those file descriptors are available under/dev/fd on linux, with named options you can do --pk /dev/fd/5. Or make a named pipe.
PunchyHamster•19h ago
it being default is insanity
minitech•19h ago
If you have a procfs mounted at /proc and the open syscall to use on it, sure (and even then, it’s wasteful and adds unnecessary failure paths). Even argument parsing is yet more code to audit.
I think the design is pretty good as-is.
pseudohadamard•20h ago
alfiedotwtf•19h ago
PunchyHamster•19h ago