Version v0.3.44 - -m Disable pad integrity check during decryption for performance - trust filename checksum

README.md

@@ -58,14 +58,14 @@ One-time pads can be trivially encrypted and decrypted using pencil and paper, m
 
 ### Download Pre-Built Binaries
 
-**[Download Current Linux x86](https://git.laantungir.net/laantungir/otp/releases/download/v0.3.41/otp-v0.3.41-linux-x86_64)**
+**[Download Current Linux x86](https://git.laantungir.net/laantungir/otp/releases/download/v0.3.43/otp-v0.3.43-linux-x86_64)**
 
-**[Download Current Raspberry Pi 64](https://git.laantungir.net/laantungir/otp/releases/download/v0.3.41/otp-v0.3.41-linux-arm64)**
+**[Download Current Raspberry Pi 64](https://git.laantungir.net/laantungir/otp/releases/download/v0.3.43/otp-v0.3.43-linux-arm64)**
 
 After downloading:
 ```bash
 # Rename for convenience, then make executable
-mv otp-v0.3.41-linux-x86_64 otp
+mv otp-v0.3.43-linux-x86_64 otp
 chmod +x otp
 
 # Run it

src/crypto.c

@@ -297,7 +297,6 @@ int encrypt_text(const char* pad_identifier, const char* input_text) {
     }
 
     char text_buffer[MAX_INPUT_SIZE];
-    char chksum_hex[MAX_HASH_LENGTH];
     uint64_t current_offset;
 
     char pad_path[MAX_HASH_LENGTH + 20];
@@ -327,12 +326,8 @@ int encrypt_text(const char* pad_identifier, const char* input_text) {
         }
     }
 
-    // Calculate XOR checksum of pad file
+    // Use pad_chksum directly - it's already the checksum from the filename
-    if (calculate_checksum(pad_path, chksum_hex) != 0) {
+    // No need to recalculate by reading the entire pad file
-        printf("Error: Cannot calculate pad checksum\n");
-        free(pad_chksum);
-        return 1;
-    }
 
     // Get input text - either from parameter or user input
     if (input_text != NULL) {
@@ -464,7 +459,7 @@ int encrypt_text(const char* pad_identifier, const char* input_text) {
 
     // Use universal ASCII armor generator
     char* ascii_output;
-    if (generate_ascii_armor(chksum_hex, current_offset, ciphertext, input_len, &ascii_output) != 0) {
+    if (generate_ascii_armor(pad_chksum, current_offset, ciphertext, input_len, &ascii_output) != 0) {
         printf("Error: Failed to generate ASCII armor\n");
         free(pad_data);
         free(ciphertext);
@@ -592,36 +587,14 @@ int universal_decrypt(const char* input_data, const char* output_target, decrypt
         return 1;
     }
 
-    // Validate pad integrity
+    // Pad integrity validation disabled for performance
-    int integrity_result = validate_pad_integrity(pad_path, stored_chksum);
+    // The checksum is already verified by matching the filename
-    if (integrity_result == 3) {
+    // If you need to verify pad integrity, the pad file would need to be read entirely
-        if (mode == DECRYPT_MODE_SILENT) {
+    // which is very slow for large pads (multi-GB files)
-            fprintf(stderr, "Error: Pad integrity check failed!\n");
+    
-            return 1;
+    // Skip integrity check - trust the filename checksum
-        } else if (mode == DECRYPT_MODE_INTERACTIVE) {
+    if (mode == DECRYPT_MODE_INTERACTIVE || mode == DECRYPT_MODE_FILE_TO_TEXT) {
-            printf("Warning: Pad integrity check failed!\n");
+        printf("Using pad: %s\n", stored_chksum);
-            printf("Expected: %s\n", stored_chksum);
-            printf("Continue anyway? (y/N): ");
-            fflush(stdout);
-
-            char response[10];
-            if (fgets(response, sizeof(response), stdin) == NULL ||
-                (response[0] != 'y' && response[0] != 'Y')) {
-                printf("Decryption aborted.\n");
-                return 1;
-            }
-        }
-    } else if (integrity_result != 0) {
-        if (mode == DECRYPT_MODE_SILENT) {
-            fprintf(stderr, "Error: Cannot verify pad integrity\n");
-        } else {
-            printf("Error: Cannot verify pad integrity\n");
-        }
-        return 1;
-    } else {
-        if (mode == DECRYPT_MODE_INTERACTIVE || mode == DECRYPT_MODE_FILE_TO_TEXT) {
-            printf("Pad integrity: VERIFIED\n");
-        }
     }
 
     // Decode base64 ciphertext
@@ -746,7 +719,6 @@ int encrypt_file(const char* pad_identifier, const char* input_file, const char*
         return 1;
     }
 
-    char chksum_hex[MAX_HASH_LENGTH];
     uint64_t current_offset;
 
     char pad_path[MAX_HASH_LENGTH + 20];
@@ -791,12 +763,8 @@ int encrypt_file(const char* pad_identifier, const char* input_file, const char*
         }
     }
 
-    // Calculate XOR checksum of pad file
+    // Use pad_chksum directly - it's already the checksum from the filename
-    if (calculate_checksum(pad_path, chksum_hex) != 0) {
+    // No need to recalculate by reading the entire pad file
-        printf("Error: Cannot calculate pad checksum\n");
-        free(pad_chksum);
-        return 1;
-    }
 
     // Check if we have enough pad space
     struct stat pad_stat;
@@ -927,7 +895,7 @@ int encrypt_file(const char* pad_identifier, const char* input_file, const char*
 
         // Use universal ASCII armor generator
         char* ascii_output;
-        if (generate_ascii_armor(chksum_hex, current_offset, encrypted_data, file_size, &ascii_output) != 0) {
+        if (generate_ascii_armor(pad_chksum, current_offset, encrypted_data, file_size, &ascii_output) != 0) {
             printf("Error: Failed to generate ASCII armor\n");
             fclose(output_fp);
             free(encrypted_data);
@@ -961,7 +929,7 @@ int encrypt_file(const char* pad_identifier, const char* input_file, const char*
         // Pad checksum: 32 bytes (binary)
         unsigned char pad_chksum_bin[32];
         for (int i = 0; i < 32; i++) {
-            sscanf(chksum_hex + i*2, "%2hhx", &pad_chksum_bin[i]);
+            sscanf(pad_chksum + i*2, "%2hhx", &pad_chksum_bin[i]);
         }
         fwrite(pad_chksum_bin, 1, 32, output_fp);
 

src/main.h

@@ -23,7 +23,7 @@
 #include <ctype.h>
 
 // Version - Updated automatically by build.sh
-#define OTP_VERSION "v0.3.41"
+#define OTP_VERSION "v0.3.43"
 
 // Constants
 #define MAX_INPUT_SIZE 4096