mupuf.org // we are octopimupuf.org

PPassKeeper 1.0b2 Is Out!

Posted by Martin Roukala, né Peres on , In categories ppasskeeper, security .

After one year and more than 300 commits, PPassKeeper 1.0 beta 2 has finally been released !

What is PPassKeeper ?

PPasskeeper is my main personal project. It is a library that intends to create a portable way of storing sensitive information, such as passwords or private keys, into a safe place. In order to be portable and flexible, the library allows third-party developers to improve it by creating more plugins that can be free (as in freedom) or proprietary.

The goals of this project is to :

  • Provide a common interface for desktops and operating systems to access secure password storages
  • Be modular
  • Allow third-party developers to easily create new modules
  • Be backwards compatible

This project is developed under the LGPL v2.0 or later license.

What has changed since the beta 1 ?

Well, a lot of things have changed.

First, the API is now thread-safe, this means you can use PPassKeeper with multiple threads in your program without any risks of data corruption. To do so, we changed the API and created entry types and data types.

The autotools build system has been replaced by CMake. This change has been a great move as the maintenance has been greatly simplified. Also, CMake is usable under windows and can be used with other compilers than GCC.
Another interest of using CMake is CPack. CPack is a package generator that allows us to generate deb and rpm packages. We can also use it for generating Windows and Mac OS X packages but we didn’t add this feature yet.

To lessen the risks of major regressions, we created unit tests that stresses the modules. It also allows plugin developers to try out their modules, so, it also behaves as a conformance test.

Support for binary blobs are also new to this beta. Binary Blobs are usually files you want to store as is, without any modifications. It can be used to store private keys or anything else you’d like to (make sure the module supports it).

As it was requested by a someone on LinuxFR, we decided to allow users to lock the library with a mandatory password. If you want to use this feature, please follow this advice.

Some plugins need additional parameters to operate. For instance, some modules need to access a server but need the parameters to do so. We decided to centralise all the module’s parameters in a same place. There are two backends :

This will allow to dump all the passwords and parameters from all the modules to a single file to support import/export and to copy this seamlessly to any other computer.

What’s next ?

What is to be expected for the beta 3 is better support of Apple’s Keychain and Microsoft Windows’s Vault.

You can also expect an improved version of module’s parameters with a really fine-grained parameters type.

There will also be a network module that will allow to share passwords between computers. This module has to be really secure and will need a lot of work as it will need to support concurrency, merging, etc… This idea appeared on LinuxFR.

There will also have a translation of ppasskeeper-qt in French and maybe German and Spanish.

You can follow the our beta 3 roadmap and propose new feature by submitting a New Ticket.

How can I try this out ?

There are some packages made for you. You also can compile it from source (stable or SVN)

Are you using Linux, Mac OS X or Windows XP or later ?

Comments