feat: v1.9.20, simple-encrypt/simple-decrypt support iterations

2026-01-01 21:16:10 +08:00
parent 1f4db9d1b0
commit 0604745f82
5 changed files with 13 additions and 8 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -2077,7 +2077,7 @@ dependencies = [

 [[package]]
 name = "tiny-encrypt"
-version = "1.9.19"
+version = "1.9.20"
 dependencies = [
 "aes-gcm-stream",
 "base64 0.22.1",
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "tiny-encrypt"
-version = "1.9.19"
+version = "1.9.20"
 edition = "2021"
 license = "MIT"
 description = "A simple and tiny file encrypt tool"
--- a/src/cmd_simple_encrypt_decrypt.rs
+++ b/src/cmd_simple_encrypt_decrypt.rs
@@ -50,6 +50,10 @@ pub struct CmdSimpleEncrypt {
    #[arg(long, short = 'P')]
    pub with_pbkdf_encryption: bool,

+    /// PBKDF iterations (default: 10000)
+    #[arg(long, short = 'i')]
+    pub pbkdf_iterations: Option<u32>,
+
    /// PBKDF encryption password
    #[arg(long, short = 'A')]
    pub password: Option<String>,
@@ -245,7 +249,8 @@ pub fn inner_simple_encrypt(cmd_simple_encrypt: CmdSimpleEncrypt) -> XResult<()>
    let mut outputs_password = None;
    if with_pbkdf_encryption {
        let password = util::read_password(&cmd_simple_encrypt.password)?;
-        simple_encrypt_result = SimplePbkdfEncryptionV1::encrypt(&password, simple_encrypt_result.as_bytes())?.to_string();
+        simple_encrypt_result = SimplePbkdfEncryptionV1::encrypt(&password, simple_encrypt_result.as_bytes(),
+                                                                 &cmd_simple_encrypt.pbkdf_iterations)?.to_string();
        if cmd_simple_encrypt.outputs_password {
            outputs_password = Some(password);
        }
--- a/src/main.rs
+++ b/src/main.rs
@@ -32,11 +32,11 @@ enum Commands {
    #[command(arg_required_else_help = true, short_flag = 'e')]
    Encrypt(CmdEncrypt),
    /// Simple encrypt message
-    #[command(arg_required_else_help = true)]
+    #[command(arg_required_else_help = true, short_flag = 'E')]
    SimpleEncrypt(CmdSimpleEncrypt),
    #[cfg(feature = "decrypt")]
    /// Simple decrypt message
-    #[command(arg_required_else_help = true)]
+    #[command(arg_required_else_help = true, short_flag = 'D')]
    SimpleDecrypt(CmdSimpleDecrypt),
    #[cfg(feature = "decrypt")]
    /// Decrypt file(s)
--- a/src/util_simple_pbe.rs
+++ b/src/util_simple_pbe.rs
@@ -24,10 +24,10 @@ impl SimplePbkdfEncryptionV1 {
        enc.starts_with(&format!("{SIMPLE_PBKDF_ENCRYPTION_PREFIX}."))
    }

-    pub fn encrypt(password: &str, plaintext: &[u8]) -> XResult<SimplePbkdfEncryptionV1> {
+    pub fn encrypt(password: &str, plaintext: &[u8], iterations: &Option<u32>) -> XResult<SimplePbkdfEncryptionV1> {
        let salt: [u8; 12] = random();
        let repetition = 1000;
-        let iterations = 10000;
+        let iterations = iterations.unwrap_or(10000);
        let key = simple_pbkdf(password.as_bytes(), &salt, repetition, iterations);

        let key_bytes: [u8; 32] = opt_result!(key.try_into(), "Bad AES 256 key: {:?}");
@@ -166,7 +166,7 @@ fn simple_pbkdf(password: &[u8], salt: &[u8], repetition: u32, iterations: u32)

 #[test]
 fn test() {
-    let enc = SimplePbkdfEncryptionV1::encrypt("helloworld", "test".as_bytes()).unwrap();
+    let enc = SimplePbkdfEncryptionV1::encrypt("helloworld", "test".as_bytes(), &None).unwrap();
    let enc_str = enc.to_string();
    let enc2: SimplePbkdfEncryptionV1 = enc_str.try_into().unwrap();
    assert_eq!(enc.to_string(), enc2.to_string());