OpenSSL: Building a Basic Secret Crypt

Kharon (Χάρων)

Creating A Basic Passcode Crypt

Caveats: 
1. The caveats are relatable to cipher and hashes as the basic primitives are used. 
2. This also does not address for HA (High Availability) nor DR (Disaster Recovery)
3. This also does not address system vulnerability. Ensure the system you run on is not bugged or has bugs.
4. The delete mechanism is non-FIPS, e.g. it is likely just removing the pointer without zeroising the memory. Hence, memory residues of the passcode data may not be safely cleared.

Under [utility_passcodes], we can use the Kharon utility to store passcodes:

e.g. output: dcd6a4f94134ae28119f32dbb048aacaafa2a0f4b52457b439501a9f102b6031

If the file exists:

Enter passcode(s) to be store:

We should be able to see the passcode, and a hashfile (*.sha256) is generated. The file is also timestamped.

There is also an option to update the passcode in the crypt. When choosing to update the passcode profile: