Stable

- Updated README
- New nuget package

README.md

@@ -1,24 +1,28 @@
 # StreamCryptor [![Build status](https://img.shields.io/appveyor/ci/bitbeans/StreamCryptor.svg?style=flat-square)](https://ci.appveyor.com/project/bitbeans/streamcryptor) [![Build Status](https://img.shields.io/travis/bitbeans/StreamCryptor.svg?style=flat-square)](https://travis-ci.org/bitbeans/StreamCryptor) [![NuGet Version](https://img.shields.io/nuget/v/StreamCryptor.svg?style=flat-square)](https://www.nuget.org/packages/StreamCryptor/) [![License](http://img.shields.io/badge/license-MIT-green.svg?style=flat-square)](https://github.com/bitbeans/StreamCryptor/blob/master/LICENSE)
 You can use StreamCryptor to encrypt and decrypt files without size limit and the need to load every file completely into memory.
-StreamCryptor uses `FileStream` to read and write files in chunks, there is also an asynchronous implementations for progress reporting available: [example](../master/examples/DemoAsync.md). 
+StreamCryptor uses `FileStream` to read and write files in chunks, there is also an asynchronous implementations for progress reporting available: [example](../master/examples/DemoAsync.md). For more working examples check out the tests in this repository.
 
-Every file contains a `EncryptedFileHeader` some `EncryptedFileChunks` and an `EncryptedFileFooter`.
 Files are encrypted into [SCCEF](https://github.com/bitbeans/StreamCryptor#sccef-file-format) (StreamCryptor Chunked Encrypted File) format.
+Every file contains an `EncryptedFileHeader` some `EncryptedFileChunks` and an `EncryptedFileFooter` to prevent file manipulation.
 
 The file serialization is realised with Google`s protobuf, it has a small overhead and offers an automatic length prefix for all file parts.
 All cryptographic operations are performed via [libsodium-net](https://github.com/adamcaudill/libsodium-net) and thus [libsodium](https://github.com/jedisct1/libsodium)), see [Algorithm details](https://github.com/bitbeans/StreamCryptor#algorithm-details).
 
 To protect the senders PublicKey from beeing tracked, you should use an ephemeral key pair for every file. If you do this it isn't possible to authenticate who encrypted the file!
 
-## Status
+## Code Status
 
-> Project is currently under development!
+
+StreamCryptor was subjected to a source code audit carried out by  [Cure53](https://cure53.de).
+
+Final report (PDF): [Audit-Report StreamCryptor 04.2015](https://cure53.de/pentest-report_streamcryptor.pdf)
 
 
 ## Installation
 
 There is a [NuGet package](https://www.nuget.org/packages/StreamCryptor/) available.
 
+
 ## This project uses the following libraries
 
   * [libsodium-net] - A secure cryptographic library
@@ -32,32 +36,26 @@ There is a [NuGet package](https://www.nuget.org/packages/StreamCryptor/) availa
 
 This library targets **.NET 4.5**.
 
-## SCCEF file format
+## SCCEF file format version 2
 
 ### EncryptedFileHeader
-- `Version` - Used to indicate the message format. Current version is 1.
+- `Version` - Used to indicate the message format. Current version is **2**.
 - `BaseNonce` - The 16 bytes, randomly generated nonce used to generate the chunk nonces.
 - `EphemeralNonce` - The 24 byte nonce for the ephemeral secret key.
-- `Key` - The encrypted 32 byte ephemeral secret key to encrypt and decrypt the chunks.
+- `Key` - The encrypted 64 byte ephemeral secret key. The first 32 bytes of the key are used to handle the encryption and decryption of the chunks. The last 32 bytes are to hash the checksums with blake2b and protect these hashes with a key.
 - `HeaderChecksum` - The header checksum to validate the header and prevent file manipulation.
 - `Filename` - The encrypted original filename, padded to 256 bytes.
 - `FilenameNonce` -  The 24 byte nonce to encrypt the filename.
 - `SenderPublicKey` - The 32 byte public key of the sender to guarantee the recipient can decrypt the file.
 - `UnencryptedFileLength` - The file length of the unencrypted file.
 
 ### EncryptedFileChunk
-- `ChunkNumber` - Chunk number, starting at 0.
-- `ChunkNonce` - Combined chunk nonce (16 byte BaseNonce from the header || 8 byte ChunkNumber)
 - `ChunkLength` - The length of the chunk in bytes.
 - `ChunkIsLast` - Marks the chunk as last in the file (there only can be one last chunk per file).
 - `ChunkChecksum` - The checksum to validate the chunk and prevent file manipulation.
 - `Chunk` - The encrypted chunk content.
 
 ### EncryptedFileFooter
-- `ChunkCount` - The encrypted number of chunks in the file.
-- `OverallChunkLength` - The encrypted overall length of all chunks in bytes.
-- `FooterNonceLength` - The 24 byte nonce to encrypt and decrypt the ChunkCount.
-- `FooterNonceCount` - The 24 byte nonce to encrypt and decrypt the OverallChunkLength.
 - `FooterChecksum` - The footer checksum to validate the footer and prevent file manipulation.
 
 ## Usage
@@ -127,8 +125,8 @@ public static async Task<DecryptedFile> DecryptFileWithStreamAsync(KeyPair keyPa
 
 ### And some fixed parameters
 ```csharp
-private const int CURRENT_VERSION = 1;
-private const int MIN_VERSION = 1;
+private const int CURRENT_VERSION = 2;
+private const int MIN_VERSION = 2;
 private const int CHUNK_LENGTH = 1048576; //~1MB
 private const int CHUNK_COUNT_START = 0;
 private const int CHUNK_MIN_NUMBER = 0;

StreamCryptor.nuspec

@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2012/06/nuspec.xsd">
     <metadata>
         <id>StreamCryptor</id>
-        <version>0.3.2-beta2</version>
+        <version>0.4.0</version>
         <authors>Christian Hermann</authors>
         <owners>Christian Hermann</owners>
         <licenseUrl>https://raw.githubusercontent.com/bitbeans/StreamCryptor/master/LICENSE</licenseUrl>
@@ -12,16 +12,20 @@
 
 StreamCryptor uses FileStream to read and write files in chunks, there is also an asynchronous implementations for progress reporting available. 
 
-Every file contains a EncryptedFileHeader some EncryptedFileChunks and an EncryptedFileFooter.
 Files are encrypted into SCCEF (StreamCryptor Chunked Encrypted File) format.
 
+Every file contains an EncryptedFileHeader some EncryptedFileChunks and an EncryptedFileFooter to prevent file manipulation.
+
 The file serialization is realised with Google`s protobuf, it has a small overhead and offers an automatic length prefix for all file parts.
 
 All cryptographic operations are performed via libsodium-net (and thus libsodium).
 
-For more details visit the project site.</description>
+For more details and examples visit the github project site.</description>
         <summary>Stream encryption &amp; decryption with libsodium and protobuf</summary>
-        <releaseNotes>0.3.2-beta2
+        <releaseNotes>0.4.0
+* SCCEF Protocol Version 2 (not backward compatible)
+* Updated libsodium-net to 0.7.0 (libsodium v.1.0.2)
+0.3.2-beta2
 * Updated libsodium to 0.7.0-beta2
 0.3.2
 * Updated libsodium to 0.7.0-beta1 (thread-safe version)
@@ -53,13 +57,13 @@ For more details visit the project site.</description>
 * There was a bug on decrypting files with external private keys
 0.1.15
 * Changed TargetFrameworkVersion from v4.5 to v4.0</releaseNotes>
-        <copyright>Copyright (c) 2014 Christian Hermann (bitbeans)</copyright>
+        <copyright>Copyright (c) 2014 - 2015 Christian Hermann (bitbeans)</copyright>
         <language>en-US</language>
         <tags>stream encryption protobuf libsodium XSalsa20 Curve25519 Poly1305</tags>
         <dependencies>
             <group targetFramework=".NETFramework4.5">
                 <dependency id="protobuf-net" version="2.0.0.668" />
-                <dependency id="libsodium-net" version="0.7.0-beta2" />
+                <dependency id="libsodium-net" version="0.7.0" />
             </group>
         </dependencies>
     </metadata>

StreamCryptor/Model/EncryptedFileHeader.cs

@@ -79,7 +79,7 @@ public EncryptedFileHeader(int currentVersion, int nonceLength, int chunkBaseNon
         public byte[] EphemeralNonce { get; private set; }
 
         /// <summary>
-        ///     The 32 byte ephemeral secret key.
+        ///     The 64 byte ephemeral secret key.
         /// </summary>
         [ProtoMember(5)]
         public byte[] Key { get; private set; }