License and Acknowledgements

License
SamuraiSafe © 2011-2018 Michael Rourke. LICENSED APPLICATION END USER LICENSE AGREEMENT: http://www.apple.com/legal/internet-services/itunes/appstore/dev/stdeula/
Acknowledgments
PasswordSafe: Program concept and UI design is inspired by PasswordSafe, originally by Bruce Schneier www.schneier.com, Java derivative: http://sourceforge.net/projects/jpwsafe/ and iOS: http://app77.com/pwSafe/
ZXCVBN: © 2012 Dropbox, Inc. Objective-C port by Wangsw from Python port by Ryan Pearl from original CoffeeScript and Python. https://github.com/beanandbean/ZXCVBN
DejaVu fonts: © 2004-2015 DejaVu fonts team. DejaVu fonts are a font family based on the Bitstream Vera Fonts. © 2003 by Bitstream, Inc. All Rights Reserved. Bitstream Vera is a trademark of Bitstream, Inc.
MBProgressHUD: © 2009-2015 Matej Bukovinski https://github.com/jdg/MBProgressHUD under the MIT License.
The method of randomly generating passphrases from a word list is known as Diceware [© 1995-2017 Arnold G. Reinhold] (http://world.std.com/~reinhold/diceware.html)
American English word list (filtered to approximately 21,000 words) from 12dicts package compiled by Alan Beale (12dicts@pobox.com) http://wordlist.aspell.net/12dicts/.
Motivation
I’m a software engineer with over 25 years of professional software development experience. SamuraiSafe was written to satisfy two goals:
I was using a Java based password manager (Password Safe) which, whilst adequate, had some security issues, as the entire password file was decrypted and stored in memory whilst in use. It was also slightly slow and clunky being a non-native macOS application.
My second goal was to learn Objective-C, Cocoa, Appkit (macOS) and UIKit (iOS).
SamuraiSafe is the result of satisfying those goals, whilst being a practical tool.
I limited the scope to essential features, and maximised the use of standard frameworks:
• Binary (Atomic) Core Data is used for storage. Passwords and password entry data is only decrypted when required, to limit exposure of cleartext in memory.
• Data stored in SamuraiSafe is encrypted using the AES algorithm with a 256 bit key. Each element (i.e. every group, password entry or password) is separately encrypted and includes a secure hash (HMAC), so corruption of encrypted data is detected, and any such corruption has limited effect.
• iCloud can be used to synchronise between macOS and iOS instances. Surprisingly Apple don’t make sharing of Core Data documents over iCloud between iOS and Mac easy (NSPersistentDocument on Mac doesn’t directly support iCloud unlike UIManagedDocument on iOS).
I hope you find this useful. Any feedback is appreciated. —Michael
← Importing and Exporting