I have Password Safe 3.54.01, 64-bit, running on Windows 10, 64-bit, and I tried to use "pwsafe -e bigfile.zip" to encrypt a 6.6GB (six point six gigabytes), but it says "File is too big". The help file says "any file" and does not mention a size limit. (The disk is NTFS, with 70GB free.)
Is this a bug, or an undocumented limitation? Is there any reason why the 64-bit version shouldn't be able to encrypt really big files?
Problem is that the current encryption scheme is limited to 4GB, meaning that supporting bigger files will not be possible with this scheme.
Working on a solution s.t. files smaller than this limit will be encrypted as today, files larger will use a scheme that doesn't suffer from this limitation. This will avoid any backwards compatibility issues.
Fixed in commit 9edc85c06 - will be in next release.
Hi Rony, what scheme will files larger than 4GB use?
The same scheme as for files < 4GB. The only differences are that the encryption will be with TwoFish, which has a blocksize of 16 bytes (instead of 8 for Blowfish). This enables the file size to be stored in 8 bytes (instead of 4), breaking the 4GB limits.
The implementation was changed from reading the entire file into memory, encrypting and the writing, to read-encrypt-write one buffer at a time, avoiding potential out of memory issues for large files.
"The only differences are that the encryption will be with TwoFish" - I don't understand this statement, since per my reading PWS has been using TwoFish for more than 10 years (since V.3).
The switch from Blowfish to Twofish was for the PasswordSafe database.
File encryption was (and still is, for small files) based on Blowfish.
This can be changed, but at the cost of breaking backwards compatibility: small files encrypted with newer version of PasswordSafe will not be decryptable by older versions.