Skip to content
This repository has been archived by the owner on Sep 22, 2021. It is now read-only.
/ cryptdir Public archive

Utility for encrypting folders with AES-256 GCM and Scrypt. A fork of my crypt command.

License

ISC license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

evantbyrne/cryptdir

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits

lib

lib

 
 

vendor

vendor

 
 

.gitmodules

.gitmodules

 
 

.travis.yml

.travis.yml

 
 

LICENSE.md

LICENSE.md

 
 

README.md

README.md

 
 

cryptdir-folder.png

cryptdir-folder.png

 
 

main.go

main.go

 
 

Repository files navigation

Travis CI Go report card

cryptdir

Utility for managing folders containing files encrypted with AES-256 GCM and Scrypt.

Install

Make sure that Go is installed and your PATH includes GOBIN. Then run the following:

$ git clone --recursive https://github.com/evantbyrne/cryptdir.git $GOPATH"/src/github.com/evantbyrne/cryptdir"
$ go install github.com/evantbyrne/cryptdir

Note: The $ at the beginning of newlines in this document represents the bash shell prompt, and is not a part of the actual commands. Likewise, cryptdir> represents an unlocked shell prompt.

Usage

$ cryptdir
usage: cryptdir [<flags>] <command> [<args> ...]

Utility for managing folders containing files encrypted with AES-256 GCM and
Scrypt.

Flags:
  --help  Show context-sensitive help (also try --help-long and --help-man).

Commands:
  help [<command>...]
    Show help.

  ls [<flags>]
    List encrypted files.

  read <read_name>
    Read encrypted file.

  unlock
    Unlock encrypted directory.

  write <write_name>
    Write encrypted file.

Open a new shell with the encrypted folder unlocked:

$ cd path/to/my/folder
$ cryptdir unlock
Password:
cryptdir>

Read and write encrypted files from an unlocked shell, lock shell by exiting:

cryptdir> cryptdir read hello.txt
File not found.
cryptdir> echo "Hello, world" | cryptdir write hello.txt
cryptdir> cryptdir read hello.txt
Hello, world
cryptdir> exit
exit
$ cryptdir read hello.txt
2017/02/05 13:42:27 The encrypted directory is locked. Please run `cryptdir unlock` to unlock.

Listing encrypted files from an unlocked shell:

cryptdir> cryptdir ls
foo.txt
hello.txt
zebra.png
cryptdir> cryptdir ls -ms
ZzvBpUZDpXVJmbLi foo.txt
nUyWajppDtwLrLxj hello.txt
xShsSwNrGNmnFyeC zebra.png

Encrypted data format

Each file is encrypted in the following format, with a random salt and nonce generated per file:

+----------------+---------------------+-------------------+-------------------+
| 4 byte version | 12 byte scrypt salt | 12 byte gcm nonce | encrypted data... |
+----------------+---------------------+-------------------+-------------------+

Here is an example of what the contents of an encrypted folder might look like:

Example encrypted folder

The raw file names are randomly generated 250 character strings. The .cryptdir file contains an encrypted mapping of human-readable filenames to the randomly named ones used on a filesystem level.

About

Utility for encrypting folders with AES-256 GCM and Scrypt. A fork of my crypt command.

Topics

golang security encryption aes scrypt aes-256 gcm

Resources

Readme

License

ISC license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Languages