Crates.io | cryptobox |
lib.rs | cryptobox |
version | 0.1.0 |
source | src |
created_at | 2019-01-27 15:04:44.112486 |
updated_at | 2019-01-27 15:04:44.112486 |
description | A KISS CLI-wrapper around libsodium's `cryptobox_easy` |
homepage | |
repository | https://github.com/KizzyCode/Cryptobox |
max_upload_size | |
id | 110933 |
size | 8,652,269 |
Cryptobox is a KISS data en-/decryption-tool that generates a random
256bit key and hex-prints it to StdErr, seals everything from from StdIn with this random key using
libsodium's crypto_secretbox_xchacha20poly1305_easy
and writes the sealed data to StdOut.
The idea is to keep the code as simple as possible so that it's easy to understand and validate it (this is also the reason why we use libsodium as backend).
Optionally Cryptobox can use ma_proper
as memory allocator to ensure that the
allocated memory is overwritten before it is returned to the OS (feature use-maproper
; disabled by default).
The use-case is pretty limited – in particular, Cryptobox is NOT suited for
Instead, the use-case is secure long-term encryption of small sensible data for backup purposes. E.g. you could encrypt your GnuPG-keyring and upload it to Pastebin.com – this way you only need to store 64 hex chars in a safe and secure place instead of the entire keyring.
To seal a some data, pipe it to cryptobox
' StdIn and redirect the StdOut to your target location:
cryptobox < /path/to/secret.file > /path/to/sealed.file
Important: Store the displayed key somewhere safe! Without this key it's probably COMPLETELY IMPOSSIBLE to recover your data from the sealed file.
To decrypt some data, export the key as environment variable and pipe it to cryptobox
' StdIn and redirect the StdOut
to your target location:
export CRYPTOBOX_KEY=0197ac79-e307baf7-facd0c5c-9b1b3951-990d7dd5-4cffc259-fd6ac95c-2f3b1a1c
cryptobox < /path/to/sealed.file > /path/to/secret.file
(Cryptobox detects your exported key automatically and switches to decryption mode – to delete the key from the
environment, use unset CRYPTOBOX_KEY
)