A very strong encryption command line app to keep your file securely.
Supported ciphers:
- chacha20 256bits.
- salsa20 256bits.
- aes256 AES 256bits in CTR mode.
- chacha20_aes256
- aes256_chacha20 default cipher.
- salsa20_aes256
- aes256_salsa20
- Mac OS
- Linux
- Windows
make
make test
vsencrypt [-h] [-v] [-q] [-f] [-D] -e|-d [-a cipher] -i infile [-o outfile] [-p password]
DESCRIPTION
Use very strong cipher to encrypt/decrypt file.
The following options are available:
-h Help.
-v Show version.
-q Quiet. No error output.
-f Force override output file if already exist.
-D Delete input file if encrypt/decrypt success.
-e Encryption.
-d Decryption.
-c Encryption cipher, used in encryption mode(-e) only.
Available ciphers:
chacha20 256bit, faster than AES 256.
salsa20 256bit, faster than AES 256.
aes256 AES 256bit in CTR mode.
aes256_chacha20 aes256 then chacha20 (default cipher).
aes256_salsa20 aes256 then salsa20.
chacha20_aes256 chacha20 then aes256.
salsa20_aes256 salsa20 then aes256.
-i <infile> Input file for encrypt/decrypt.
-o <infile> Output file for encrypt/decrypt.
-p Password.
EXAMPLES
Encryption:
vsencrypt -e -i foo.jpg -o foo.jpg.vse -p secret123
vsencrypt -e -i foo.jpg # will output as foo.jpg.vse and ask password
Decryption:
vsencrypt -d -i foo.jpg.vse -d foo.jpg -p secret123
vsencrypt -d -i foo.jpg.vse # will output as foo.jpg and ask password
+++++++++++++++++++++++++++++++++++++++++++++++++++++
| version | header | encrypted data... |
+++++++++++++++++++++++++++++++++++++++++++++++++++++
1 byte. File format version. Current version is 0x1.
File header is determined by version.
++++++++++++++++++++++++++++++++++++++++++++++++++++++
| cipher(1) | salt(16) | iv(16) | mac(16) |
++++++++++++++++++++++++++++++++++++++++++++++++++++++
- 1 byte
cipher
algorithm. - 16 bytes
salt
for password. - 16 bytes
iv
for encryption/decryption. - 16 bytes
mac
(Message Authentication Code) of poly1305 used to verify the data integrity and the authenticity.
Version 1 header total size is 1(version) + 1(cipher) + 16(salt) + 16(iv) + 16(mac) = 50 bytes.
Key derivation function is Argon2 which was selected as the winner of the Password Hashing Competition in July 2015.
Poly1305 is used as message authentication code (MAC). Poly1305 has been standardized in RFC 7539.
clang setup for static analysis
export C_INCLUDE_PATH=`pwd`/src:`pwd`/src/argon2/include:`pwd`/src/argon2/src/blake2
MIT. see LICENSE.txt