The active repository is at https://codeberg.org/glv/iescrypt
The iescrypt program is a tool to encrypt, decrypt and sign files. There are two versions of it, one is written in Common Lisp, the other is written in C.
The Common Lisp version can be used either as a library or as a standalone executable.
sbcl as Common Lisp implementation is recommended. It also works with other implementations, but much more slowly.
These libraries can be installed easily with quicklisp.
(asdf:load-system "iescrypt")
(in-package iescrypt)Encrypt and decrypt a file with a passphrase:
(encrypt-file-with-passphrase "clear.file" "cipher.file")
(decrypt-file-with-passphrase "cipher.file" "clear.file")Encrypt and decrypt a file with a key pair:
(make-encryption-key-pair "key")
(encrypt-file-with-key "clear.file" "cipher.file" "key.pub")
(decrypt-file-with-key "cipher.file" "clear.file" "key")Sign and verify a file:
(make-signing-key-pair "key")
(sign-file "some.file" "some.file.sig" "key")
(verify-file-signature "some.file" "some.file.sig" "key.pub")Simultaneously sign and encrypt a file:
(make-encryption-key-pair "enckey")
(make-signing-key-pair "sigkey")
(sign-and-encrypt-file-with-key "clear.file" "cipher.file" "sigkey" "enckey.pub")
(decrypt-file-with-key-and-verify-signature "cipher.file" "clear.file" "enckey" "sigkey.pub")You can build a standalone executable using the Makefile.
make iescryptThe tests require the fiveam library.
(asdf:test-system "iescrypt")There is also a test-iescrypt.sh shell script in the tests directory to test the standalone executable.
tests/test-iescrypt.sh path/to/iescryptThe C version can be used as a standalone executable. It includes Loup Vaillant’s monocypher library for cryptographic primitives and rxi’s microtar library to deal with tar archives.
A C compiler.
You can build the standalone executable using the Makefile.
make iescrypt-cThere is a test-iescrypt.sh shell script in the tests directory to test the standalone executable.
tests/test-iescrypt.sh path/to/iescrypt-cUsage: iescrypt <command> <arguments>Generate a key pair for encryption. The private key is written to ‘file’ and the public key is written to ‘file.pub’.
Generate a key pair for signature. The private key is written to ‘file’ and the public key is written to ‘file.pub’.
Encrypt a file with a public key.
Decrypt a file that was encrypted with a public key using the matching private key.
Encrypt a file using a passphrase.
Decrypt a file using a passphrase.
Sign a file with a private key.
Verify a signature of a file. If a public key file is specified, also verify that the signature was made with the matching private key.
Sign a file with a private key and encrypt the file and the signature with a public key.
Decrypt a file with a private key and verify that it has a valid signature. If a signature public key is specified, also verify that the signature was made with the matching private key.
Sign a file with a private key and encrypt the file and the signature with a passphrase.
Decrypt a file with a passphrase and verify that it has a valid signature. If a signature public key is specified, also verify that the signature was made with the matching private key.
The program uses the integrated encryption scheme with the following parameters:
- xchacha cipher for data encryption
- poly1305 for message authentication code
- x25519 (curve25519) or passphrase and argon2i to derive keys
The program can also sign files using eddsa (ed25519). The signature is made on the blake2 hash of the input file.
Encrypted files have the following format:
+-----------------+----------------------+----------------+------------+ | salt (16 bytes) | parameter (32 bytes) | mac (16 bytes) | ciphertext | +-----------------+----------------------+----------------+------------+
A random salt is generated.
A shared secret is computed. When using a passphrase, the shared secret is the concatenation of some random parameter (actually a random curve25519 public key) and the passphrase. When using curve25519 keys, the shared secret is computed using a Diffie-Hellman exchange. The parameter field is the public key of the ephemeral key pair generated by the sender, allowing the recipient to compute the shared secret.
The key and nonce for xchacha and the key for poly1305 are derived from the salt and the shared secret using argon2i.
The cleartext is encrypted with xchacha.
The message authentication code is computed on the ciphertext using poly1305.
When using a command to simultaneously sign and encrypt a file, the encryption is done on a tar file containing the input file and the signature of the input file.
iescrypt sig-enc input output signature-key encryption-key.pub is
equivalent to:
iescrypt sig input input.sig signature-key
tar -c -f input.tar input input.sig
iescrypt enc input.tar output encryption-key.pub
rm input.sig input.tariescrypt dec-ver output input encryption-key signature-key.pub is
equivalent to:
iescrypt-c dec output input.tar encryption-key
tar -x -f input.tar
iescrypt-c ver input input.sig signature-key.pub
rm input.sig input.tar