tiny-encrypt-rs 联合开发网

Pudn.com > 下载中心 > 开发工具 > tiny-encrypt-rs

tiny-encrypt-rs

所属分类：开发工具
开发工具：Rust
文件大小：0KB
下载次数：0
上传日期：2024-01-13 02:40:07
上传者：sh-1993

说明：使用OpenPGP PIV（Yubikey）的微型加密工具，用Rust编程语言编写。
(A tiny encrypt tool which using OpenPGP PIV(Yubikey), written in Rust Programming Language.)

文件列表:

src/
swift-lib/
swift-rs/
Cargo.lock
Cargo.toml
LICENSE
USAGE.md
build.rs

# tiny-encrypt-rs **IMPORTANT**: To use tiny-encrypt, a Yubikey(https://www.yubico.com/products/) or MacBook with Secure Enclave get the best security effect, the key MUST support PIV or OpenPGP. ![](https://cdn.hatter.ink/doc/7684_4DB4452911E2A25AB993429AA7FFCD65/yubikey-5-family.png) Tiny Encrypt written in Rust Programming Language Specification: [Tiny Encrypt Spec V1.1](https://github.com/OpenWebStandard/tiny-encrypt-format-spec/blob/main/TinyEncryptSpecv1.1.md) > Tiny encrypt rs is a Rust implementation of Tiny encrypt java https://git.hatter.ink/hatter/tiny-encrypt-java
> Tiny encrypt spec see: https://github.com/OpenWebStandard/tiny-encrypt-format-spec Repository address: https://git.hatter.ink/hatter/tiny-encrypt-rs mirror https://github.com/jht5945/tiny-encrypt-rs Set default encryption algorithm: ```shell export TINY_ENCRYPT_DEFAULT_ALGORITHM='AES' # or CHACHA20 ``` Compile only encrypt: ```shell cargo build --release --no-default-features ``` Edit encrypted file: ```shell tiny-encrypt decrypt --edit-file sample.txt.tinyenc ``` Read environment `EDITOR` or `SECURE_EDITOR` to edit file, `SECURE_EDITOR` write encrypted file to temp file. Secure editor command format: ```shell $SECURE_EDITOR "aes-256-gcm"

```
Encrypt config `~/.tinyencrypt/config-rs.json`: ```json { "environment": { "TINY_ENCRYPT_DEFAULT_ALGORITHM": "AES or CHACHA20" }, "namespaces": { "name": "/Users/example/.name" }, "envelops": [ { "type": "pgp-rsa", "kid": "KID-1", "desc": "this is key 001", "publicPart": "----- BEGIN PUBLIC KEY ..." }, { "type": "piv-p256", "kid": "KID-2", "desc": "this is key 002", "publicPart": "04..." } ], "profiles": { "default": [ "KID-1", "KID-2" ], "l2,leve2": [ "KID-2" ] } } ```
Kyber1024 usage: Generate `static-kyber1024` keypair: ```shell $ tiny-encrypt -K -a kyber1024 -n keyname [OK ] Keychain name: keyname [OK ] Public key : a731b5032194c3d2ad01f36d64e859ca9738595c21aa19c852dac22f4... [INFO ] Config envelop: { "type": "static-kyber1024", "sid": "keyname", "kid": "keychain:a731b5032194c3d2ad01f36d64e859ca9738595c21aa19c852dac22f411036c7", "desc": "Keychain static", "args": [ "keychain::tiny-encrypt:keyname" ], "publicPart": "a731b5032194c3d2ad01f36d64e859ca9738595c21aa19c852dac22f411036c..." } ``` Then write file `~/.tinyencrypt/config-rs.json`. Last, config key id to profile. Supported PKI encryption types: | Type | Algorithm | Description | |------------------|-----------------|-----------------------------------------| | pgp-rsa | PKCS1-v1.5 | OpenPGP Encryption Key (Previous `pgp`) | | pgp-x25519 | ECDH(X25519) | OpenPGP Encryption Key | | gpg | OpenPGP | GnuPG Command | | static-x25519 | ECDH(X25519) | Key Stored in macOS Keychain Access | | static-kyber1024 | Kyber1024 | Key Stored in macOS Keychain Access | | piv-p256 | ECDH(secp256r1) | PIV Slot (Previous `ecdh`) | | piv-p384 | ECDH(secp384r1) | PIV Slot (Previous `ecdh-p384`) | | key-p256 | ECDH(secp256r1) | Key Stored in macOS Secure Enclave | | piv-rsa | PKCS1-v1.5 | PIV Slot | Smart Card(Yubikey) protected ECDH Encryption description as below: ```text ┌───────────────────┐ ┌───────────────────────────┐ │Tiny Encrypt │ │Smart Card (Yubikey) │ │ │ Get Public Key(P) │ │ │ │ ───────────────────┤ Private Key(d) │ │ │ │ P = dG │ │ │ Temp Private Key(k) │ │ └───────────────────┘ Q = kG └───────────────────────────┘ Shared Secret = kP = kdG Store Q, Encrypt using derived key from Shared Secret Send Q to Smart Card ─────────────────── Shared Secret = dQ = kdG Decrypt using derived key from restored Shared Secret ``` Environment | KEY | Comment | |----------------------------------|---------------------------------------------| | TINY_ENCRYPT_DEFAULT_ALGORITHM | Encryption algorithm, `aes` or `chacha20` | | TINY_ENCRYPT_DEFAULT_COMPRESS | File compress, `1` or `on`, default `false` | | TINY_ENCRYPT_NO_PROGRESS | Do not display progress bar | | TINY_ENCRYPT_NO_DEFAULT_PIN_HINT | Do not display default PIN hint | | TINY_ENCRYPT_USE_DIALOGUER | Use dialoguer | | TINY_ENCRYPT_PIN | PIV Card PIN | | TINY_ENCRYPT_KEY_ID | Default Key ID | | TINY_ENCRYPT_AUTO_SELECT_KEY_IDS | Auto select Key IDs | | TINY_ENCRYPT_PIN_ENTRY | PIN entry command cli | | SECURE_EDITOR | Secure Editor | | EDITOR | Editor (Plaintext) |

近期下载者：

相关文件：

评论：[我要评论] [举报此文件]

收藏者：