Secrete
Secrete is a simple ECIES implementation that uses Curve25519.
The Elliptic Curve Integrated Encryption Scheme has been implemented with the following specifications:
Item | Specification |
---|---|
Elliptic Curve | Curve25519 |
Key Derivation Function | KDF2 |
Message Authentication Code | HMAC with SHA512 |
Symmetric Encryption Scheme | AES-256 CBC mode with PKCS7 Padding |
using source code from existing repositories, including:
Many thanks to Trevor Bernard and the guys of The Legion of the Bouncy Castle.
Binary version
The binary distribution can be downloaded from the releases page.
Usage
Generate the key pair:
$ java -jar secrete.jar genKeys
This will generate the two files public.key
and private.key
under the .secrete
folder in the user's home.
A password will be required to protect the private key.
The private key is stored using PBKDF2 with SHA-512 and AES-256 CBC mode with PKCS7 Padding.
Export the public key:
$ java -jar secrete.jar -o <key_file> exportKey
Encrypt a text message:
$ java -jar secrete.jar -k <recipient_key_file> encrypt
Insert the message ending with a "."; the encrypted message will be displayed encoded in Base64.
It is also possible to output the encrypted message to a binary file by specifying the "-o" option:
$ java -jar secrete.jar -k <recipient_key_file> -o <encrypted_file> encrypt
Decrypt a text message:
$ java -jar secrete.jar decrypt
Insert the Base64 encrypted message and the password to unlock the private key.
It is also possible to load the encrypted message from the binary file by specifying the "-i" option:
$ java -jar secrete.jar -i <encrypted_file> decrypt
Encrypt a file:
$ java -jar secrete.jar -k <recipient_key_file> -i <file_to_encrypt> -o <encrypted_file> encrypt
Decrypt a file:
$ java -jar secrete.jar -i <encrypted_file> -o <decrypted_file> decrypt
Insert the password to unlock the private key.
Author
GitHub @gherynos
License
Secrete is licensed under the GNU General Public License v3.