Secrete
Secrete is a simple ECIES implementation that uses Curve25519.
The Elliptic Curve Integrated Encryption Scheme has been implemented with the following specifications:
| Item | Specification |
|---|---|
| Elliptic Curve | Curve25519 |
| Key Derivation Function | KDF2 |
| Message Authentication Code | HMAC with SHA512 |
| Symmetric Encryption Scheme | AES-256 CBC mode with PKCS7 Padding |
using source code from existing repositories, including:
Many thanks to Trevor Bernard and the guys of The Legion of the Bouncy Castle.
Binary version
The binary distribution can be downloaded from the releases page.
Usage
Generate the key pair:
$ java -jar secrete.jar genKeysThis will generate the two files public.key and private.key under the .secrete folder in the user's home.
A password will be required to protect the private key.
The private key is stored using PBKDF2 with SHA-512 and AES-256 CBC mode with PKCS7 Padding.
Export the public key:
$ java -jar secrete.jar -o <key_file> exportKeyEncrypt a text message:
$ java -jar secrete.jar -k <recipient_key_file> encryptInsert the message ending with a "."; the encrypted message will be displayed encoded in Base64.
It is also possible to output the encrypted message to a binary file by specifying the "-o" option:
$ java -jar secrete.jar -k <recipient_key_file> -o <encrypted_file> encryptDecrypt a text message:
$ java -jar secrete.jar decryptInsert the Base64 encrypted message and the password to unlock the private key.
It is also possible to load the encrypted message from the binary file by specifying the "-i" option:
$ java -jar secrete.jar -i <encrypted_file> decryptEncrypt a file:
$ java -jar secrete.jar -k <recipient_key_file> -i <file_to_encrypt> -o <encrypted_file> encryptDecrypt a file:
$ java -jar secrete.jar -i <encrypted_file> -o <decrypted_file> decryptInsert the password to unlock the private key.
Author
GitHub @gherynos
License
Secrete is licensed under the GNU General Public License v3.