Skip to content

TOXICAI314/goxlock

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

3 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

GOXLOCK

GoxLock is a cli encryption tool made compeletly on golang. Providing many features that is needed for a powerful encryption

goxlock logo

Installation

Install my project installer via github:

Why goxlock?

goxlock is a powerful folder encryptor that can encrypt the folder in a custom extension file using AES-GCM . The data is stored no where in normal procedure and is secure from all threats .

Only the actual user can access the file because goxlock utilizes the os level encryption and base encryption .

goxlock never hides , its actually protect the data . The GCM protection layer makes sure that the data inside is always relevant and user will know if GCM failed during unlocking.

Error hunting is made very simple and robust covering each part of error occurance and dealing with it.

Error hunt follows these rules:

  1. A function must only care about its input and internal data of not being empty or undesired
  2. It must not care or protect against uncertain details , its the part of the calling function.

Because of these implementations , the app is easy to understand , And the error code dont feels like burden. Current error codes are ok!. But in next few updates those will be revamped to a better design.

Quick Start

Header your goxlock experience with a simple check.

  1. This given checks whether the base setup is done correctly or not. This checks the function responsible for thee actions.
goxlock --doctor
  1. To lock a folder , choose something spare and lock it with following command.
goxlock --lock -f '<folder>'
  • This will lock your folder on the same parent dir as the locking folder.
  1. To unlock , just get the path of the locked .g-lock file and paste it .
goxlock --unlock -f '<locked_file>'
  • If you dont want to write just double click on the locked file (you must see a gopher lock image on the file display) , it will straight up give you the cmd.exe shell.

Customizing

  • You can customize your actions with other provided embeded actions within the application.

  • The following will show you how you can do basic customization into the application behaviour.

  1. To verify the password , just copy the path of the locked file and do the following .
goxlock --verify-password -f '<locked_file>'
  1. To see header details (header are for debugging and seeing the control flow) you shall do the following.
goxlock --header -f '<locked_folder>'
  1. To change the password , do the following.
goxlock --change-password -f '<locked_folder>'
  1. If you want to delete the file/folder after lock or unlock , you shall do this.
goxlock --lock -f '<folder>' --del-original
  1. To change the output of the desired locking and unlocking action , try following.
goxlock --lock -f '<folder>' --out '<desired_location_path>'
  • You can provide a absolute path or the local path , both are supported
  1. To save what had happened while the run time ,do the following.
goxlock --lock -f '<folder>' --log
  1. To make a profile that will given each time you wish to use it.
goxlock --make-profile --profile-name '<name>' --exlcude "*.txt,*.png"
  • There are many inbuilt things that you can save into a profile. Try using them by seeing and understanding them.
goxlock --use-profile --profile-name '<name>'

Features

  • πŸ”’ AES-GCM encryption
  • πŸ”‘ Argon2 password derivation
  • πŸ§‚ Random Salt
  • 🎲 Random Nonce
  • πŸ›‘ Header validation
  • πŸ” Password verification without extracting
  • πŸ”„ Change password
  • ⏰ Auto relock scheduler
  • πŸ” Windows DPAPI session protection (for windows only)
  • πŸ“Š Operation statistics
  • πŸ“ Logging system
  • πŸ‘€ Profiles
  • 🩺 Doctor diagnostics
  • πŸš€ Written entirely in Go
  • πŸͺŸ Native Windows support

Commands

There are vasr number of commands and behaviour you can choose from. Following list will tell the commands in breif.

  1. f : Telling about the object path (must be absoulte)
  2. lock : Locks the given folder
  3. del-original : Deletes the original object
  4. out : Gives the custom name to the output folder
  5. unlock : Unlocks the targetted folder
  6. time-out : time-Shedule re encryption over a certain time (must give minute/hour/day timelimits )
  7. change-password : Chnages your current password
  8. exclude : Excludes given patterns
  9. verify-password : Verify your folder password without unlocking it
  10. header : Check header data of the encrypted file
  11. log : Allow logger to log into the hardcoded files
  12. read-log : Toggle the read log function
  13. stats : Use it to see the stats of your operation
  14. log-date : Gives the log date to instructor
  15. checkupdate : Checks for provided updates from trusted sources
  16. del-profile : Deletes the named profile
  17. update-profile : Updates the named profile with the given data
  18. use-profile : Use the saved profile
  19. make-profile : Makes the profile of the user as per name
  20. profile-name : Stores the name of the profile

Security

Safety is the only thing that goxlock targets . No password or secret is revealed in any file. The password is never stored in raw string or readable format (only for scheduling the password ecrypted form is stored after that it is destroyed).

  • NOTE
    • The User must know that the password is note stored in any kind of format normally.
    • So if the you forget the password its your concern.
    • Normally the app will not let it happen because it is built with password integrity checks on lock and end password showing.
    • There is no option for Forget Password
    • This app is only made for encryption purpose not for protection purpose , if you lost your file or someone altered your file bytes or deleted it , its upon you.
    • goxlock can only protect from data not being shown up. Rest steps need to be taken by your side.
    • Schedule tasks when you need it otherwise normally unlock.

Security Features

  • No actual file will be deleted unless the data is totally written . If anything corrupts you can just remove the resedue the corruption left.

  • The Schedulling is done under the prtection of DPAPI (windows) which is an OS level of protection given to per User.

  • The Overwrite is protected via the mutex made withing the OS.

  • The header is checked before unlocking to let the application be sure that is the file format to unlock.

  • Password hider is inbuilt from the buffer of the terminal.

  • The things that it can do for users saefty ->

    Protect Against | Status

    Lost USB | βœ…

    Stolen encrypted file | βœ…

    File tampering | βœ…

    Same Windows user malware during active DPAPI session | ⚠️ Limited

    Kernel-level attacker | ❌

Scheduling

One of the best feature of goxlock is scheduling a task. Tough it requires the password to be stored in a encrypted format , it has its own pros.

The user can schedule the locking again after unlocking , this is done via task scheduler (for windows)

  • NOTE
    • If the current user is compromised or the device is open as the current user , the data is not safe.
    • Hence , use it when you are confrimed that no one will peak out.

Architecture

  • Locking
User

↓

Argon2

↓

AES Key

↓

Encrypt

↓

.g-lock
  • Unlocking
Password

↓

Argon2

↓

Verify

↓

Decrypt

Limitations

There are still some known limitations for this app which will be solced in the future.

  1. Windows only
  2. Less understandable to non cli users
  3. Non UI interface

Contribution

Here will be the name of the contributors.

  1. TOXICAI314 (self)
  • Every Contributor is most welcomed by me <happy_emoji>.

Licence

This project uses the following License, check that out for more details.

LICENCE

Acknowledgements

  • GOLang & module developers : For providing such an easy and robust language to work upon and easy modules to pass by.

  • Windows API : For making the system integration possible

  • Inno Setup : For making the application better on the installation side

Design Philosophy

Golang simpley folows these rules on the out face of it.

  1. Security first

  2. Simple commands

  3. Transparent behaviour

  4. No hidden network communication

  5. No cloud dependency

According to goxlock no private info must go out the boundaries of the user hardware. No data can be seen other. The user must feel secure of what they got for the privacy.

BECAUSE ASSURANCE COMES FROM TRUST.

Roadmap

The next update details will be discussed here:

v1.1 - The UI update

1. Making ui elements better
2. TUI
3. Better Error messages
4. Rich , colorful and structured base output
4. Logic fixes (always)

Promises

TOXICAI314 promises that:

  • The app will never have ADs or any kind of subscription. Its free to use and distribute

  • No data will leave your computer , it will stay where it is.

  • No AI integration will be made for this.

  • No Telemetry will be done on the user , Never even in asked or intentional.

  • No Login or Account system will be made , Its free for all.

About

`goxlock` is a powerful locking application entirely made on golang which provide many features like locking,unlocking,scheduling to the users . Having built in file security feature it can protect sesitive file from altering before even going to them .

Resources

License

Stars

0 stars

Watchers

0 watching

Forks

Packages

 
 
 

Contributors

Languages