A file encryption/decryption program written in Go without using third-party dependencies.
This PoC implements RFC8439 which uses ChaCha20 as the cipher and Poly1305 for authentication, and Argon2 for key derivation (KDF) from a given password.
Encrypt a file:
secure-files-go enc <input_file>
Encrypting a file will place the encrypted file in the same path as the input_file with an extension of .enc.
Decrypt a file:
secure-files-go dec <input_file>
Compiled binaries can be found in the releases section.
There are several ways to build binaries as outlines below. You will need Go configured in your system to build binaries.
- Clone the repository
git clone https://github.com/darshanags/secure-files-go.git
- Build the Go project for your operating system by running the following from the root of the app directory:
go build -o out/bin/secure-files-go .
This will build a secure-files-go binary file in the out/bin folder.
OR
- Run the makefile build command from the root of the app directory:
make build
This will build binary files specified in the make config file - Makefile.
---
config:
look: classic
theme: neutral
---
graph TB
A[Start] --> B[\Password\] -->
C[Argon2 - Generate 128 bit salt] -->
D["Argon2 - Generate 256 bit User Encryption Key (UEK)<br> using the password and salt"] -->
E["Generate 256 bit Data Encryption Key (DEK) and 96 bit nonce"] -->
F[Chacha20-Poly1305 - Encrypt DEK<br> using UEK and nonce]
F --> G[Store encrypted DEK,<br> nonce, and salt<br> in output file]
E --> H[Chacha20-Poly1305 - Encrypt input file data<br> using DEK]
H --> I[Store encrypted data in output file]
Written with StackEdit.