Skip to content

000hen/file_encryption

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

file_encryption

A small command-line utility for generating RSA key pairs and encrypting or decrypting files with authenticated AES-256-GCM encryption. RSA is used to wrap the randomly generated AES session key, providing public-key based sharing while keeping the data-at-rest encrypted with a fast symmetric cipher.

Features

  • Generate 2048-bit RSA key pairs, optionally protecting the private key with a passphrase.
  • Encrypt any file with AES-256-GCM and an IV that is generated per file.
  • Decrypt files produced by the tool, validating an embedded authentication tag before writing output.
  • Chunked streaming encryption/decryption for large files, with simple progress feedback.

Prerequisites

  • Rust toolchain (Rust 1.80+ recommended). Install via rustup.
  • No system OpenSSL installation is required; the vendored feature brings a portable copy.

Getting Started

Clone the repository and build the project:

cargo build --release

You can also run the CLI without a separate build step:

cargo run -- --help

Command Overview

The CLI exposes three subcommands. Every command accepts --help for details.

Generate an RSA Key Pair

cargo run -- generate --output keys --passphrase "S3cret!"
  • --output (optional): directory where public_key.pem and private_key.pem are written. Defaults to the current directory.
  • --passphrase (optional): encrypts the private key with AES-256-CBC. Omit to write an unencrypted key.

Encrypt a File

cargo run -- encrypt --input path\to\plain.txt --key keys\public_key.pem --output plain.txt.enc
  • --input (required): file to encrypt.
  • --output (optional): encrypted file path. Defaults to input + ".enc".
  • --key (required): PEM-formatted RSA public key generated by the tool.

The resulting file layout is:

[MAGIC][RSA(OAEP) encrypted AES key][IV][ciphertext...][GCM tag]

Decrypt a File

cargo run -- decrypt --input plain.txt.enc --output plain.txt --key keys\private_key.pem --passphrase "S3cret!"
  • --input (required): encrypted file produced by this tool.
  • --output (optional): decrypted output path. Defaults to removing .enc or appending .dec.
  • --key (required): PEM-formatted RSA private key.
  • --passphrase (optional): supply if the private key is passphrase protected.

Notes on Security

  • Protect your private key and any passphrase you use. Losing either prevents decryption.
  • AES-256-GCM provides confidentiality and integrity; decryption fails if the file is modified.
  • The tool prints progress to standard output; redirect or silence if you process sensitive filenames/logging.

Troubleshooting

  • Failed to parse private key PEM: ensure you passed the correct key and, if encrypted, the correct passphrase.
  • Invalid magic number: the file was not encrypted with this tool or is corrupted.
  • For verbose clap usage information, append --help after any subcommand.

Development

  • Format the code with cargo fmt.
  • Run the linter with cargo clippy --all-targets.
  • Execute tests (if added) with cargo test.

License

This project is licensed under the terms of the LICENSE file provided in the repository.

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages