v02enc is a password-based encryption application that supports several recipients and has the option to update an encrypted file as long as the user has access to the password of a single recipient.
v02gitdiff is a small script that requires colordiff to work. It can be used to enhance the git diff output by adding the following configuration to ~/.gitconfig:
[diff] external = /full/path/to/v02gitdiff v02hgdiff is a small script that requires colordiff to work. It can be used to enhance the hg diff output by adding the following configuration to ~/.hgrc:
[extensions] extdiff = [extdiff] cmd.v02hgdiff = /full/path/to/v02hgdiff [alias] diff = !for FILE in $(hg status -n) ; do hg v02hgdiff "$(hg root)/${FILE}" -o "$(hg root)" ; done v02wg-quick is a small script that wraps around wg-quick that enables a user to store v02enc-encrypted Wireguard configuration files. The script transparently decrypts the Wireguard configuration files when calling v02wg-quick up $interface and/or v02wg-quick down $interface.
vim02enc is a small script that enables a user to transparently edit a v02enc-encrypted file. After closing the file, it will be encrypted for all former recipients.
Usage: ====== ./v02enc [-d|--decrypt|-e|--encrypt|-u <file>|--update <file>] [-a|--armor] [-c <string>|--keychain <string>] [-h|-help] [-i <file>|--input <file>] [-k <file>|--key <file>]* [-m|--message <string>] [-o <file>|--output <file>] [-p <string>|--password <string>]* [<file>] Options: ======== -d | --decrypt Decrypt a message. -e | --encrypt Encrypt a message. -u <file> | --update <file> Update an encrypted message with the contents in <file>. <file> can be "-" to read from STDIN. -a | --armor ASCII-armor the encrypted message. -c <string> | --keychain <string> Use the hex-decoded generic password in the macOS keychain with the name <string> as an encryption key. This option can be provided multiple times. -h | --help Print this help. -i <file> | --input <file> Use <file> as the input. <file> can be "-" to read from STDIN. The default is STDIN. -k <file> | --key <file> Use the contents in <file> as an encryption key. This option can be provided multiple times. <file> can be "-" to read from STDIN. -m <string> | --message <string> Use <string> as the input. -o <file> | --output <file> Use <file> as the output. <file> can be "-" to write to STDOUT. <file> can be "+" to write to STDERR. The default is STDOUT. -p <string> | --password <string> Use <string> as an encryption key. This option can be provided multiple times. <file> Use <file> as the input. <file> can be "-" to read from STDIN. The default is STDIN. Notes: ====== * You can only use one mode at a time, so either decrypt, encrypt or update. * You can only use one input at a time. * You can only use one output at a time. macOS Keychain: =============== You can add a password to the macOS keychain like this: > security \ add-generic-password \ -a "$(whoami)" \ -s "<string>" \ -T "" \ -U \ -w "$(echo -n "Password: " >&2 && \ read -s password && \ echo "$password" | \ xxd -p | \ tr -d "\n")" You can view a password in the macOS keychain like this: > security \ find-generic-password \ -a "$(whoami)" \ -s "<string>" \ -w | \ xxd -p -r head -c 32 /dev/random >~/.v02enc # using STDIN and STDOUT echo -n "example text" | v02enc --encrypt --key ~/.v02enc >./example.txt.v02enc # using unnamed argument and STDOUT v02enc --encrypt --key ~/.v02enc ./example.txt >./example.txt.v02enc # using --input and --output v02enc --encrypt --key ~/.v02enc --input ./example.txt --output ./example.txt.v02enc # using unnamed argument and STDOUT v02enc --encrypt --password "example passphrase" ./example.txt >./example.txt.v02enc # using --input and --output v02enc --encrypt --password "example passphrase" --input ./example.txt --output ./example.txt.v02enc # using unnamed argument and STDOUT echo -n "example text" | v02enc --encrypt --password "example passphrase" >./example.txt.v02enc # using --input and --output echo -n "example text" | v02enc --encrypt --key ~/.v02enc --input - --output ./example.txt.v02enc # using --message and --output v02enc --encrypt --key ~/.v02enc --message "example message" --output ./example.txt.v02enc v02enc --encrypt --armor --key ~/.v02enc --message "example message" # using unnamed argument and STDOUT v02enc --decrypt --key ~/.v02enc ./example.txt.v02enc # using --input and --output v02enc --decrypt --key ~/.v02enc --input ./example.txt.v02enc --output - # update using STDIN echo -n "new text" | v02enc --update - --key ~/.v02enc --input ./example.txt.v02enc --output ./example.txt.v02enc.tmp && mv ./example.txt.v02enc.tmp ./example.txt.v02enc # update using a file v02enc --update ./new-text.txt --key ~/.v02enc --input ./example.txt.v02enc --output ./example.txt.v02enc.tmp && mv ./example.txt.v02enc.tmp ./example.txt.v02enc # preparing passphrase file in correct location head -c 32 /dev/random >~/.v02enc # using implicit passphrase file path vim02enc ./example.txt.v02enc # using explicit passphrase file path V02ENC_KEY=~/.v02enc ./example.txt.v02enc # generate the random passphrase head -c 32 /dev/random >~/.tmp # encrypt the random passphrase echo -n "Password: " >&2 && \ read -s password && \ echo >&2 && \ echo -n "$password" | \ v02enc --armor --encrypt --key - ~/.tmp >~/.v02enc # delete the unprotected random passphrase rm -f ~/.tmp # use the encrypted random passphrase to encrypt a message echo -n "Password: " >&2 && \ read -s password && \ echo >&2 && \ echo -n "$password" | \ v02enc --decrypt --key - ~/.v02enc | \ v02enc --armor --encrypt --key - --message "This is a test." >./example.v02enc # use the encrypted random passphrase to decrypt the encrypted message echo -n "Password: " >&2 && \ read -s password && \ echo >&2 && \ echo -n "$password" | \ v02enc --decrypt --key - ~/.v02enc | \ v02enc --decrypt --key - ./example.v02enc The encryption scheme originates from Shared-Secrets. Shared-Secrets implements v00 as a password-based encryption scheme supporting a single recipient and v01 as an RSA-based encryption scheme supporting multiple recipients.
v02enc extends the existing encryption schemes with v02 as a password-based encryption scheme supporting multiple recipients.
This application is released under the BSD license. See the LICENSE file for further information.