{ "info": { "author": "M. Massenzio", "author_email": "marco@alertavert.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 4 - Beta", "Intended Audience :: System Administrators", "License :: OSI Approved :: Apache Software License", "Programming Language :: Python :: 3" ], "description": "filecrypt - OpenSSL file encryption\n===================================\n\n Author [M. Massenzio](http://codetrips.com)\n --------- --------------------------------------------------------\n Version 0.6.1\n Updated 2018-06-09\n Code [bitbucket.org](git@bitbucket.org:marco/filecrypt.git)\n\noverview\n========\n\nUses OpenSSL library to encrypt a file using a private/public key pair\nand a one-time secret.\n\nA full description of the process can be found\n[here](https://github.com/massenz/HOW-TOs/blob/master/HOW-TO%20Encrypt%20archive.rst).\n\nSee also this [blog\nentry](https://codetrips.com/2016/07/13/filecrypt-openssl-file-encryption/)\nfor more details.\n\ninstallation\n============\n\nInstall directly from PyPi:\n\n pip install crytto\n\nPlease note the **package name** (`filecrypt` was conflicting with the\nexisting `FileCrypt` package name, and `crypto` was already taken).\n\nThis requires OpenSSL to be installed on your machine:\n\n sudo apt-get install openssl\n\nAlternatively, clone the project from github and follow the instructions\nbelow:\n\n git clone git@bitbucket.org:marco/filecrypt.git\n\n**Note** I moved the code to [bitbucket](http://bitbucket.org):\nMicro\\$oft can kiss my b--t...\n\nOnce cloned, you can try out functionality using the `run` script (which\nreplaces the `console-scripts` installed by the package) which takes the\nsame arguments as the [encryption](#encryption) (\\#encryption) command;\nor adding a `-d` flag, will execute the [decryption](#decryption)\ncommand.\n\nOnce all dependencies are installed:\n\n pip install -r requirements.txt\n\ntests can be run via:\n\n nosetests tests\n\nconfiguration\n=============\n\nThis uses a YAML file to describe the configuration; by default it\nassumes it is in `/etc/filecrypt/conf.yml` but its location can be\nspecified using the `-f` flag.\n\nThe structure of the `conf.yml` file is as follows:\n\n``` {.yaml}\nkeys:\n private: sample.pem\n public: sample.pub\n secrets: .\n\nstore: keys.csv\n\n##\n# Any option below is optional and can be omitted.\n#\n# Where to store the encrypted file; the folder MUST already exist and the user\n# have write permissions. Defaults to the current directory; can be overridden\n# using --out on the command line.\n#\n#out: /data/store/file\n\n# Whether to securely delete the original plaintext file; by default it is kept.\n# It can be overridden by using `--keep` when running `encrypt`. True by default.\nshred: true\n\n# Optional logging configuration - mostly useful to\n# diagnose issues. Default is WARN level.\nlogging:\n format: \"%(asctime)s [%(levelname)-5s] %(message)s\"\n level: WARN\n```\n\nThe `private`/`public` keys are a key-pair generated using the\n`openssl genrsa` command; the encryption key used to actually encrypt\nthe file will be created in the `secrets` folder, and afterward\nencrypted using the `public` key and stored in the location provided.\n\nThe name will be `pass-key-nnnn.enc`, where `nnnn` will be a random\nvalue between `1000` and `9999`, that has not been already used for a\nfile in that folder.\n\nThe name of the secret passphrase can also be defined by the user, using\nthe `--secret` option (it will be left unmodified):\n\n- if it does not exist a random secure one will be created, used for\n encryption, then encrypted and saved with the given path, while the\n plain-text temporary version securely destroyed; OR\n\n- if it is the name of an already existing file, it will be decrypted,\n used to encrypt the file, then left **unchanged** on disk.\n\n**NOTE** we recommend NOT to re-use encryption passphrases, but always\ngenerate a new secret.\n\n**NOTE** it is currently not possible to specify a plain-text\npassphrase: we always assume that the given file has been encrypted\nusing the `private` key.\n\nThe `store` file is a CSV list of:\n\n \"Original archive\",\"Encryption key\",\"Encrypted archive\"\n 201511_data.tar.gz,/opt/store/pass-key-001.enc,201511_data.tar.gz.enc\n\na new line will be appended at the end; any comments will be left\nunchanged.\n\nusage\n-----\n\n### keypair generation\n\nWe do not provide the means to generate them (this will be done at a\nlater stage), but for now they can be generated using:\n\n openssl genrsa -out ./key.pem 2048\n openssl rsa -in key.pem -out key.pub -outform PEM -pubout\n\ntheir path can then be specified in the `conf.yaml` file.\n\n### encryption\n\nAlways use the `--help` option to see the most up-to-date options\navailable; anyway, the basic usage is:\n\n encrypt my_secret.txt\n\nwhich will create a `my_secret.txt.enc` file in the current directory,\nunless a different one has been specified using the `out` option in\n`/etc/filecrypt/conf.yml`.\n\nA completely random and cryptographically secure key will have been\ncreated; used; and then encrypted to the `secrets` location, its full\npath stored in the CSV keystore named in the `store` option of the YAML\nconfiguration file.\n\nFinally, the plaintext version of this key will have been safely\ndestroyed.\n\nA more elaborate one (see the example configuration in\n`examples/example_conf.yaml`):\n\n encrypt -f example_conf.yaml -s secret-key.enc plaintext.txt\n\nwill create an encrypted copy of the file to be stored as\n`/data/store/plaintext.txt.enc`; the original file **will not** be\nsecurely destroyed (using `shred`); and the encryption key name and\nlocation (the current directory, and `secret-key.enc`) to be stored in\nthe `keys.csv` file:\n\n``` {.yaml}\n# Fragment of example_conf.yaml\n...\nstore: keys.csv\nout: /data/store\nshred: false\n```\n\n**Specifying the encryption destination**\n\nBy default, the encrypted filename has the same name as the plaintext\nfile, with the `.enc` extension appended; and it is saved to either the\ncurrent directory or the `out` location specified in the configuration\nYAML.\n\nBy using the `--out` (`-o`) option, it is possible to specify the\nlocation of the output encrypted file, either absolute, or relative to\nthe current directory:\n\n encrypt -o mysecret.ser my_secret.doc\n\nor:\n\n encrypt -o secret/files/mysecret.ser my_secret.doc\n\nRegardless of the means of specifying the input/outpup files, the full\npath to both files will **always** be used in the CSV keystore,\nregardless of whether a relative or absolute path was specified on the\ncommand line.\n\n**IMPORTANT** \\>We recommend testing your configuration and command-line\noptions on test files: `shred` erases files in a *terminal* way that is\n**not** recoverable: if you mess up, **you will lose data**. \\> \\>You\nhave been warned.\n\n### decryption\n\nTo decrypt a file that has been encrypted using this utility, `decrypt`\nand pass the name of the encrypted file; it will be decrypted using the\npassed-in secret key (`-s` flag):\n\n decrypt -f example_conf.yaml -s secret-key.enc plaintext.txt\n\nIf the encryption key (`--secret` or `-s`) is not specified, then the\napplication will try and locate the plaintext file in the keystore\nspecified in the `conf.yaml` using the `store` key:\n\n``` {.yaml}\nstore: keys.csv\n...\n```\n\nand derive the location of the encryption key from the entry, if one is\nfound.\n\nPlease note that **the full absolute path must match** even if only a\nrelative path was given at the command line, as files are always stored\nwith their full path when saved to the key store.\n\nAs with encryption, the `--out` flag can be used to specify the output\nfile; otherwise, the current directory will be used.\n\nThe encrypted file will be left untouched: the `--keep` flag *may* be\nused, but will have no effect and the value of the `shred:` option will\nbe ignored.\n\nAs the encrypted file is already cryptographically secure a simple\n`rm my_secret.doc.enc` will be sufficient to guarantee privacy.\n\n### sharing files\n\nAs of `0.5.x`, `crytto` supports encrypting a file using solely a Public\nKey, and then the resulting ecnrypted file can be securely decrypted by\nthe owner of the Secret Key.\n\nThe main use case is to enable Alice to send Bob an encrypted file, once\nBob has given her a copy of his Public key; call the latter `bob.pub`\nand the file to share `my_secret.txt`, then Alice can execute:\n\n encrypt_send --key bob.pub --out my-secret.ser my_secret.txt\n\nafter encryption, in the current directory there will be the following\ntwo new files:\n\n my-secret.ser\n pass-key-000854.enc\n\nthe former is the encrypted contents of `my_secret.txt` and the latter\nthe encrypted passphrase (leaving out the `--out` argument would have\nmade the encrypted file's name `my_secret.txt.enc`).\n\nThose files can be both sent to Bob or, even better, provided to him\nseparately for added security; either way, upon receiving them, Bob can\nrun the following (we assume the `bob.pub` was the private half of the\nconfigured key pair that he keeps in his [configuration\nfile](#configuration)):\n\n decrypt -s pass-key-000854.enc --out alice_secret.txt my-secret.ser\n\n(again, leaving out the `--out` is useful when using the defaults, as\nthe `my_secret.txt.enc` would have turned back into `my_secret.txt` --\nin this case, the plaintext decrypted file would have been called\n`my-secret.ser.out`).\n\n### pruning\n\nThe keystore may grow very large and entries may become obsolete, as\nfiles are deleted: using the `prune_store` script (optionally, giving it\nthe name of the keystore to prune) all entries where either of the files\nare no longer existing will be removed.\n\n**This command may lead to data loss**, however, a copy of the keystore\nis backed up with the `.bak` extension.\n\n**Note** For Decryption, we will not use the value of the `out:` flag in\nthe YAML configuration file, even if specified.\n\nreferences\n----------\n\n- a [detailed\n HOW-TO](https://github.com/massenz/HOW-TOs/blob/master/HOW-TO%20Encrypt%20archive.rst)\n with the steps to encrypt a file manually;\n- the original [Ask\n Ubuntu](http://askubuntu.com/questions/95920/encrypt-tar-gz-file-on-create)\n post;\n- [OpenSSL](https://openssl.org);\n- [Ubuntu guide to\n OpenSSL](https://help.ubuntu.com/community/OpenSSL).\n\n\n", "description_content_type": "text/markdown", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/massenz/filecrypt", "keywords": "", "license": "Apache2", "maintainer": "", "maintainer_email": "", "name": "crytto", "package_url": "https://pypi.org/project/crytto/", "platform": "", "project_url": "https://pypi.org/project/crytto/", "project_urls": { "Homepage": "https://github.com/massenz/filecrypt" }, "release_url": "https://pypi.org/project/crytto/0.6.3/", "requires_dist": [ "PyYAML (>=3.11)", "sh (>=1.11)" ], "requires_python": "", "summary": "An OpenSSL-based file encryption and decryption utility", "version": "0.6.3" }, "last_serial": 5479635, "releases": { "0.2.0": [ { "comment_text": "", "digests": { "md5": "3b8a5eb748757a2706229177d3d89ac4", "sha256": "71864e40915cda7d666362ad488764c8b69923aedad7fd0a843e48946303ad32" }, "downloads": -1, "filename": "crytto-0.2.0-py3-none-any.whl", "has_sig": false, "md5_digest": "3b8a5eb748757a2706229177d3d89ac4", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 26647, "upload_time": "2016-09-19T01:41:40", "url": "https://files.pythonhosted.org/packages/87/9f/d51c281e4e97c367b1868f1180c00bdd37655dc675329eb25d0eeec3bfdc/crytto-0.2.0-py3-none-any.whl" } ], "0.2.1": [ { "comment_text": "", "digests": { "md5": "e0095cb4826db8089b7fde21888d4673", "sha256": "8e0313f9eb2d09f9b436840905ea9778c7ac8b4c53a9a3af8daceefdb587480b" }, "downloads": -1, "filename": "crytto-0.2.1.linux-x86_64.tar.gz", "has_sig": false, "md5_digest": "e0095cb4826db8089b7fde21888d4673", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 11217, "upload_time": "2016-09-19T15:07:51", "url": "https://files.pythonhosted.org/packages/73/dc/d50fae2842d43f841fd575114dabb9e2c5bf41d79ed29acbbb74139079f3/crytto-0.2.1.linux-x86_64.tar.gz" }, { "comment_text": "", "digests": { "md5": "53764efff43fb7ea9e065b9e384a9f13", "sha256": "6e46e21bef1ecfe3d61d6a61e08e0ce186f79d70a74f713dc06c3e12c9081fbe" }, "downloads": -1, "filename": "crytto-0.2.1-py3-none-any.whl", "has_sig": false, "md5_digest": "53764efff43fb7ea9e065b9e384a9f13", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 26903, "upload_time": "2016-09-19T15:07:49", "url": "https://files.pythonhosted.org/packages/a8/99/6a404c388985002cd8b81fdea06622f0a8314fbd7de79bfd57ed1f97bf63/crytto-0.2.1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "3e227de6d5cdfdd796abf36f08aaddd2", "sha256": "bbf1c8ffbb93b2a05cbe6db71f06a6211f019fe442572317a3855e3896593ecf" }, "downloads": -1, "filename": "crytto-0.2.1.tar.gz", "has_sig": false, "md5_digest": "3e227de6d5cdfdd796abf36f08aaddd2", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 10923, "upload_time": "2016-09-19T15:07:53", "url": "https://files.pythonhosted.org/packages/62/d9/6a54fc631c85da59133d95b774e4c7026580e2996ea8149b7055390371af/crytto-0.2.1.tar.gz" } ], "0.3.1": [ { "comment_text": "", "digests": { "md5": "78ef6b37a2fe9ee3fadc1afc184d0309", "sha256": "377fc18de2dc2f7cc160f3f95f00957548218146072d0695a751d735c70ab3b0" }, "downloads": -1, "filename": "crytto-0.3.1-py3-none-any.whl", "has_sig": false, "md5_digest": "78ef6b37a2fe9ee3fadc1afc184d0309", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 27101, "upload_time": "2017-06-01T04:24:29", "url": "https://files.pythonhosted.org/packages/59/d7/3b42c0d83789387f0c3e1a7959a040cc8d6976697ec0c1ea69edf61b3a9d/crytto-0.3.1-py3-none-any.whl" } ], "0.4.0": [ { "comment_text": "", "digests": { "md5": "94aaf2efe24478103b15149569358999", "sha256": "9c61cb83f2558e4a528d96eb62be67fccecbad27ca0315693cb7a294211763a7" }, "downloads": -1, "filename": "crytto-0.4.0-py3-none-any.whl", "has_sig": false, "md5_digest": "94aaf2efe24478103b15149569358999", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 28879, "upload_time": "2017-08-30T06:09:50", "url": "https://files.pythonhosted.org/packages/11/db/bc7ea9c88b0e60f6321e23f3ee093d621e958a9acf660b8a3c54a157fd2a/crytto-0.4.0-py3-none-any.whl" } ], "0.4.1": [ { "comment_text": "", "digests": { "md5": "be4cb2695a2456951cab9829722d35eb", "sha256": "91af223d626ab0e7293c5a120f418274a8dfa4fc83cf8dfee533372603e7fc83" }, "downloads": -1, "filename": "crytto-0.4.1-py3-none-any.whl", "has_sig": false, "md5_digest": "be4cb2695a2456951cab9829722d35eb", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 28889, "upload_time": "2017-09-03T22:51:11", "url": "https://files.pythonhosted.org/packages/5b/fc/66b2d74a7e1344271ec36f62b58b6915155d366f780aa4eda883c78e6f13/crytto-0.4.1-py3-none-any.whl" } ], "0.5.0": [ { "comment_text": "", "digests": { "md5": "2fc2c91d8fdbd8e853aed95043128598", "sha256": "db7c14d099091b90540855fb8304e2528263dcf231265e6c71dc080353aef509" }, "downloads": -1, "filename": "crytto-0.5.0-py3-none-any.whl", "has_sig": false, "md5_digest": "2fc2c91d8fdbd8e853aed95043128598", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 30803, "upload_time": "2017-10-16T04:42:12", "url": "https://files.pythonhosted.org/packages/18/fe/cb9835ac80f21671f16e889554e2db47a327b5fd00dd922609a1ec0d6ccc/crytto-0.5.0-py3-none-any.whl" } ], "0.6.0": [ { "comment_text": "", "digests": { "md5": "a9d2344dee447087d16cf81df3dd0874", "sha256": "83d4f58331023c8ea9e45217a3ec7cfa67d6a85612bbb7b54e4962c791ef270e" }, "downloads": -1, "filename": "crytto-0.6.0-py3-none-any.whl", "has_sig": false, "md5_digest": "a9d2344dee447087d16cf81df3dd0874", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 23941, "upload_time": "2018-02-13T07:17:20", "url": "https://files.pythonhosted.org/packages/2e/bd/79e87d88ff66c84f90d80dab8bcfc4935784d5e62d3d041a28a250e2e796/crytto-0.6.0-py3-none-any.whl" } ], "0.6.1": [ { "comment_text": "", "digests": { "md5": "d71c878feb00b701e5b51da853a0a144", "sha256": "9ffd6e5ed203260af4a695e27ce6371bdd9b75c84171cc2bbdd5341a4481a38f" }, "downloads": -1, "filename": "crytto-0.6.1-py3-none-any.whl", "has_sig": false, "md5_digest": "d71c878feb00b701e5b51da853a0a144", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 31420, "upload_time": "2018-05-31T08:23:40", "url": "https://files.pythonhosted.org/packages/87/41/fb7364f4f9466b0a5739d8a55041e3e9f1e5a030c2ae0c87056f7ac569df/crytto-0.6.1-py3-none-any.whl" } ], "0.6.2": [ { "comment_text": "", "digests": { "md5": "a3040a64c0be1c664a481b21f1e4fe51", "sha256": "a75ee898b21518472373370ee3d1a760c8bfa9211d0328fa80213489df51dd6b" }, "downloads": -1, "filename": "crytto-0.6.2-py3-none-any.whl", "has_sig": false, "md5_digest": "a3040a64c0be1c664a481b21f1e4fe51", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 26656, "upload_time": "2019-07-03T05:20:27", "url": "https://files.pythonhosted.org/packages/6c/33/36e5806c422e986f6a62b356962462374aaa746e5b60d1492b0929421459/crytto-0.6.2-py3-none-any.whl" } ], "0.6.3": [ { "comment_text": "", "digests": { "md5": "42f679b49bc0b8d79f733b203d910491", "sha256": "0405b3f23ea5baf6968084a8d79d149c3db0e9ecc4e00bba97d5256404064705" }, "downloads": -1, "filename": "crytto-0.6.3-py3-none-any.whl", "has_sig": false, "md5_digest": "42f679b49bc0b8d79f733b203d910491", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 26660, "upload_time": "2019-07-03T05:33:12", "url": "https://files.pythonhosted.org/packages/03/e6/f9553a9149d910e4de87762c3c444237e7a0c05560baa2cf8204aa441028/crytto-0.6.3-py3-none-any.whl" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "42f679b49bc0b8d79f733b203d910491", "sha256": "0405b3f23ea5baf6968084a8d79d149c3db0e9ecc4e00bba97d5256404064705" }, "downloads": -1, "filename": "crytto-0.6.3-py3-none-any.whl", "has_sig": false, "md5_digest": "42f679b49bc0b8d79f733b203d910491", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": null, "size": 26660, "upload_time": "2019-07-03T05:33:12", "url": "https://files.pythonhosted.org/packages/03/e6/f9553a9149d910e4de87762c3c444237e7a0c05560baa2cf8204aa441028/crytto-0.6.3-py3-none-any.whl" } ] }