61 lines
1.4 KiB
Markdown
61 lines
1.4 KiB
Markdown
# himbocrypt
|
|
|
|
A robust end-to-end encryption engine and CLI.
|
|
|
|
## What is this?
|
|
|
|
An encryption tool for secure message exchange. Uses X25519 key exchange, XChaCha20-Poly1305 for authenticated encryption, and HKDF for key derivation.
|
|
|
|
## How it works
|
|
|
|
1. **Keys**: You get a "Public Key" (share with the other party) and a "Private Key" (keep secret).
|
|
2. **Sending**: The tool combines your private key with the recipient's public key to derive a shared secret and encrypt the message.
|
|
3. **Receiving**: The recipient uses their private key and your public key to derive the same secret and decrypt.
|
|
4. **Forward Secrecy**: Every message generates an ephemeral keypair that's discarded after use. If your long-term key is compromised later, past messages remain secure.
|
|
|
|
## Usage
|
|
|
|
### Build
|
|
|
|
```bash
|
|
go build -o himbocrypt cmd/himbocrypt/main.go
|
|
```
|
|
|
|
### Make Keys
|
|
|
|
Both parties need to generate their own keypair.
|
|
|
|
```bash
|
|
./himbocrypt keygen
|
|
```
|
|
|
|
Save the output!
|
|
|
|
### Send a Message
|
|
|
|
```bash
|
|
./himbocrypt encrypt \
|
|
-sender-priv <YOUR_PRIVATE_KEY> \
|
|
-recipient-pub <RECIPIENT_PUBLIC_KEY> \
|
|
-msg "Hello there"
|
|
```
|
|
|
|
### Read a Message
|
|
|
|
```bash
|
|
./himbocrypt decrypt \
|
|
-recipient-priv <YOUR_PRIVATE_KEY> \
|
|
-sender-pub <SENDER_PUBLIC_KEY> \
|
|
-ciphertext <THE_CIPHERTEXT>
|
|
```
|
|
|
|
## For Developers
|
|
|
|
Use this in your own Go apps:
|
|
|
|
```go
|
|
import "himbocrypt/pkg/engine"
|
|
|
|
e := engine.NewEngine()
|
|
```
|