fortify

command module
v0.1.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 11, 2024 License: MIT Imports: 2 Imported by: 0

README

Fortify

Fortify is a command-line tool designed to enhance file security through encryption.

Features

  • Fortifies any file through encryption, then decrypts or executes the fortified files.
  • Encrypts file using AES-256.
  • Protects the AES secret key with either Shamir's Secret Sharing (SSS) or RSA encryption.

Usage Overview

Shamir's Secret Sharing (SSS)
Encryption

Encrypt files with randomly generated key parts:

fortify encrypt -i <input_file> -o <output_file>

Encrypt files with specified key parts:

fortify sss random -b 32 -p <number_of_shares> -t <threshold>
fortify encrypt -i <input_file> <key_part1> <key_part2> ...
Decryption

Decrypt files with specified key parts:

fortify decrypt -i <fortified_file> <key_part1> <key_part2> ...
Execution

Execute fortified files with specified key parts:

fortify execute -i <fortified_file> <key_part1> <key_part2> ...
RSA Encryption
Encryption

Encrypt files with RSA public key:

fortify encrypt -i <input_file> -k rsa <public_key_file>
Decryption

Decrypt files with RSA private key:

fortify decrypt -i <fortified_file> <private_key_file>
Execution

Execute fortified files with RSA private key:

fortify execute -i <fortified_file> <private_key_file>

Developer's Guide

Release

License

This project is licensed under the MIT License.

Contributing

We welcome contributions through issue submissions and pull requests. Feel free to suggest improvements or report issues.

Build

To build the project, run:

bash build.sh

After building, execute the following commands to confirm the result:

pushd build && ./fortify -h && ./fortify version; popd

Shamir's Secret Sharing (SSS)

Splitting and Combining Secret Shares

To split and combine secret shares, use the following commands:

pushd build/sss && ../fortify sss split -vT ../fortify; popd

pushd build/sss && ../fortify sss combine -o combined.out -vT 1of5.json 3of5.json 5of5.json; popd

Tips:

  • For enhanced security, store generated secret shares in different locations.
  • While suitable for processing large files, this method may not be optimal for smaller files.
Encrypting with Randomly Generated Secret Key

Encrypt files with randomly generated key parts:

pushd build/sss && ../fortify encrypt -i ../fortify -T; popd

Decrypt fortified files with specified key parts:

pushd build/sss && ../fortify decrypt -i fortified.data -T fortified.key1of2.json fortified.key2of2.json; popd

Execute fortified files with specified key parts:

pushd build/sss && ../fortify execute -i fortified.data fortified.key1of2.json fortified.key2of2.json -- encrypt -h; popd
Encrypting and Decrypting with Specified Key Parts

Generate new random key parts:

pushd build/sss && ../fortify sss random -p3 -t2 --prefix p; popd

Encrypt files using specified key parts:

pushd build/sss && ../fortify encrypt -i ../fortify -vT p1of3.json p2of3.json; popd

Decrypt fortified files using specified key parts:

pushd build/sss && ../fortify decrypt -i fortified.data -vT p1of3.json p3of3.json; popd

Execute fortified files using specified key parts:

pushd build/sss && ../fortify execute -i fortified.data p2of3.json p3of3.json; popd

RSA Encryption

Generate RSA key pairs:

bash debug_keygen.sh
Encrypting with RSA Public Key

Encrypt files using RSA public key:

pushd build/rsa && ../fortify encrypt -i ../fortify -k rsa -vT ../../debug/key_rsa/id_rsa.pub; popd

Encrypt files using RSA public key in PEM format:

pushd build/rsa && ../fortify encrypt -i ../fortify -k rsa -vT ../../debug/key_rsa/id_rsa_pem.pub; popd

pushd build/rsa && ../fortify encrypt -i ../fortify -k rsa  -vT ../../debug/key_rsa/id_rsa_pkcs8.pub; popd
# Will Fail
  • PKCS #8 public key is unsupported
pushd build/rsa && ../fortify encrypt -i ../fortify -k rsa -vT ../../debug/key_rsa/id_rsa_rfc4716.pub; popd
# Will Fail
  • RFC 4716 public key is unsupported
Execute Fortified Files with RSA Private Key

Execute fortified files using RSA private key:

pushd build/rsa && ../fortify execute -i fortified.data ../../debug/key_rsa/id_rsa; popd

Execute fortified files using RSA private key in PEM format:

pushd build/rsa && ../fortify execute -i fortified.data ../../debug/key_rsa/id_rsa_pem; popd

Execute fortified files using RSA private key in RFC 4716 format:

pushd build/rsa && ../fortify execute -i fortified.data ../../debug/key_rsa/id_rsa_rfc4716; popd

pushd build/rsa && ../fortify execute -i fortified.data ../../debug/key_rsa/id_rsa_pkcs8; popd
# Will Fail
  • encrypted PKCS #8 private key is unsupported

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis
file_lock_test

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.