7 releases (stable)
1.4.0 | Nov 20, 2024 |
---|---|
1.3.1 | Sep 22, 2024 |
1.3.0 | Jul 20, 2024 |
1.2.1 | Jun 30, 2024 |
0.1.0 | May 3, 2024 |
#772 in Cryptography
42KB
957 lines
git-simple-encrypt
English | 简体中文
A very simple and easy to use git encryption tool that encrypts/decrypts your git repositories on any device with one single password. Supports partial file encryption, incremental encryption.
- Why not use
git-crypt
?- This project is more focused on ease of use than security. Single-password symmetric encryption is my bottom line.
[!WARNING]
This repository does not make any guarantees about encryption security and backward compatibility. (Please use the same major version)
Installation
There are several different ways to install it, you can choose any of them.
- Download the file from Releases, unzip and place it in
C:\Windows\System32
(If you're using Windows) or anyPath
directory. - Using bpm:
bpm i git-simple-encrypt -b git-se -q
- Using scoop:
scoop bucket add absx https://github.com/absxsfriends/scoop-bucket scoop install git-simple-encrypt
- Using cargo:
or cargo-binstall:cargo +nightly install git-simple-encrypt
cargo binstall git-simple-encrypt
Usage
git-se p # Set the password.
git-se add file.txt # Add `file.txt` to the need-to-be-encrypted list.
git-se add mydir # Add `mydir` to the need-to-be-encrypted list.
git-se e # Encrypt files in list in the current repository.
git-se d # Decrypt all files with extension `.enc`, `.zst.enc`.
git-se d 'src/*' # Decrypt all encrypted files in `src` folder.
Type git-se -h
and git-se [subcommand] -h
to get more information.
Caution
git add -A
is automatically executed when encrypting, so make sure that.gitignore
is handled properly.- Do not add files with
.zst
,.enc
suffixes and folders containing them to the encrypted list. - To delete file/dir from encrypt list, edit
git_simple_encrypt.toml
. - encrypt/decrypt will keep the file metadata unchanged (unix permission and timestamp).
Algorithm
graph TD;
A[Key: 123] -- SHA3_224 --> 602bdc204140db016bee5374895e5568ce422fabe17e064061d80097 -- CUT --> 602bdc204140db016bee5374895e5568 --cipher--> Aes128GcmSiv -- output--> 14a7dd2666afd854788c80f5518fea892491f23e72798d2fbc67bfc6259610d6f4
B[Text: '6' * 60] --zstd--> 28b52ffd006045000010363601003f0116 --content--> Aes128GcmSiv
CONST --NONCE--> Aes128GcmSiv
- If zstd compression has the opposite effect, skip compression.
- Decrypt all files with extension
.enc
,.zst.enc
.
Develop
- for testing, please use
cargo test -- --test-threads=1
TODO
- zstd effect checking
- partial decrypt
Dependencies
~11–22MB
~290K SLoC