File: README.md

package info (click to toggle)
golang-github-muesli-sasquatch 0.0~git20210519.30aff9d-2
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, forky, sid, trixie
  • size: 184 kB
  • sloc: makefile: 2
file content (80 lines) | stat: -rw-r--r-- 2,263 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
 
# sasquatch

[![Build Status](https://github.com/muesli/sasquatch/workflows/build/badge.svg)](https://github.com/muesli/sasquatch/actions)
[![Coverage Status](https://coveralls.io/repos/github/muesli/sasquatch/badge.svg?branch=master)](https://coveralls.io/github/muesli/sasquatch?branch=master)
[![Go ReportCard](https://goreportcard.com/badge/muesli/sasquatch)](https://goreportcard.com/report/muesli/sasquatch)
[![GoDoc](https://godoc.org/github.com/golang/gddo?status.svg)](https://godoc.org/github.com/muesli/sasquatch)

A simple data encryption library, heavily inspired by [@Benjojo12](https://github.com/benjojo) and
[@FiloSottile](https://github.com/FiloSottile)'s fantastic [age](https://github.com/FiloSottile/age) project.

## Features

- [x] Multiple recipients
- [x] Supports encrypting with your existing SSH keys / ssh-agent
- [x] Convenient API

## Crypto Backends

- [x] ssh-rsa
- [x] ssh-ed25519
- [x] ssh-agent signing challenge (excluding ECDSA identities, as ECDSA signatures aren't deterministic)
- [x] scrypt / password

## Example

### Encryption

```go
buf := bytes.NewBuffer(nil)

alice, err := sasquatch.ParseRecipient("ssh-ed25519 ...")
bob, err := sasquatch.ParseRecipient("ssh-rsa ...")

rcp := []sasquatch.Recipient{alice, bob}
w, err := sasquatch.Encrypt(buf, rcp...)

data := []byte("Hello Alice, Hey Bob!")
w.Write(data)
w.Close()

ioutil.WriteFile("/tmp/sasquatch.encrypted", buf.Bytes(), 0644)
```

### Decryption

```go
buf, err := ioutil.ReadFile("/tmp/sasquatch.encrypted")

// find all available identities
identities := sasquatch.FindIdentities()
r, err := sasquatch.Decrypt(buf, identities...)

buf, err := ioutil.ReadAll(r)
ioutil.WriteFile("/tmp/sasquatch.decrypted", buf.Bytes(), 0644)
```

### ssh-agent Challenge

```go
// encryption
signers, err := sasquatch.SSHAgentSigners()
rcp, err := sasquatch.NewChallengeRecipient(signers[0])
sasquatch.Encrypt(buf, rcp)

// decryption
id, err := sasquatch.NewChallengeIdentity(signers[0])
r, err := sasquatch.Decrypt(buf, id)
```

### scrypt / password Encryption

```go
// encryption
rcp, err := sasquatch.NewScryptRecipient("password")
sasquatch.Encrypt(buf, rcp)

// decryption
id, err := sasquatch.NewScryptIdentity("password")
r, err := sasquatch.Decrypt(buf, id)
```