User-friendly symmetric-key cryptography
Project description
lockbox: User-friendly CLI over cryptography.io's Fernet symmetric cipher
=====================================================
.. image:: https://img.shields.io/badge/python-2.6%202.7%203.3%203.4%203.5%203.6-blue.svg
:target: https://pypi.python.org/pypi/lockbox
.. image:: https://img.shields.io/badge/license-MIT-blue.svg
:target: https://pypi.python.org/pypi/lockbox
---------------
.. image:: https://s3.amazonaws.com/johnwheeler/lockbox.gif
**lockbox** provides a command line interface over cryptography.io's `Fernet symmetric cipher <https://cryptography.io/en/latest/fernet/>`_.
Fernet guarantees that a message encrypted using it cannot be manipulated or read without the key. lockbox was inspired by the Ruby-based
`sekrets <https://github.com/ahoward/sekrets>`_ project, but they use different ciphers.
Installation
------------
``pip install lockbox``
Command line interface
----------------------
The ``lock`` command
/////////////////////
.. code::
Usage: lockbox lock [OPTIONS] INPUT OUTPUT
Symmetric encryption of plaintext input file to ciphertext output file
Options:
--key TEXT An encryption key
--help Show this message and exit.
The ``unlock`` command
////////////////////
.. code::
Usage: lockbox unlock [OPTIONS] INPUT OUTPUT
Symmetric decryption of ciphertext input file to plaintext output file
Options:
--key TEXT An encryption key
--help Show this message and exit.
The ``edit`` command
////////////////////
.. code::
Usage: lockbox edit [OPTIONS] PATH
Decrypts the given file and opens its contents in a temporary file for
editing. Once saved, the updated contents are reencrypted back to the
orignal file.
Options:
--key TEXT An encryption key
--help Show this message and exit.
The ``genkey`` command
//////////////////////
.. code::
Usage: lockbox genkey [OPTIONS] OUTPUT
Generates a cryptographically strong key and writes it to the given output
path
Options:
--help Show this message and exit.
Key resolution
--------------
With **lockbox**, you can pass an encryption key as a command line option ``--key`` or store the key in a ``.lockbox.key`` file.
The key should be `cryptographically strong <https://en.wikipedia.org/wiki/Password_strength#Guidelines_for_strong_passwords>`_. The command
line interface also has a command to generate such a key.
For all operations, lockbox uses the following algorithm to search for a key:
- A key passed via the ``--key`` option is always preferred.
- Otherwise the code looks for a companion key file named ``.lockbox.key`` in the the current working directory.
- If that is not found lockbox looks for the key in the environment under the environment variable ``LOCKBOX_KEY``
- Next the global key file is searched for. The path of this file is ``~/.lockbox.key``
- Finally, if no keys have been specified or found, the user is prompted to input the key. Prompt only occurs if the user is attached to a tty.
- You should **never** commit keyfiles. Add them to to your ``.gitignore`` or similar.
=====================================================
.. image:: https://img.shields.io/badge/python-2.6%202.7%203.3%203.4%203.5%203.6-blue.svg
:target: https://pypi.python.org/pypi/lockbox
.. image:: https://img.shields.io/badge/license-MIT-blue.svg
:target: https://pypi.python.org/pypi/lockbox
---------------
.. image:: https://s3.amazonaws.com/johnwheeler/lockbox.gif
**lockbox** provides a command line interface over cryptography.io's `Fernet symmetric cipher <https://cryptography.io/en/latest/fernet/>`_.
Fernet guarantees that a message encrypted using it cannot be manipulated or read without the key. lockbox was inspired by the Ruby-based
`sekrets <https://github.com/ahoward/sekrets>`_ project, but they use different ciphers.
Installation
------------
``pip install lockbox``
Command line interface
----------------------
The ``lock`` command
/////////////////////
.. code::
Usage: lockbox lock [OPTIONS] INPUT OUTPUT
Symmetric encryption of plaintext input file to ciphertext output file
Options:
--key TEXT An encryption key
--help Show this message and exit.
The ``unlock`` command
////////////////////
.. code::
Usage: lockbox unlock [OPTIONS] INPUT OUTPUT
Symmetric decryption of ciphertext input file to plaintext output file
Options:
--key TEXT An encryption key
--help Show this message and exit.
The ``edit`` command
////////////////////
.. code::
Usage: lockbox edit [OPTIONS] PATH
Decrypts the given file and opens its contents in a temporary file for
editing. Once saved, the updated contents are reencrypted back to the
orignal file.
Options:
--key TEXT An encryption key
--help Show this message and exit.
The ``genkey`` command
//////////////////////
.. code::
Usage: lockbox genkey [OPTIONS] OUTPUT
Generates a cryptographically strong key and writes it to the given output
path
Options:
--help Show this message and exit.
Key resolution
--------------
With **lockbox**, you can pass an encryption key as a command line option ``--key`` or store the key in a ``.lockbox.key`` file.
The key should be `cryptographically strong <https://en.wikipedia.org/wiki/Password_strength#Guidelines_for_strong_passwords>`_. The command
line interface also has a command to generate such a key.
For all operations, lockbox uses the following algorithm to search for a key:
- A key passed via the ``--key`` option is always preferred.
- Otherwise the code looks for a companion key file named ``.lockbox.key`` in the the current working directory.
- If that is not found lockbox looks for the key in the environment under the environment variable ``LOCKBOX_KEY``
- Next the global key file is searched for. The path of this file is ``~/.lockbox.key``
- Finally, if no keys have been specified or found, the user is prompted to input the key. Prompt only occurs if the user is attached to a tty.
- You should **never** commit keyfiles. Add them to to your ``.gitignore`` or similar.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
lockbox-0.1.tar.gz
(3.8 kB
view details)
Built Distribution
File details
Details for the file lockbox-0.1.tar.gz.
File metadata
- Download URL: lockbox-0.1.tar.gz
- Upload date:
- Size: 3.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | d0798fb8662f0fd4e1d0ca3bcec9031d7bed3d634b85ed998b9568c4df8a9991 |
|
| MD5 | b8d0300d85355d4ec53efd688007c6f2 |
|
| BLAKE2b-256 | 22c180c8292d1c04337f4ada51e90a7edecb063d9ed2e8edc44b85e77ca241b1 |
File details
Details for the file lockbox-0.1-py2.py3-none-any.whl.
File metadata
- Download URL: lockbox-0.1-py2.py3-none-any.whl
- Upload date:
- Size: 4.5 kB
- Tags: Python 2, Python 3
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 1866afa7c26567cab5c4b9309ba893ce51d3c1cc29ebbee151ef5731c5e42f0b |
|
| MD5 | f43b260069508d6ed556e20fa0adbb20 |
|
| BLAKE2b-256 | fc1293eff1b528a22fda9273e9ef2964833b36c2173d73e24c928c47a9e0c5b7 |
