README
¶
cryptoad
Ever wanted to send a (probably large) file to someone over a cloud service?? Ever get that icky feeling knowing that their servers will probably retain the file forever even after you delete it? You could encrypt it but that means the person to which you're sending must have the necessary software/know-how to decrypt it!
Cryptoad takes any single input file, encrypts it using a supplied password, then packages the file into a binary for a given target architecture (386, amd64, arm) and a given target OS (darwin, freebsd, linux, windows). The output binary can later be executed, at which point it will prompt for a password and attempt to decrypt the file using the given password. If successful, the encrypted file will be copied to the current working directory.
In summary (the following was run on linux):
$> ./cryptoad -arch amd64 -os windows -pass mountmyoboku -v 1 README.md toad-agent.exe generate key from password seal message message sealed! size = 1330 bytes summon toad... finished. $> stat -c '%s' toad-agent.exe 4177167 $> file toad-agent.exe toad-agent.exe: PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
Now toad-agent.exe is shipped off to someone via drop box/google drive/etc
with the encrypted file embedded within. Its recipient can then download it,
run it, enter the password (presumably transmitted out of band by phone,
email or text), and finally receive the original un-encrypted file.
!!WARNING!! This process does nothing to ensure that the file the other person receives is authenticated. Someone could attack the person receiving the file by replacing it with a malicious executable. In order to authenticate the file, the receiver should coordinate with the sender in some way. For example, the sender could provide the receiver with a cryptographic checksum, and the receiver could authenticate the file by comparing the checksum.
###Installation WARNING: this is beta software, do not use it in production systems or trust it with super secret stuff.
Due to the magic of go binaries, the output binary of cryptoad is completely self-sufficient (no dynamic linking). This means that recipients of cryptoad binaries will be able to simply run them without installing anything.
On the other hand, cryptoad requires a golang development environment to actually generate cryptoad output binaries. Specifically, the golang environment must support cross compilation to the various operating systems and architectures for which a user intends to target with cryptoad. This tutorial details the steps required to set up a go cross compilation environment.
After a proper go environment is set up, build the cryptoad binary by running:
go build
finally, you can test that cryptoad detects the cross compilation support
in the go environment:
$> ./cryptoad -h
usage: cryptoad INPUT OUTPUT
INPUT: the file to encrypt
OUTPUT: your newly summoned, self-decrypting toad friend /.0 _0}
-arch="amd64": target architecture. one of 386, amd64, arm
-os="linux": target OS. one of darwin, freebsd, linux, windows
-pass="": the password with which to encrypt. if not specified, you
will be prompted for one. make it a good one whydontcha!?
-v=0: verbosity level. higher level is more verbose
the usage help lists 386, amd64 and arm for architectures and
lists darwin, freebsd, linux and windows for operating systems
because cryptoad has detected that they are available for cross
compilation in the go environment.
Documentation
¶
There is no documentation for this package.
Source Files
Directories