Skip to content

Implementation of io/fs.FS that transparently encrypts and decrypts files

License

Notifications You must be signed in to change notification settings

moov-io/cryptfs

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Moov Banner Logo

GoDoc Build Status Coverage Status Go Report Card Repo Size Apache 2 License Slack Channel GitHub Stars Twitter

moov-io/cryptfs

Moov's mission is to give developers an easy way to create and integrate bank processing into their own software products. Our open source projects are each focused on solving a single responsibility in financial services and designed around performance, scalability, and ease of use.

cryptfs implements Go's io/fs.FS interface for interacting with the local filesystem to transparently encrypt/decrypt files. This is useful as a library because it offers applications a well tested routine for keeping data protected.

Project Status

cryptfs is included in multiple open-source projects Moov offers and is used in production environments. Please star the project if you are interested in its progress. If you find any bugs or desire additional encryption/encoding algorithms we would appreciate an issue or pull request. Thanks!

Usage

Cryptfs supports AES and GPG for encryption and Base64 (Standard Raw) encoding. Currently cryptfs is usable as a Go library in your applications. This needs to be initialized prior to reading or writing any files.

AES Cryptor
key := []byte("1234567812345678")) // insecure key

fsys, err := cryptfs.FromCryptor(cryptfs.NewAESCryptor(key))
if err != nil {
    // do something
}

fsys.SetCoder(cryptfs.Base64()) // optional, default is the raw bytes
GPG Cryptor
fsys, err := cryptfs.FromCryptor(cryptfs.NewGPGCryptorFile(publicKeyPath, privateKeyPath, password))
if err != nil {
    // do something
}

fsys.SetCoder(cryptfs.Base64()) // optional, default is the raw bytes

Once initialized you can perform open/read and write operations.

Open

file, err := fsys.Open(path)
if err != nil {
    // do something
}

ReadFile

plaintext, err := fsys.ReadFile(path)
if err != nil {
    // do something
}

WriteFile

err := fsys.WriteFile(path, data, 0600)
if err != nil {
    // do something
}

Command Line

Moov offers a command line tool for using this library as well. It's handy for operational debugging and testing.

Getting help

channel info
Twitter @moov You can follow Moov.io's Twitter feed to get updates on our project(s). You can also tweet us questions or just share blogs or stories.
GitHub Issue If you are able to reproduce a problem please open a GitHub Issue under the specific project that caused the error.
moov-io slack Join our slack channel to have an interactive discussion about the development of the project.

Supported and tested platforms

  • 64-bit Linux (Ubuntu, Debian), macOS, and Windows

Contributing

Yes please! Please review our Contributing guide and Code of Conduct to get started! Checkout our issues for first time contributors for something to help out with.

This project uses Go Modules and Go v1.18 or newer. See Golang's install instructions for help setting up Go. You can download the source code and we offer tagged and released versions as well. We highly recommend you use a tagged release for production.

License

Apache License 2.0 - See LICENSE for details.