Encryptpad

In the header of an encrypted file so the user does not need to specify it when decrypting.What is an EncryptPad key file?In symmetric encryption the same sequence is used to encrypt and decrypt data. The user or anotherapplication usually provides this sequence in the form of an entered passphrase or a file. In addition toentered passphrases, EncryptPad generates files with random sequences called "key files".When the user creates a key file, EncryptPad generates a random sequence of bytes, asks theuser for a passphrase, encrypts the generated sequence and saves it to a file.The format of the file is OpenPGP. Other OpenPGP implementations can also create andopen EncryptPad key files as below shell commands demonstrate.When EncryptPad generates a new key file, it is roughly equivalent to the following gpg2 command. ~/.encryptpad/foo.key">pwmake 1024 | gpg2 -c --armor --cipher-algo AES256 > ~/.encryptpad/foo.keypwmake generates a random sequence, which gpg2 in-turn encrypts. It will ask for thepassphrase to encrypt the sequence.When you use this key to encrypt test3.txt, the equivalent gpg command is below:gpg2 --decrypt ~/.encryptpad/foo.key \| gpg2 --passphrase-fd 0 --batch -c --cipher-algo AES256 \-o /tmp/test3.txt.gpg /tmp/test3.txtThe first gpg2 process decrypts foo.key and directs it to descriptor 0 of the second processthrough a pipe. gpg2 reads the sequence from the descriptor with --passphrase-fd 0.When EncryptPad opens the encrypted file protected with foo.key, the equivalent gpg commands are:gpg2 --decrypt ~/.encryptpad/foo.key \| gpg2 --passphrase-fd 0 --batch --decrypt \-o /tmp/test4.txt /tmp/test3.txt.gpgAs you see, other OpenPGP implementations can also use EncryptPad keys.EPD file format when encrypting with a

Screenshots and tutorials are at evpo.net/encryptpad/EncryptPadEncryptPad is an application for viewing and editing symmetrically encrypted text. Using a simple and convenient graphical and command line interface, EncryptPad provides a tool for encrypting and decrypting binary files on disk while offering effective measures for protecting information, and it uses the most widely chosen quality file format **OpenPGP** [RFC 4880]( Unlike other OpenPGP software which main purpose is asymmetric encryption, the primary focus of EncryptPad is symmetric encryption.Table of ContentsFeaturesSupported platformsWhy use EncryptPad?When do I need EncryptPad?When can I not use EncryptPad?File typesGPGEPDFeature supportWhat is an EncryptPad key file?EPD file format when encrypting with a keyUse CURL to automatically download keys from a remote storageKnown weaknessesCommand line interfaceInstalling EncryptPadPortable executableArch LinuxUbuntu or Linux MintCompile EncryptPad on WindowsPrerequisitesStepsCompile EncryptPad on Mac/LinuxFedoraUbuntuDebianopenSUSEFreeBSDPortable modeDoes EncryptPad store passphrases in the memory to reopen files?AcknowledgementsEncryptPad integrity verificationOpenPGP signing and certification authorityStep by step verification processLicenseContact and feedbackFeaturesSymmetric encryptionPassphrase protectionKey file protectionCombination of passphrase and key fileRandom key file generatorKey repository in a hidden directory in the user's home folderPath to a key file can be stored in an encrypted file. If enabled, you do not need to specify the key file every time you open files.Encryption of binary files (images, videos, archives etc.)Read only mode to prevent accidental file modificationUTF8 text encodingWindows/Unix configurable line endingsCustomisable passphrase generator helps create strong random passphrases.File format compatible with OpenPGPIterated and salted S2KPassphrases are not kept in the memory for reuse, only S2K results (more ...)Cipher algorithms: TripleDES, CAST5, AES, AES192,

Tools:dnf install gcc make qt5-qtbase-devel gcc-c++ python libstdc++-static glibc-staticPATH=$PATH:/usr/lib64/qt5/bin/export PATHOpen the EncryptPad directory:./configure.py --build-botan --build-zlibmakeFor a dynamic build with using the system libraries:dnf install botan-devel./configure.pymakeUbuntuInstall dependencies and tools:apt-get install qtbase5-dev qt5-default gcc g++ make python pkg-config zlib1g-dev libbotan-2-devOpen the EncryptPad source directory:./configure.py --build-bzip2makeDebianInstall dependencies and tools:apt-get install qtbase5-dev qt5-default gcc g++ make python zlib1g-dev pkg-configOpen the EncryptPad source directory:./configure.py --build-botan --build-zlibmakeYou can also use the system libbotan-2-dev instead of building it. If libbotan-2-dev is not available, add stretch-backports to the repository:> /etc/apt/sources.listapt-get install libbotan-2-dev./configure.pymake">echo "deb stretch-backports main" >> /etc/apt/sources.listapt-get install libbotan-2-dev./configure.pymakeopenSUSEInstall dependencies and tools:zypper install gcc gcc-c++ make python pkg-config zlib-devel libqt5-qtbase-develln -s qmake-qt5 /usr/bin/qmakeYou can also install later compiler versions and link them to the default commands:zypper install gcc7 gcc7-c++ln -sf gcc-7 /usr/bin/gccln -sf g++-7 /usr/bin/g++Open the EncryptPad source directory:./configure.py --build-botan --build-zlibmakeFreeBSDInstall dependencies and tools:pkg install python pkgconf botan2 qt5Open the EncryptPad source directory:Portable modeEncryptPad checks the executable directory for a sub-directory called encryptpad_repository. If exists, it is used for key files and settings. The directory .encryptpad in the user's profile is then ignored. The EncryptPad executable and encryptpad_repository can both be copied to a removable media and used on multiple computers. It should be noted that keeping encrypted material with the key files on the same removable media is less secure. Separate them if possible.Does EncryptPad store passphrases in the memory to reopen files?No, it does not. After being entered, a passphrase and random salt are hashed with an S2K algorithm. The result is used as the encryption

Person would need two secrets to open an encrypted file: the passphrase and the key. Consider this example: you store your encrypted file on a memory stick, and protect it with a passphrase. In addition to that, you protect the file with a file key and store the key on computers where you open the file. If the memory stick is lost, the passphrase is not enough to decrypt your information. The key file is also needed and it is not on the memory stick.When can I not use EncryptPad? You need to send a file to somebody with whom you have not prearranged a shared secret (a passphrase or a key file). In this case, you need asymmetric encryption with public and private keys. Fortunately, there are many convenient tools suitable for the task. You are on public transport or a common area where somebody can see your screen. EncryptPad is not effective on a computer infected with spyware or a virus. Do not use it on a public, shared or compromised computer if you do not trust its safety. IMPORTANT: Before using EncryptPad ensure that it is legal in your country to use encryption ciphers that EncryptPad provides. You may find useful information at cryptolaw.org. IMPORTANT: If you forgot your passphrase or lost a key file, there is nothing that can be done to open your encrypted information. There are no backdoors in the formats that EncryptPad supports. EncryptPad developers take no responsibility for corrupted or invalid files in accordance with the license.File typesThe format is determined by an extension of a file. Main extensions of encrypted files are GPG and EPD.GPGThis file type conforms to OpenPGP format and it is compatible with other OpenPGP tools. Use it if you need to open a file where EncryptPad is

Demonstrate.When EncryptPad generates a new key file, it is roughly equivalent to the following gpg2 command.pwmake 1024 | gpg2 -c --armor --cipher-algo AES256 > ~/.encryptpad/foo.keypwmake generates a random sequence, which gpg2 in-turn encrypts. It will ask for the passphrase to encrypt the sequence.When you use this key to encrypt test3.txt, the equivalent gpg command is below:gpg2 --decrypt ~/.encryptpad/foo.key \| gpg2 --passphrase-fd 0 --batch -c --cipher-algo AES256 \-o /tmp/test3.txt.gpg /tmp/test3.txtThe first gpg2 process decrypts foo.key and directs it to descriptor 0 of the second process through a pipe. gpg2 reads the sequence from the descriptor with --passphrase-fd 0.When EncryptPad opens the encrypted file protected with foo.key, the equivalent gpg commands are:gpg2 --decrypt ~/.encryptpad/foo.key \| gpg2 --passphrase-fd 0 --batch --decrypt \-o /tmp/test4.txt /tmp/test3.txt.gpgAs you see, other OpenPGP implementations can also use EncryptPad keys.EPD file format when encrypting with a keyThere are three different structures a saved file can have depending on protection mode: Passphrase only (passphrase is used to protect a file but no keys are specified). The file is an ordinary OpenPGP file. Key only (passphrase is not set but a key file is used for protection). The file is a WAD file. WAD is a simple format for combining multiple binary files in one. You can open a WAD file in Slade. It contains two files internally: OpenPGP file encrypted with the key __X2_KEY is a plain text file containing the path to the key if "Persistent key location" in the encrypted file is enabled. Otherwise, it has zero length. Protected with passphrase and key. The resulting file is an OpenPGP file containing a WAD file as explained in 2.Use CURL to automatically download keys from a remote storageIf CURL URL is specified in Key File Path field in the Set Encryption Key dialogue, EncryptPad will attempt to start a

-e --key-file my_key.key \--key-only --key-pwd-fd 3 -o plain_text.txt.gpg 3Installing EncryptPadPortable executablePortable binaries are available for Windows and macOS. They can be copied on a memory stick orplaced on a network share.Arch LinuxUse fingerprints to receive gpg keys for EncryptPad and Botan.gpg --recv-key 621DAF6411E1851C4CF9A2E16211EBF1EFBADFBCgpg --recv-key 634BFC0CCC426C74389D89310F1CFF71A2813E85Install the AUR packages below:botan-stableAURencryptpadAURpacaur installs botan-stable automatically as encryptpad dependency.Ubuntu or Linux Mint via PPAAlin Andrei from webupd8.org kindly created EncryptPad packages forseveral distributions. See instructions below on how to install them.InstallationUse the commands below to install the packages.sudo add-apt-repository ppa:nilarimogard/webupd8sudo apt updatesudo apt install encryptpad encryptcliIntegrity verification procedureBelow are steps to verify the SHA-1 hashes of the source files in Launchpad webupd8 PPA used for building the packages. Ideally, you need to be familiar with the PPA concepts.1. Download one of the changes files below depending on your distribution. The package version was 0.3.2.5 at the moment of writing. Please replace it with the latest version you are installing.Yakkety wget wget wget wget Download the tarball with the verified "changes" files and its signature:wget Receive and verify the EncryptPad Release key:gpg --recv-key 634BFC0CCC426C74389D89310F1CFF71A2813E854. Verify the signature on the tarball:gpg --verify encryptpad0_3_2_5_webupd8_ppa_changes.tar.gz.asc5. Extract the content:tar -xf encryptpad0_3_2_5_webupd8_ppa_changes.tar.gz6. Compare the "changes" file for your distribution with the file from step 1. The SHA hashes should match.diff encryptpad_0.3.2.5-1~webupd8~yakkety1_source.changes \encryptpad0_3_2_5_webupd8_ppa_changes/encryptpad_0.3.2.5-1~webupd8~yakkety1_source.changesCompile EncryptPad on WindowsPrerequisitesQt framework based on MingW 32 bit (the latest build has been tested with Qt 5.10.1).MSYS: you can use one bundled with Git For Windows. You probably use Git anyway.Python: any recent version will work.StepsModify the