CHAP (short for chachapoly) is a tool for encryption, decryption, and secure file wiping. It leverages the cipherbox library as a wrapper for the ChaCha20-Poly1305 cipher and scrypt key derivation, providing strong data protection.
- Encrypt (
e): Secure your data with strong encryption. (RequiresCKEYenvironment variable) - Decrypt (
d): Decrypt your data to restore it to its original form. (RequiresCKEYenvironment variable) - Wipe (
w,wipe): Permanently and securely erase files, leaving no trace behind.
Download the latest release of CHAP from the GitHub Releases.
-
Download the binary for your platform.
-
Make it executable:
chmod +x chap
-
Run the binary from the download location or place it in your system PATH for easy access.
To encrypt a file, ensure the CKEY environment variable is set with a 32-byte key. If the key is shorter, it will be padded using a Fibonacci sequence, which is not secure. It is highly recommended to use a random key of the correct length.
CKEY="your-32-byte-key" ./chap e < plaintext.txt > encrypted.txtDecrypt your previously encrypted files with the correct key:
CKEY="your-32-byte-key" ./chap d < encrypted.txt > plaintext.txtTo securely delete a file, use the wipe command:
./chap wipe /path/to/your/file.txtFORCE_WIPE=true ./chap wipe /path/to/your/file.txtFor assistance and a summary of available commands:
./chap helpYour encryption key must be exactly 32 bytes long. If it's shorter, it will be padded using a Fibonacci sequence, which is not recommended for secure encryption. Ensure your key is the correct length to maintain the highest level of security.
Contributions are welcome. If you encounter any issues or have suggestions for improvements, please open an issue or submit a pull request.