CipherCLI - AES Encryption CLI Tool

ciphercli is a command-line tool for securely encrypting and decrypting text using AES encryption in CFB mode. The tool derives a secure key from a user-provided passphrase using PBKDF2, ensuring strong encryption. Encrypted output is base64-encoded, making it suitable for storage or transmission.

Features

• AES encryption in CFB mode with a random IV for enhanced security.
• Base64 encoding for safe storage of encrypted data.
• Passphrase-based key derivation using PBKDF2 with configurable iterations and a random salt.
• Support for file input/output and text-based encryption/decryption.
• Command-line interface with simple, clear subcommands for encryption and decryption.
• Ideal for integration into scripts or standalone use in the terminal.

Prerequisites

• Go version 1.23 or higher.

Installation

1. Clone the Repository

git clone https://github.com/thorntoncloud/ciphercli-go.git
cd ciphercli-go

2. Build the Executable

To build the CLI tool, run:

go build -o ciphercli

This will create a ciphercli executable (or ciphercli.exe on Windows) in the project directory.

Usage

CipherCLI uses spf13/cobra for a clear, structured command interface. You can choose encrypt or decrypt subcommands with a specified text to encrypt or decrypt.

Encrypt Text

To encrypt text, use the encrypt command with a passphrase:

./ciphercli encrypt "your secret message" --passphrase "your-passphrase"

To encrypt the contents of a file:

./ciphercli encrypt --input "/path/to/file" --output "/path/to/output" --passphrase "your-passphrase"

The CLI will return the base64-encoded encrypted text if no output file is specified.

Decrypt Text

To decrypt encrypted text, use the decrypt command with the same passphrase used for encryption:

./ciphercli decrypt "base64-encoded-encrypted-text" --passphrase "your-passphrase"

To decrypt the contents of a file:

./ciphercli decrypt --input "/path/to/file" --output "/path/to/output" --passphrase "your-passphrase"

The CLI will return the original decrypted text if no output file is specified.

Command-Line Options

• encrypt: Encrypts the specified text.
• decrypt: Decrypts the specified base64-encoded encrypted text.
• version: Display the current version of the tool.

Flags:

• --input (-i): Specify the input file (optional).
• --output (-o): Specify the output file (optional).
• --passphrase (-p): Specify the passphrase to derive the encryption key (required).

Example commands:

ciphercli encrypt "Text to encrypt" --passphrase "mypassword"
ciphercli decrypt "EncryptedTextHere" --passphrase "mypassword"
ciphercli encrypt --input "~/.config/secrets" --output "~/.config/secure-secrets" --passphrase "mypassword"

Adding the Tool to Your PATH

You can add ciphercli to your PATH for easier access.

On Linux / macOS

Move the binary to /usr/local/bin:

sudo mv ciphercli /usr/local/bin

Verify it’s accessible:

ciphercli encrypt "test message"

On Windows

Move ciphercli.exe to your preferred directory, e.g., C:\tools\ciphercli.

Add the directory to your system’s PATH:

1. Open Control Panel → System → Advanced System Settings.
2. Go to Environment Variables.
3. Under System Variables, find the Path variable, select it, and click Edit.
4. Add the path to the directory containing ciphercli.exe (e.g., C:\tools\ciphercli).
5. Click OK to save.

Verify it’s accessible:

ciphercli encrypt "text"

Contributing

Contributions are welcome! Feel free to fork this repository, open pull requests, or file issues for bug reports or feature requests.

License

This project is licensed under the MIT License.