zageeligrubb/zage
MIT
CLI and Zig library for the age file encryption format
1101
7
age-encryption,cli,curve25519,file-encryption,scrypt,zig,zig-library
build.zig.zonbuild.zig
View program on GitHubDependencies
Namezecrecy
Commit
cbbf02c58387f0fba86d080cdc60341b5fac8edeNameclap
Commit
5289e0753cd274d65344bef1c114284c633536eaNamezeit
Commit
masterREADME
zage: age File Encryption with Zig
A pure Zig implementation of the age file encryption
standard. The specification can be
found at age-encryption.org/v1.
age was designed by @Benjojo and
@FiloSottile.
Like
age
and GIF, zage is pronounced with a hard g sound:
/zɑːgeɪ/ or
ZAH-ghay.
zage is always spelled entirely lowercase.
CAUTION
zageis currently alpha software and not considered ready for production use
Quickstart
Generate a keypair:
$ zage-keygen -o key.txt
Public key: age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p
Encrypt a file:
$ tar cvz ~/data | zage -r age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p > data.tar.gz.age
Decrypt a file:
$ zage --decrypt -i key.txt data.tar.gz.age > data.tar.gz
Installation
Build from source with Zig
Download Zig and run the following commands:
$ git clone [email protected]:eligrubb/zage.git
$ cd zage
$ zig build
Binary releases (TBD)
Usage
$ zage --help
Usage:
zage [--encrypt] (-r RECIPIENT | -R PATH)... [-i IDENTITY | -j PLUGIN] [--armor] [-o OUTPUT] [INPUT]
zage [--encrypt] --passphrase [--armor] [-o OUTPUT] [INPUT]
zage --decrypt [-i IDENTITY | -j PLUGIN] [-o OUTPUT] [INPUT]
Arguments:
[INPUT] Path of input file to read from (Default=stdin).
Options:
-o, --output OUTPUT Path of output file to write to (Default=stdout).
-v, --version Print the version information and exit.
-h, --help Print this help message and exit.
Encryption options:
-e, --encrypt Encrypt the input to the output (DEFAULT).
-r, --recipient RECIPIENT Encrypt to the specified RECIPIENT. Can be repeated.
-R, --recipients-file PATH Encrypt to the recipients listed at PATH. Can be repeated.
-p, --passphrase Encrypt with a passphrase.
-a, --armor Encrypt to a PEM encoded format.
-i, --identity IDENTITY Path to file of identities, encrypts the input using
the corresponding recipients. Can be repeated.
-j PLUGIN Use age-plugin-PLUGIN as an identity
Decryption options:
-d, --decrypt Decrypt the input to the output.
-i, --identity IDENTITY Path to file of identities, used to decrypt. Can be repeated.
-j PLUGIN Use age-plugin-PLUGIN as an identity
If OUTPUT exists, it will be overwritten.
RECIPIENT can be:
- An age public key, generated by zage-keygen ("age1...")
- An SSH public key ("ssh-ed25519 AAAA...", "ssh-rsa AAAA...")
PATH is a path to a file containing age recipients, one per line
(ignoring "#" prefixed comments and empty lines). "-" may be used to
read recipients from standard input.
IDENTITY is a path to a file with age identities, one per line
(ignoring "#" prefixed comments and empty lines), or to an SSH key file.
Passphrase-encrypted age identity files can be used as identity files.
Multiple identities may be provided, and any unused ones will be ignored.
"-" may be used to read identities from standard input.
Basic encryption/decryption
Multiple recipients
Passphrase encryption
Command-line options
zage-keygen usage
$ zage-keygen --help
Usage:
zage-keygen [-o OUTPUT]
zage-keygen -y [-o OUTPUT] [INPUT]
Arguments:
[INPUT] Path of file containing one or more identities (Default=stdin).
Options:
-o, --output OUTPUT Write the result to the file at path OUTPUT (Default=stdout).
-y Read input identity file and write corresponding recipients to output.
-v, --version Print the version information and exit.
-h, --help Print this help message and exit.
If OUTPUT exists, it will be overwritten.
age Zig library usage
Zig module installation
$ zig fetch --save ...
Basic API examples
Generating a keypair
Encrypting a file with X25519
Encrypting a file with scrypt
Features
age specification compliance chart
performance
Testing
Related projects
- age: the original Go implementation
- rage: Rust reference implementation
- typage: official TypeScrypt implementation
- awesome-age: a curated list of age resources, including plugins, tools, integrations, and libraries.
License and Acknowledgements
This project is licensed under the MIT license. See the LICENSE file for details.
The Go implementation of age is licensed under the BSD 3-Clause License. The Rust implementation of age is licensed under either Apache License 2.0 or MIT License at your option. The TypeScript implementation of age is licensed under the BSD 3-Clause License