{"id":21516391,"url":"https://github.com/jsf0/hoplite","last_synced_at":"2025-07-05T01:41:10.625Z","repository":{"id":239378102,"uuid":"365338501","full_name":"jsf0/hoplite","owner":"jsf0","description":"small GPG-like utility using TweetNaCL and Argon2","archived":false,"fork":false,"pushed_at":"2021-05-07T19:51:00.000Z","size":128,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-01-24T02:58:56.894Z","etag":null,"topics":["argon2","encryption","signatures","tweetnacl"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"isc","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jsf0.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-05-07T19:49:54.000Z","updated_at":"2021-05-07T20:40:18.000Z","dependencies_parsed_at":"2024-05-12T18:48:32.681Z","dependency_job_id":null,"html_url":"https://github.com/jsf0/hoplite","commit_stats":null,"previous_names":["jsf0/hoplite"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jsf0%2Fhoplite","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jsf0%2Fhoplite/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jsf0%2Fhoplite/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jsf0%2Fhoplite/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jsf0","download_url":"https://codeload.github.com/jsf0/hoplite/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244066191,"owners_count":20392407,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["argon2","encryption","signatures","tweetnacl"],"created_at":"2024-11-24T00:20:51.519Z","updated_at":"2025-03-17T16:20:10.205Z","avatar_url":"https://github.com/jsf0.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"*DISCLAIMER: I made every effort to write this securely\nbut I can't make any guarantees. Use it at your own risk.\nThis is an alpha version. I will probably make changes\nthat are not backwards compatible. Don't use it on anything \nyou want to decrypt later just yet.*\n\nIntroduction\n------------\n\nhoplite is a small file encryption and signing utility \nroughly inspired by GPG/PGP, but compiles with no dependencies. It\noffers a more or less similar  syntax for encryption,\ndecryption, signing, and verification. It uses\nDan Bernstein's TweetNaCL crypto library, thus it\nonly uses  modern, high speed crypto primitives \nand all encryption is authenticated by default. \nHowever, this means it is not backwards-compatible\nwith GPG/PGP (probably a feature, not a bug). \n\nCompiling\n---------\nSimply run the following:\n\n\t\t$ make\n\t\t# make install\n\n\nhoplite should compile on most Unix-like systems without any\ndependencies. It has been tested and confirmed to work on \nthe following operating systems:\n\n- OpenBSD\n- FreeBSD\n- Dragonfly BSD\n- Ubuntu\n- Fedora\n- macOS\n- Windows (via Cygwin)\n\nUsage\n-----\nSee the man page (hoplite.1) for full usage examples.\n\nYou will need to create a new set of keys (invoked with the -n option) when you first use hoplite \nfor signing/verifying or asymmetric encryption/decryption. \nThis will create 2 keypairs, a pair of Curve25519 keys for encryption/decryption\nand a pair of Ed25519 keys for signing. It takes your desired key ID\n(name, email, etc) as its only required option. Secret keys will be \nseparately encrypted and you will be asked to provide a passphrase for each.  \n\nPassphrases are read from the tty by default. The -S option will cause\nhoplite to read them from stdin, making it easier to use hoplite in a script.\nHowever, this exposes your passphrase to anyone who can run ps on your machine,\nso use it with care.\n\nKey generation and symmetric encryption (using the \"-c\" option) will\nderive the encryption key from a passphrase, using Argon2i. \nThe rounds parameter for Argon2 can be invoked with \"-r\" and the amount of \nRAM used, in mebibytes, can be specified with the \"-m\" option. The defaults\nbelow are used if you do not specify anything. \n\n- Default rounds: 3\n- Default mem: 448 MiB\n- Default number of threads: 4\n- Min rounds: 3\n- Max rounds: 1024\n- Min mem: 56 MiB\n- Max mem: 64 GiB\n\nThe defaults work well for fast machines with plenty of RAM, but are\npotentially very slow on older single core devices, and will not work\nat all on devices with less than the chosen amount of RAM free. Pick the largest\nvalues that are tolerable for your hardware.\n\nThreat Model\n------------\n\nhoplite is designed to secure data that is (or will be) in transit or sitting on \na remote server. Secret keys are encrypted, however, they should ideally be kept\noffline. They remain vulnerable to weak passwords or an attacker with the \nability to capture your password. Securing your machine against such an attacker\nis beyond the scope of hoplite.\n\n \nPrimitives used\n---------------\n\n- Signing: Ed25519\n- Asymmetric key exchange: X25519 key exchange with Curve25519 keys \n- Symmetric cipher: XSalsa20-Poly1305\n- Password-based key derivation: Argon2i version 1.3\n- Random number generation: arc4random on OpenBSD and macOS. /dev/urandom everywhere else\n\nLimitations\n-----------\n\n- There is no forward secrecy. A given sender/receiver pair will\n\tcalculate the same shared secret for all of their messages.\n\n- hoplite does not manage keys for you. This is a problem that is likely\n\tbeyond the ability of a command line utility to handle properly. \n\nAs always, if you do find a security problem or bug, \ncomments, advice, and/or patches are welcome and appreciated. Thanks!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjsf0%2Fhoplite","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjsf0%2Fhoplite","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjsf0%2Fhoplite/lists"}