{"id":20378103,"url":"https://github.com/shibme/xipher","last_synced_at":"2026-06-06T01:05:02.224Z","repository":{"id":218421413,"uuid":"745902716","full_name":"shibme/xipher","owner":"shibme","description":"Xipher is a curated collection of cryptographic primitives put together to perform key/password based asymmetric encryption","archived":false,"fork":false,"pushed_at":"2026-04-18T21:21:02.000Z","size":2662,"stargazers_count":14,"open_issues_count":1,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2026-05-30T23:06:55.233Z","etag":null,"topics":["crypto","cryptography","encryption-tool","end-to-end-encryption","password-based-encryption","post-quantum-cryptography","web-application","xipher"],"latest_commit_sha":null,"homepage":"https://xipher.org","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/shibme.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-01-20T13:55:26.000Z","updated_at":"2026-04-18T21:06:32.000Z","dependencies_parsed_at":"2024-01-21T21:31:21.833Z","dependency_job_id":"7925b50f-ccb8-4c00-926d-5c0c04e4d433","html_url":"https://github.com/shibme/xipher","commit_stats":null,"previous_names":["shibme/xipher","shibme/stl","shibme/sutl","shibme/xiphr"],"tags_count":42,"template":false,"template_full_name":null,"purl":"pkg:github/shibme/xipher","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shibme%2Fxipher","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shibme%2Fxipher/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shibme%2Fxipher/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shibme%2Fxipher/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/shibme","download_url":"https://codeload.github.com/shibme/xipher/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shibme%2Fxipher/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33965592,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-06-05T02:00:06.157Z","response_time":120,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["crypto","cryptography","encryption-tool","end-to-end-encryption","password-based-encryption","post-quantum-cryptography","web-application","xipher"],"created_at":"2024-11-15T01:48:06.615Z","updated_at":"2026-06-06T01:05:02.155Z","avatar_url":"https://github.com/shibme.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cdiv align=\"center\"\u003e\n\t\u003cimg src=\"https://xipher.org/assets/images/logo.svg\" width=\"128\" alt=\"\"\u003e\n\u003c/div\u003e\n\n# Xipher\n[![Go Reference](https://pkg.go.dev/badge/xipher.org/xipher.svg)](https://pkg.go.dev/xipher.org/xipher)\n[![Go Report Card](https://goreportcard.com/badge/xipher.org/xipher)](https://goreportcard.com/report/xipher.org/xipher)\n[![Test Status](https://github.com/shibme/xipher/actions/workflows/test.yaml/badge.svg)](https://github.com/shibme/xipher/actions/workflows/test.yaml)\n[![Release Status](https://github.com/shibme/xipher/actions/workflows/release.yaml/badge.svg)](https://github.com/shibme/xipher/actions/workflows/release.yaml)\n[![License](https://img.shields.io/github/license/shibme/xipher)](https://github.com/shibme/xipher/blob/main/LICENSE)\n\nXipher is a curated collection of cryptographic primitives put together to perform key/password based asymmetric encryption.\n\n## What does it do?\n- Allows sharing of data securely between two parties over an insecure channel using asymmetric encryption.\n- The sender encrypts the data using a public key (of the receiver - usually derived from a password) and shares the encrypted data with the receiver.\n- The receiver decrypts the data using the secret key (or password).\n\n## Key Aspects\n- Encrypts data with the public key generated based on a password.\n- Supports stream cipher along with stream compression, resulting in lower memory footprint and smaller ciphertext.\n- Supports post-quantum cryptography using the Kyber1024 algorithm.\n\n## CLI\nDownload the latest binary from the [releases](https://github.com/shibme/xipher/releases/latest) page and add it to your path.\n\n### Demo\n![Demo](https://xipher.org/assets/previews/demo.gif)\n\n### Homebrew\nXipher can be installed with brew using the following command on macOS\n```zsh\nbrew install shibme/tap/xipher\n```\n\n### Install Script\n\n#### Install Latest Version\n**With Shell (MacOs/Linux):**\n```sh\ncurl -fsSL https://xipher.org/install/install.sh | sh\n```\n**With PowerShell (Windows):**\n```powershell\nirm https://xipher.org/install/install.ps1 | iex\n```\n\n#### Install Specific Version\n**With Shell (MacOs/Linux):**\n```sh\ncurl -fsSL https://xipher.org/install/install.sh | sh -s v1.1.0\n```\n**With PowerShell (Windows):**\n```powershell\n$v=\"1.1.0\"; irm https://xipher.org/install/install.ps1 | iex\n```\n\n### Docker\nYou can also run Xipher without installing using Docker:\n```zsh\ndocker run --rm -v $PWD:/data -it shibme/xipher help\n```\n\n### GitHub Actions\nYou can also use Xipher in your GitHub Actions workflow:\n```yaml\nsteps:\n- name: Setup Xipher\n  uses: shibme/xipher@main\n```\n\nA specific version of Xipher CLI can also be installed:\n\n```yaml\nsteps:\n- name: Setup Xipher\n  uses: shibme/xipher@main\n  with:\n    version: 1.11.0\n```\n\n## Web Interface\nA web interface interoperable with the CLI, implemented using [web assembly](#web-assembly) is available [here](https://xipher.org).\n\nYou can also host it on your own GitHub Pages by setting up a workflow file like the one below. Make sure to enable Actions as the source for GitHub Pages under your repository settings.\n```yaml\nname: Publish Xipher Web\n\non:\n  workflow_dispatch:\n\njobs:\n  pages:\n    name: Run GitHub Pages Workflow\n    uses: shibme/xipher/.github/workflows/pages.yaml@main\n```\n\n### How does Xipher Web App work?\n- Receiver opens the Xipher web app on a browser.\n- Xipher generates a key pair and stores them in the browser local storage.\n- The Xiher web app returns the public key as a URL that can be shared.\n- Receiver shares the encryption URL (this contains the public key as a parameter) with the sender.\n- Sender opens the public encryption URL (opens Xipher encryption web page).\n- Sender inputs the data that needs to be encrypted.\n- Xipher encrypts the data using the public key from the URL.\n- Xipher returns ciphertext encrypted with the public key.\n- Sender sends the encrypted ciphertext to the receiver.\n- Receiver inputs the ciphertext in the decryption page.\n- Xipher decrypts the ciphertext using the secret key from local storage.\n- Xipher returns decrypted data.\n\nThe following sequence diagram illustrates the workflow of the web app.\n```mermaid\nsequenceDiagram\nparticipant RX as Xipher\u003cbr\u003e(on Browser)\nactor Receiver\nactor Sender\nparticipant SX as Xipher\u003cbr\u003e(on Browser)\n    Receiver--\u003e\u003e+RX: Opens Xipher App on browser\n    RX--\u003e\u003eRX: Generates a key pair and stores them in the browser local storage\n    RX--\u003e\u003e-Receiver: Returns the Public Key\u003cbr\u003e(as a URL that can be shared)\n    Receiver-\u003e\u003e+Sender: Shares the encryption URL\u003cbr\u003e(this contains the public key as parameter)\n    Sender--\u003e\u003e+SX: Opens the public encryption URL\u003cbr\u003e(opens Xipher encryption web page)\n    Sender--\u003e\u003eSX: Inputs the data that needs to be encrypted\n    SX--\u003e\u003eSX: Encrypts the data using the public key from the URL\n    SX--\u003e\u003e-Sender: Returns ciphertext encrypted with the Public Key\n    Sender-\u003e\u003e-Receiver: Sends the encrypted ciphertext to the Receiver\n    Receiver--\u003e\u003e+RX: Inputs the ciphertext\u003cbr\u003e(in the decyrption page)\n    RX--\u003e\u003eRX: Decrypts the ciphertext\u003cbr\u003e(using the secret key from local storage)\n    RX--\u003e\u003e-Receiver: Returns decrypted data\n```\n\n## Using as a Go package\nInstall the package\n```sh\ngo get -u xipher.org/xipher\n```\nUse it in your code\n```go\npackage main\n\nimport (\n\t\"encoding/base32\"\n\t\"fmt\"\n\n\t\"xipher.org/xipher\"\n)\n\nfunc main() {\n\t// Creating a new secret key for password\n\tscrtKey, err := xipher.NewSecretKeyForPassword([]byte(\"Paws0meKittyKuwan!\"))\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\n\t// Deriving  public key from secret key\n\tpubKey, err := scrtKey.PublicKey(false)\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\tpublicKeyBytes, err := pubKey.Bytes()\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\tfmt.Println(\"PublicKey:\", base32.StdEncoding.WithPadding(base32.NoPadding).EncodeToString(publicKeyBytes))\n\n\tplatinText := []byte(\"Hello World!\")\n\n\t// Encrypting plain text with public key\n\tcipherText, err := pubKey.Encrypt(platinText, true)\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\tfmt.Println(\"Encrypted:\", base32.StdEncoding.WithPadding(base32.NoPadding).EncodeToString(cipherText))\n\n\t// Decrypting cipher text with secret key\n\tplainText, err := scrtKey.Decrypt(cipherText)\n\tif err != nil {\n\t\tpanic(err)\n\t}\n\tfmt.Println(\"Decrypted:\", string(plainText))\n}\n```\n\n## Web Assembly\nTo use xipher as a web assembly (wasm) module in a browser app, follow the example below.\n```html\n\u003chtml\u003e\n\t\u003chead\u003e\n\t\t\u003cmeta charset=\"utf-8\"/\u003e\n\t\t\u003cscript src=\"https://xipher.org/wasm/wasm_exec.js\"\u003e\u003c/script\u003e\n\t\t\u003cscript\u003e\n\t\t\tconst go = new Go();\n\t\t\tWebAssembly.instantiateStreaming(fetch(\"https://xipher.org/wasm/xipher.wasm\"), go.importObject).then((result) =\u003e {\n\t\t\t\tgo.run(result.instance);\n\t\t\t});\n\t\t\u003c/script\u003e\n\t\u003c/head\u003e\n\u003cbody\u003e\n\tCall wasm methods that begin with xipher. For example: xipherNewSecretKey()\n\u003c/body\u003e\n\u003c/html\u003e\n```\n\n## Under the hood\nXipher uses the following algorithms and libraries to achieve its functionality:\n- [Argon2id](https://en.wikipedia.org/wiki/Argon2) for password hashing.\n- [Curve25519](https://en.wikipedia.org/wiki/Curve25519) for elliptic curve cryptography.\n- [CRYSTALS-Kyber](https://pq-crystals.org/kyber/) using [CIRCL](https://github.com/cloudflare/circl) library for post-quantum cryptography.\n- [XChaCha20-Poly1305](https://en.wikipedia.org/wiki/ChaCha20-Poly1305) for symmetric encryption.\n- [Zlib](https://en.wikipedia.org/wiki/Zlib) for compression.\n\n## Workflow\nThe following sequence diagram illustrates the workflow of Xipher in encrypting data using a password based public key.\n```mermaid\nsequenceDiagram\nparticipant RX as Xipher\nactor Receiver\nactor Sender\nparticipant SX as Xipher\n    Receiver--\u003e\u003e+RX: Derive public (inputs password)\n    RX--\u003e\u003e-Receiver: Returns Public Key\n    Receiver-\u003e\u003eSender: Shares Public Key\n    Sender--\u003e\u003e+SX: Encrypt data with public key\n    SX--\u003e\u003e-Sender: Returns ciphertext encrypted with Public Key\n    Sender-\u003e\u003eReceiver: Sends the encrypted ciphertext to the Receiver\n    Receiver--\u003e\u003e+RX: Decrypt data (inputs ciphertext and password)\n    RX--\u003e\u003e-Receiver: Returns decrypted data\n```\n\n## Disclaimer\nThis tool/library is provided without any warranties, and there is no guarantee of its stability. Due to the experimental nature of some of its components, it is anticipated that modifications to the code, repository, and API will be made in the future. Caution is advised before incorporating this into a production application. Please [report](https://github.com/shibme/xipher/security/advisories) any identified security issues promptly. Your cooperation in notifying us of such concerns is highly appreciated.\n\n## Credits\nThis project would not have been possible without the following libraries \u0026 inspirations:\n- [Retriever](https://retriever.corgea.io/) - For inspiring the web-based encryption concept that served as the foundation for expanding it into a fully developed CLI and browser tool with cross-compatibility.\n- [CIRCL](https://github.com/cloudflare/circl) by Cloudflare - For providing library support for post-quantum cryptography (CRYSTALS-Kyber).\n- [StreamSaver.js](https://github.com/jimmywarting/StreamSaver.js) - For the ingenious approach to saving files directly from the browser in frontend-only applications.\n- [age](https://github.com/FiloSottile/age) - For the inspiration drawn from its use of smaller Curve25519 keys and XChaCha20-Poly1305 stream cipher.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshibme%2Fxipher","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fshibme%2Fxipher","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshibme%2Fxipher/lists"}