{"id":13937029,"url":"https://github.com/stef/pbp","last_synced_at":"2025-04-16T00:11:50.045Z","repository":{"id":10126763,"uuid":"12197539","full_name":"stef/pbp","owner":"stef","description":"salty privacy","archived":false,"fork":false,"pushed_at":"2020-08-24T17:03:02.000Z","size":234,"stargazers_count":52,"open_issues_count":1,"forks_count":5,"subscribers_count":9,"default_branch":"master","last_synced_at":"2025-04-16T00:11:32.238Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/stef.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2013-08-18T15:53:27.000Z","updated_at":"2025-03-21T20:22:11.000Z","dependencies_parsed_at":"2022-08-17T15:51:01.575Z","dependency_job_id":null,"html_url":"https://github.com/stef/pbp","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stef%2Fpbp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stef%2Fpbp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stef%2Fpbp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/stef%2Fpbp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/stef","download_url":"https://codeload.github.com/stef/pbp/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249173084,"owners_count":21224483,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-07T23:03:12.909Z","updated_at":"2025-04-16T00:11:50.030Z","avatar_url":"https://github.com/stef.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# pbp\n\nv0.3.2 - experimental\n\nPBP[0] is a simple python wrapper and a command line interface around\nlibsodium, to provide basic functionality resembling PGP. It uses\nscrypt for a KDF and a much simpler packet format, which should be\nmuch harder to fingerprint, pbp also provides an experimental forward\nsecrecy mode and a multi-party DH mode.\n\n## Installation\n\nYou possibly need to run (or an equivalent command) `sudo apt-get install git\npython-virtualenv gcc python-dev libffi-dev scrypt` to satisfy all basic dependencies.\nAnd install libsodium (http://doc.libsodium.org/installation/README.html).\n\n    pip install pbp\n\noptionally for PITCHFORK support also\n\n    pip install pyusb==1.0.0b1\n\nDesign goals:\n\n 1. use modern crypto\n 2. provide similar functionality to PGP\n 3. be extensible\n 4. difficult to identify based on fingerprinting\n 5. provide extensive testing\n 6. strive for security\n\n## Crypto\n\nCryptographic primitives are based on the NaCl library from\nhttp://nacl.cr.yp.to. The KDF used is scrypt.\n\n## PGP-like\n\nProvides basic public key encrypt/decrypt, sign/verify and secret key\nencrypt/decrypt modes, as well as the ability to sign, verify, list,\ngenerate, export and import keys.\n\n## Extensibility\n\nusing pbp and the underlying pysodium[1] library it's easy to extend\npbp.  Some examples are the experimental forward secrecy mode (see\ndescription in doc/chaining-dh.txt), the support for ECDH key\nexchanges from the command-line and generation of arbitrarily large\nrandom byte streams.\n\n[1] https://github.com/stef/pysodium also available on\n    https://pypi.python.org/pypi/pysodium\n\n## Fingerprinting\n\npbp tries to avoid to store any sensitive plaintext info, the\nencrypted files all should look like random noise. for a description\nof the packet formats see doc/fileformats.txt.\n\n## Testing\n\nAll py files come with their internal tests, unit tests are in\ntests.py, and commandline functionality is tested in test.sh.\n\n## Security\n\npbp locks the process memory, so it cannot be swapped to disk. Also\npbp uses SecureString[2] to overwrite sensitive key material after\nusage in memory, so keys have a short window of opportunity to leak.\n\n[2] https://github.com/dnet/pysecstr\n\n## Usage\n\nGenerate a key\n\n    pbp -g -n alice\n\nsending howdy.txt using public key encryption from alice to bob\n\n    pbp -c -S alice -r bob -i howdy.txt\n\ndecrypt an encrypted file using public key crypto\n\n    pbp -d -S bob -i howdy.txt.pbp\n\nsending howdy.txt using secret key encryption\n\n    pbp -c -i howdy.txt\n\ndecrypt an encrypted file using secret key crypto\n\n    pbp -d -i howdy.txt.pbp\n\nsign howdy.txt\n\n    pbp -s -S alice -i /howdy.txt\n\nverify howdy.txt\n\n    pbp -v -i howdy.txt.sig\n\nsign bobs key\n\n    pbp -m -S alice -n bob\n\ncheck sigs on carols key\n\n    pbp -C -n carol\n\nalice encrypts howdy.txt to bob using experimental forward secret mode\n\n    pbp -e -S alice -r bob -i howdy.txt -o ./secret-message\n\nbob decrypts howdy.txt from alice using experimental forward secret mode\n\n    pbp -E -S bob -r alice -i ./secret-message\n\ninitiate ECDH key exchange\n\n    pbp -D1\n\nrespond to ECDH key exchange\n\n    pbp -D2 -Dp 'public component from D1'\n\nfinish ECDH key exchange\n\n    pbp -D3 -Dp 'public component from D2' -De 'secret exponent from D1'\n\nrandom streaming 23GByte of cryptographic randomness\n\n    pbp -R -Rs 23G -o /mnt/huge_fs/random_data\n\nparticipate in a 4-way DH exchange, 1st message\n\n    pbp -Ds -Dp 4 -S alice -n 'friends001' -i oldkeychain -o newkeychain\n\nparticipate in a 4-way DH exchange, 2nd message\n\n    pbp -De -S alice -n 'friends001' -i oldkeychain -o newkeychain\n\nthis is one big pipe that creates a 3-way ECDH secret between alice, bob and carol:\n\n    pbp -Ds -S alice -Dp 3 -n 'test-dh' -i /dev/null |\n    pbp -Ds -S bob -Dp 3 -n 'test-dh' |\n    pbp -Ds -S carol -Dp 3 -n 'test-dh' |\n    pbp -De -S alice -Dp 3 -n 'test-dh' |\n    pbp -De -S bob -Dp 3 -n 'test-dh'\n\nof course instead of a pipe you could use any kind of transport mechanism\n\n## Integration\n\nyou can add the following to your .vimrc\n\n    map ;e :%!/bin/sh -c 'pbp -c 2\u003e/dev/tty \\| base64'\u003cC-M\u003e\n    map ;d :%!/bin/sh -c 'base64 -d \\| pbp -d 2\u003e/dev/tty'\u003cC-M\u003e\n    map ;s :,$! /bin/sh -c 'pbp -s -a -S stf 2\u003e/dev/tty'\u003cC-M\u003e\n    map ;v :,$! /bin/sh -c 'pbp -v -a 2\u003e/dev/tty'\u003cC-M\u003e\n\n(c) 2013, stf \u003cs@ctrlc.hu\u003e, dnet vsza@vsza.hu, AGPLv3.0+\n\n[0] also it's very funny to say pbp with a mouth full of dry cookies.\ndon't try this in company!\n\n[![Build Status](https://travis-ci.org/stef/pbp.svg?branch=master)](https://travis-ci.org/stef/pbp)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstef%2Fpbp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fstef%2Fpbp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fstef%2Fpbp/lists"}