### Install Cipherlock via Go Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Use this command to install the latest version of Cipherlock directly using Go's install command. Ensure your Go environment is set up correctly. ```bash go install github.com/valonmulolli/cipherlock@latest ``` -------------------------------- ### ASCII-armor format example Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md When using the --armor option, binary data is wrapped in base64 encoding with PEM-style delimiters. The armored format is self-identifying and automatically detected during decryption. ```plaintext -----BEGIN CIPHERLOCK----- -----END CIPHERLOCK----- ``` -------------------------------- ### Build Cipherlock from Source Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Clone the repository and build the executable locally. This method is useful for development or when you need to work with the latest unreleased code. ```bash git clone https://github.com/valonmulolli/cipherlock.git cd cipherlock go build -o cipherlock . ``` -------------------------------- ### Import Cipherlock Library in Go Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Imports the cipherlock library into a Go project. This is the first step for programmatic encryption and decryption. ```go import "github.com/valonmulolli/cipherlock/cipherlock" ``` -------------------------------- ### Encrypt File using Go Library Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts a source file to a destination file using a password. This is a convenient wrapper for file-based encryption operations. ```go err := cipherlock.EncryptFile("source.txt", "source.txt.encrypted", password, nil) ``` -------------------------------- ### Encrypt file (Go library) Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts a source file to a destination file using a provided password and optional settings. ```APIDOC ## cipherlock.EncryptFile(sourcePath string, destinationPath string, password string, options *EncryptOptions) ### Description Encrypts a file specified by `sourcePath` and saves the encrypted output to `destinationPath`. This function utilizes the provided password for encryption and can accept optional `EncryptOptions` for further customization. ### Parameters - `sourcePath` (string) - The path to the file to be encrypted. - `destinationPath` (string) - The path where the encrypted file will be saved. - `password` (string) - The password to use for encryption. - `options` (*EncryptOptions) - Optional encryption settings. Can be nil. ``` -------------------------------- ### Decrypt with FileMeta (v0x06/v0x07) Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Decrypts data and recovers associated FileMeta, which is non-nil for v0x06/v0x07 formats. ```go meta, err := cipherlock.DecryptWithMeta(dst, src, password) // all formats meta, err := cipherlock.DecryptFileWithMeta("file.enc", "out", pwd) // file variant meta, err := cipherlock.DecryptStreamMultiFromReader(dst, src, pwd) // v0x07 only ``` -------------------------------- ### Encrypt using a Key File Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts a file using a password stored in a key file instead of interactive prompting. Useful for scripts. ```bash cipherlock encrypt --key-file ~/.keys/myapp.key document.pdf ``` ```bash cipherlock decrypt --key-file ~/.keys/myapp.key document.pdf.encrypted ``` -------------------------------- ### Context-aware encryption (Go library) Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts data with context awareness, allowing for cancellation of long-running operations. ```APIDOC ## cipherlock.EncryptContext(ctx context.Context, writer io.Writer, reader io.Reader, password string, options *EncryptOptions) ### Description Provides context-aware encryption, enabling cancellation of encryption operations that take too long. This is useful for preventing operations from blocking indefinitely. The function returns `context.DeadlineExceeded` if the Key Derivation Function (KDF) or encryption process exceeds the context's deadline. ### Parameters - `ctx` (context.Context) - The context for the operation, used for cancellation and deadlines. - `writer` (io.Writer) - The destination for the encrypted data. - `reader` (io.Reader) - The source of the data to encrypt. - `password` (string) - The password for encryption. - `options` (*EncryptOptions) - Optional encryption settings. Can be nil. ### Example ```go ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) defer cancel() var buf bytes.Buffer err := cipherlock.EncryptContext(ctx, &buf, someReader, password, nil) // Check for context.DeadlineExceeded ``` ### Related Functions `DecryptContext`, `EncryptStreamContext`, `DecryptStreamContext`, `EncryptMultiContext`. ``` -------------------------------- ### Run Cipherlock Tests Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Execute all unit tests for the Cipherlock project. This is part of the development process to ensure code integrity. ```bash git clone https://github.com/valonmulolli/cipherlock.git cd cipherlock go test ./... ``` -------------------------------- ### Config list-profiles Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Lists all saved configuration profiles. ```APIDOC ## cipherlock config list-profiles ### Description Lists all saved Argon2id configuration profiles. ### Command cipherlock config list-profiles ``` -------------------------------- ### Encrypt a Directory Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Archives an entire directory using tar and gzip, then encrypts the resulting archive. The output is a single .cipherlock file. ```bash cipherlock encrypt ./projects/secrets/ ``` -------------------------------- ### Context-Aware Encryption in Go Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts data with context awareness, allowing for cancellable operations. Returns context.DeadlineExceeded if KDF or encryption takes too long. ```go ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) defer cancel() var buf bytes.Buffer err := cipherlock.EncryptContext(ctx, &buf, someReader, password, nil) ``` -------------------------------- ### Encrypted-Metadata Streaming (v0x06) Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts data with metadata (name, size, mod time) that is itself encrypted, preserving confidentiality. Also demonstrates decryption, recovering the metadata. ```go cfg := &cipherlock.Config{ SaltLen: 16, Time: 3, Memory: 64 * 1024, Threads: 4, KeyLen: 32, ChunkSize: 64 * 1024, FileMeta: &cipherlock.FileMeta{ Name: "secret-document.bin", Size: 1024, ModTime: time.Now(), }, } var buf bytes.Buffer if err := cipherlock.EncryptStreamV2(&buf, src, password, cfg); err != nil { return err } // Decrypting recovers the metadata: var dec bytes.Buffer meta, err := cipherlock.DecryptStreamV2(&dec, &buf, password) // meta.Name == "secret-document.bin", meta.Size == 1024, etc. ``` -------------------------------- ### Encrypt data (using key file) Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts a file using a password read from a specified key file, useful for scripting and automation. ```APIDOC ## cipherlock encrypt --key-file ~/.keys/myapp.key document.pdf ### Description Encrypts a file using a password stored in a key file instead of interactive prompting. This is useful for scripts and automation. ### Command cipherlock encrypt --key-file ``` -------------------------------- ### Specify Output Path for Encryption/Decryption Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Allows specifying a custom output path for both encryption and decryption operations, overriding the default behavior. ```bash cipherlock encrypt document.pdf -o secret.enc ``` ```bash cipherlock decrypt secret.enc -o document.pdf ``` -------------------------------- ### Encrypt with ASCII Armor Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Wraps encrypted output in base64 with PEM-style headers for text-only channels. Decryption auto-detects this format. ```bash cipherlock encrypt --armor document.pdf -o document.asc ``` -------------------------------- ### Encrypt Data using Go Library Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts data from a reader to a writer using a password. Produces the v0x05 streaming format and does not load the entire file into memory. ```go var buf bytes.Buffer err := cipherlock.Encrypt(&buf, someReader, password, nil) ``` -------------------------------- ### Encrypt data (CLI) Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts a file and wraps the output in base64 with PEM-style headers for text-only sharing. ```APIDOC ## cipherlock encrypt --armor document.pdf -o document.asc ### Description Encrypts a file and wraps the output in base64 with PEM-style headers. Suitable for sharing via email, chat, or other text-only channels. ### Command cipherlock encrypt --armor document.pdf -o document.asc ### Output Format ``` -----BEGIN CIPHERLOCK----- -----END CIPHERLOCK----- ``` ### Decryption Decrypt auto-detects the armor format; no special flag required. ``` -------------------------------- ### Configure Encryption Profiles Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Saves Argon2id parameter sets for reuse as configuration profiles. Supports setting, listing, and removing profiles. ```bash cipherlock config set-profile high --time 4 --memory 262144 --threads 8 --checksum ``` ```bash cipherlock encrypt --profile high document.pdf ``` ```bash cipherlock config list-profiles ``` ```bash cipherlock config remove-profile high ``` -------------------------------- ### Shell completion Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Generates shell completion scripts for bash, zsh, fish, and powershell. ```APIDOC ## cipherlock completion ### Description Generates shell completion scripts for supported shells (bash, zsh, fish, powershell). This feature requires no additional dependencies as it's generated by cobra's built-in completion engine. ### Commands cipherlock completion bash > /etc/bash_completion.d/cipherlock cipherlock completion zsh > "${fpath[1]}/_cipherlock" cipherlock completion fish > ~/.config/fish/completions/cipherlock.fish ``` -------------------------------- ### Generate Shell Completion Scripts Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Generates shell completion scripts for bash, zsh, fish, and powershell. No additional dependencies are required. ```bash cipherlock completion bash > /etc/bash_completion.d/cipherlock ``` ```bash cipherlock completion zsh > "${fpath[1]}/_cipherlock" ``` ```bash cipherlock completion fish > ~/.config/fish/completions/cipherlock.fish ``` -------------------------------- ### Custom Encryption Configuration Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts data using a custom configuration for Argon2 parameters and key length. Setting nil uses default configurations. ```go config := &cipherlock.Config{ SaltLen: 16, Time: 4, Memory: 128 * 1024, // 128 MB Threads: 8, KeyLen: 32, } err := cipherlock.Encrypt(dst, src, password, config) ``` -------------------------------- ### Encrypt a File Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts a single file, creating an encrypted version in the same directory. The original file remains unchanged. ```bash cipherlock encrypt document.pdf ``` -------------------------------- ### Encrypt data (Go library) Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts data from a reader to a writer using a password. Produces a streaming format that avoids loading the entire file into memory. ```APIDOC ## cipherlock.Encrypt(writer io.Writer, reader io.Reader, password string, options *EncryptOptions) ### Description Encrypts data from a reader and writes the encrypted output to a writer. It uses the v0x05 streaming format, processing input in chunks to avoid high memory usage. For explicit streaming control, `EncryptStream` can be used. ### Parameters - `writer` (io.Writer) - The destination for the encrypted data. - `reader` (io.Reader) - The source of the data to encrypt. - `password` (string) - The password for encryption. - `options` (*EncryptOptions) - Optional encryption settings (e.g., profile, checksum). Can be nil. ``` -------------------------------- ### Encrypt File In-Place Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts a file and replaces the original with the encrypted version. A temporary file is used to ensure the original is only overwritten upon successful encryption. ```bash cipherlock encrypt --in-place document.pdf ``` -------------------------------- ### Encrypt Data with ASCII Armor Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts data and then encodes the ciphertext using ASCII armor for easier transport. ```go var encrypted bytes.Buffer cipherlock.Encrypt(&encrypted, someReader, password, nil) var armored bytes.Buffer cipherlock.Armor(&armored, encrypted.Bytes()) ``` -------------------------------- ### Error handling with sentinel errors (Go library) Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Provides specific sentinel errors for handling various failure conditions during decryption and other operations. ```APIDOC ## Error Handling with Sentinel Errors (Go library) ### Description Cipherlock exposes several sentinel errors that can be checked using `errors.Is()` to identify specific failure conditions. This allows for more granular error handling in your application. ### Available Sentinel Errors - `cipherlock.ErrAuthFailed`: Indicates a wrong password or corrupted data. - `cipherlock.ErrChecksumMismatch`: Indicates that the file's checksum does not match, suggesting tampering. - `cipherlock.ErrCorrupted`: Indicates that the file format is damaged. - `cipherlock.ErrInvalidFormat`: Indicates that the file is not a valid cipherlock file. - `cipherlock.ErrEncryptedMeta`: Indicates that metadata is encrypted and requires a password to be read via `ReadStreamMetaWithPassword`. - `cipherlock.ErrAtLeastOnePassword`: Indicates that at least one password is required for an operation. - `cipherlock.ErrVersionMismatch`: Indicates an unsupported file version. - `cipherlock.ErrNotArmored`: Indicates that the data is not in armor format when expected. ### Example Usage ```go if errors.Is(err, cipherlock.ErrAuthFailed) { // Handle wrong password or corrupted data } if errors.Is(err, cipherlock.ErrChecksumMismatch) { // Handle tampered file } ``` ``` -------------------------------- ### Decrypt data (using key file) Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Decrypts a file using a password read from a specified key file, useful for scripting and automation. ```APIDOC ## cipherlock decrypt --key-file ~/.keys/myapp.key document.pdf.encrypted ### Description Decrypts a file using a password stored in a key file instead of interactive prompting. This is useful for scripts and automation. ### Command cipherlock decrypt --key-file ``` -------------------------------- ### Decrypt a File Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Decrypts an encrypted file using the provided password. ```go err := cipherlock.DecryptFile("source.txt.encrypted", "source.txt", password) ``` -------------------------------- ### Decrypt Legacy V1 Format Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Decrypts files that were encrypted using the legacy V1 format. ```go err := cipherlock.DecryptFileV1("old_file.encrypted", "old_file", password) ``` -------------------------------- ### Securely Delete a File Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Overwrites a file with random data and zeros before deleting it to prevent recovery. ```go err := cipherlock.Shred("sensitive-file.txt") ``` -------------------------------- ### Handle Cipherlock Sentinel Errors in Go Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Checks for specific cipherlock errors using errors.Is. This allows for granular error handling based on the type of failure. ```go if errors.Is(err, cipherlock.ErrAuthFailed) { // wrong password or corrupted data } if errors.Is(err, cipherlock.ErrChecksumMismatch) { // file was tampered with } if errors.Is(err, cipherlock.ErrCorrupted) { // file format is damaged } if errors.Is(err, cipherlock.ErrInvalidFormat) { // not a cipherlock file } if errors.Is(err, cipherlock.ErrEncryptedMeta) { // metadata is encrypted; call ReadStreamMetaWithPassword with a password } ``` -------------------------------- ### Encrypt a Directory Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts the contents of a directory into a single archive file. ```go err := cipherlock.EncryptDir("./mydir", "mydir.cipherlock", password, nil) ``` -------------------------------- ### Config set-profile Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Saves Argon2id parameter sets for reuse as configuration profiles. ```APIDOC ## cipherlock config set-profile high --time 4 --memory 262144 --threads 8 --checksum ### Description Saves Argon2id parameter sets (time, memory, threads, checksum) for reuse as configuration profiles. These profiles are stored in `~/.config/cipherlock/profiles.json`. ### Command cipherlock config set-profile --time --memory --threads [--checksum] ### Example cipherlock config set-profile high --time 4 --memory 262144 --threads 8 --checksum ``` -------------------------------- ### Use Pipe Mode for Encryption Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts data piped from standard input and writes the encrypted output to standard output. Useful for shell integration. ```bash cat document.pdf | cipherlock encrypt > document.pdf.enc ``` -------------------------------- ### Re-key an Encrypted File Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Changes the password of an encrypted file without re-encrypting the entire content. ```go err := cipherlock.ReKeyFile("old.encrypted", "new.encrypted", oldPassword, newPassword, nil) ``` -------------------------------- ### Read file metadata (Go library) Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Reads metadata (filename, size, modification time) from an encrypted file without decrypting its content. ```APIDOC ## cipherlock.ReadStreamMeta(encryptedFile io.Reader) (*StreamMeta, error) ### Description Reads the metadata (filename, size, modification time) embedded within an encrypted file. This metadata is automatically collected from the source file during encryption (CLI) and stored in the v0x05 header. The original file's attributes are restored upon decryption if the `--output` flag is not used. ### Parameters - `encryptedFile` (io.Reader) - An io.Reader for the encrypted file. ### Returns - `*StreamMeta`: A struct containing `Name` (string), `Size` (int64), and `ModTime` (time.Time). Fields may be nil if the metadata is not present or if it's not a v0x05 stream. - `error`: An error if metadata cannot be read. ### Note For encrypted metadata, use `ReadStreamMetaWithPassword`. ``` -------------------------------- ### Multi-Recipient Encryption and Decryption (Streaming) Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts data for multiple recipients using a streaming approach (v0x07). Also demonstrates decryption for a specific recipient. ```go passwords := [][]byte{[]byte("alice"), []byte("bob"), []byte("charlie")} var buf bytes.Buffer err := cipherlock.EncryptStreamMulti(&buf, someReader, passwords, nil) var decBuf bytes.Buffer meta, err := cipherlock.DecryptStreamMultiFromReader(&decBuf, bytes.NewReader(buf.Bytes()), []byte("bob")) // meta is non-nil when the source was encrypted with a FileMeta attached. ``` -------------------------------- ### Encrypt with Checksum Verification Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts a file with an embedded SHA-256 checksum. Decryption automatically verifies this checksum to detect tampering. ```bash cipherlock encrypt --checksum document.pdf ``` ```bash cipherlock decrypt document.pdf.encrypted ``` -------------------------------- ### Encrypt with checksum Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts a file with an embedded SHA-256 checksum, which is automatically verified upon decryption. ```APIDOC ## cipherlock encrypt --checksum document.pdf ### Description Encrypts a file with an embedded SHA-256 checksum. During decryption, this checksum is automatically verified. If the file has been tampered with, decryption will report a checksum mismatch error. ### Command cipherlock encrypt --checksum ``` -------------------------------- ### Decrypt Data using Go Library Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Decrypts data from a reader to a writer using a password. Auto-detects all supported format versions (v0x02 to v0x05). ```go var buf bytes.Buffer err := cipherlock.Decrypt(&buf, someReader, password) ``` -------------------------------- ### Decrypt ASCII Armored Data Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Decodes ASCII armored data and then decrypts the resulting ciphertext. ```go data, _ := cipherlock.UnarmorBytes(armoredData) var plaintext bytes.Buffer cipherlock.Decrypt(&plaintext, bytes.NewReader(data), password) ``` -------------------------------- ### Check if Data is ASCII Armored Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Determines if the provided data is in ASCII armored format. ```go if cipherlock.IsArmored(data) { // handle armored format } ``` -------------------------------- ### Read Stream Metadata in Go Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Reads metadata (filename, size, modtime) from an encrypted file without decrypting its content. Metadata is only available for v0x05 streams. ```go meta, err := cipherlock.ReadStreamMeta(encryptedFile) // meta.Name, meta.Size, meta.ModTime (nil if not a v0x05 stream) ``` -------------------------------- ### Decrypt data (Go library) Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Decrypts data from a reader to a writer using a password. Auto-detects all supported format versions. ```APIDOC ## cipherlock.Decrypt(writer io.Writer, reader io.Reader, password string) ### Description Decrypts data from a reader and writes the decrypted output to a writer. This function automatically detects and handles all supported cipherlock format versions (v0x02, v0x03, v0x04, v0x05) without requiring special flags. ### Parameters - `writer` (io.Writer) - The destination for the decrypted data. - `reader` (io.Reader) - The source of the encrypted data. - `password` (string) - The password for decryption. ``` -------------------------------- ### Decrypt a Directory Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Decrypts an encrypted directory archive back into its original structure. ```go err := cipherlock.DecryptDir("mydir.cipherlock", "./mydir", password) ``` -------------------------------- ### Decrypt a File Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Decrypts a file that was previously encrypted with cipherlock. The original encrypted file is preserved. ```bash cipherlock decrypt document.pdf.encrypted ``` -------------------------------- ### Generate Password During Encryption Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Generates a cryptographically random, 64-character hex-encoded password during the encryption process. The password is shown only once and is used for the current encryption. ```bash cipherlock encrypt --gen-password document.pdf ``` -------------------------------- ### Decrypt legacy format Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Decrypts files encrypted with the original `file-encryption` tool (PBKDF2+SHA1). ```APIDOC ## cipherlock decrypt document.pdf.encrypted (legacy format) ### Description Decrypts files encrypted with the original `file-encryption` tool (PBKDF2+SHA1, 4096 iterations). Cipherlock automatically detects and handles this legacy format using the standard `decrypt` command. ### Command cipherlock decrypt ``` -------------------------------- ### Use Pipe Mode for Decryption Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Decrypts data piped from standard input and writes the decrypted output to standard output. Useful for shell integration. ```bash cat document.pdf.enc | cipherlock decrypt > document.pdf ``` -------------------------------- ### Decrypt a Directory Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Decrypts a previously encrypted directory archive and extracts its contents to a specified output directory. ```bash cipherlock decrypt secrets.cipherlock -o ./restored/ ``` -------------------------------- ### Check if a File is Encrypted Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Checks if a given file appears to be encrypted by the cipherlock library. ```go ok, err := cipherlock.IsEncrypted("file.enc") ``` -------------------------------- ### Rekey an encrypted file Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Changes the password of an encrypted file without needing to decrypt it to disk first. ```APIDOC ## cipherlock rekey document.pdf.encrypted ### Description Changes the password of an encrypted file without decrypting it to disk. The command will prompt for the old and new passwords. It supports `--key-file`, `--new-key-file`, `--output`, and `--in-place` flags. ### Command cipherlock rekey ``` -------------------------------- ### Config remove-profile Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Removes a saved configuration profile. ```APIDOC ## cipherlock config remove-profile high ### Description Removes a saved Argon2id configuration profile. ### Command cipherlock config remove-profile ``` -------------------------------- ### Multi-Recipient Encryption Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts a file for multiple recipients, each using their own password for decryption. The primary password can be provided interactively or via other flags. ```bash cipherlock encrypt --recipient "alice" --recipient "bob" document.pdf ``` -------------------------------- ### Multi-recipient encryption Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Encrypts a file for multiple recipients, allowing each to decrypt with their own password. ```APIDOC ## cipherlock encrypt --recipient "alice" --recipient "bob" document.pdf ### Description Encrypts a file for multiple recipients. Each recipient can decrypt the file using their own password. The primary password can be provided interactively, via `--key-file`, or `--gen-password`. Additional recipients are added using the `--recipient` flag. ### Command cipherlock encrypt --recipient --recipient ... ``` -------------------------------- ### Rekey Encrypted File Source: https://github.com/valonmulolli/cipherlock/blob/master/README.md Changes the password of an encrypted file without decrypting it to disk. Supports key files and in-place modification. ```bash cipherlock rekey document.pdf.encrypted ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.