Specifically, I'm looking for a container format like OpenPGP that can support different cipher suites, e.g. "passphrase-to-key via PBKDF2, then AES-GCM-128" or similar and is portable across different programming languages and operating systems.
I do not believe such a tool exists, but I'm scratching my head as to why. It's 2022. TLS is ubiquitous. Why is there no TLS-in-a-file?
My use case is my push notification project [3]. I want people to be able to do this (on the shell):
echo "secret message" | encxyz -p "password" | curl -T- ntfy.sh/mytopic
import {xyz_encyrpt} from "encryptxyz";
const message = xyz_encrypt("secret message", "password");
fetch(...);
[1] https://datatracker.ietf.org/doc/html/rfc4880
[2] https://github.com/golang/go/issues/44226
[3] https://github.com/binwiederhier/ntfy
Do C (or something where the mapping to C is known), and lots of languages have FFI libs where wrapping that is fairly trivial, reducing the need to make your own libraries for all languages.
Or do a tool with a CLI, and other langs can call that.
Ideally, your primary implementation does both of those, making it easy to wrap and call. That's how things like GPG are so widely supported.
> A simple shell utility for encrypting and decrypting files using OpenSSL.
$ echo -n "private-message" | openssl enc -e -aes-256-cbc -a -salt enter aes-256-cbc encryption password: Verifying - enter aes-256-cbc encryption password:
Then to decrypt echo 'U2Fsxxxxxxxxxx' | openssl aes-256-cbc -a -d -salt
Open Source encryption using the industry standard Advanced Encryption Standard (AES) to easily and securely encrypt files on Windows, Mac, Linux, Android, iOS and more.