pypercrypt
uses battle-tested cryptography to encrypt your data with the passphrase of your choice
and stores the ciphertext inside a QR code.
echo "Hello World" > keep-secret.txt
pypercrypt encrypt --input-file keep-secret.txt --output-file ciphertext.json
# Enter passphrase: password
cat ciphertext.json
# {"ciphertext": "gAAAAABlQCb4fKNgX3xI1LHowFUjjXhOf-83DeUgukyUAYAF-hMnQ9eFfNl_V4NBoUuu4ZfAAIkVxIM7Iq2Pfh5JaVW_E-rqXA==", "salt": "JAVWUmK_PSUbvEghki3nNQ=="}
cat ciphertext.json | qrencode -o ciphertext.png
# In future versions pypercrypt will support writing to and reading from QR codes directly
pypercrypt decrypt --input-file <(zbarimg -q --raw ciphertext.png) --output-file -
# Enter passphrase: password
# Hello World
You can store the printed QR code wherever you would trust other encrypted data to stay safe.
- 🔐 Makes encrypted long-term storage easy
- 📵 Truly offline backups
- 🖨️ Use what you already have
- 🔓 No lock-in, no proprietary formats—you don't need this tool to decrypt your data!
A peer review is pending, so keep that in mind when using pypercrypt
for truly sensitive data.
Get in touch if you have the required expertise to review this tool.
pipx
creates a separate virtual environment for each CLI tool it installs and makes the scripts
from the package available in your PATH. See
installation instructions for pipx
.
pipx install pypercrypt
You may install pypercrypt
with any tool that can install from pypi.org.
See pypercrypt
on pypi.org.
- Encrypt input data and write ciphertext to file
- Add option to output ciphertext as a printable QR code
- Decrypt the data, relying on an external QR code scanner like
zbarimg
- Reach 100 % test coverage of the critical code paths before adding new features
- Decrypt the data straight from an image file containing a QR code
- Instructions on how to decrypt the data purely with standard tools
- Maintain 100 % test-coverage of the critical code paths
- Release v1.0 (until then the CLI and format may be subject to breaking changes)
- Let relevant experts perform an audit of this software
- Keep
pypercrypt
small and auditable by anyone - A small scope is a feature
- Resist temptation to add more features
The following features will never be added to pypercrypt
, either because they go against its goals or would
make the scope too large.
- Do not generate passphrases for the user
- Do not add asymmetric encryption support
- Do not add a GUI or TUI (if I can't resist, then do it as a separate project using
pypercrypt
as a library)
papercrypt
fulfills a similar purpose, is written in Go and not affiliated with this project
Licensed under the EUPL. See LICENSE.