Table of Contents
Qt6 C++23 shell/commandline application to encrypt / decrypt the given file.
- Encryption: AES-256 CBC
- Password: SHA256, between 5 to 32 characters
- initialization vector: MD5
see also the Desktop version qt-desktop_file_encryption-decryption
-
encrypt/decrypt every readable file (binary-mode, chunk size 4MB)
-
i18n
-
runs on DOS/Windows (shell/commandline)
-
runs on MacOS (cli)
-
runs on Linux (cli)
-
runs on iOS
-
runs on Android
-
runs on HarmonyOS
-
supports pipe operator or arguments
-
supports arguments and dotenv file
-
OSS and license
-
works as designed
-
no bugs
-
some more or less usefull Github Actions for GH-repo, GH-pages, GH-wiki, CI/CD-Pipelines
-
Packagemanager
-
Buildsystem: CMake
-
Installation routine (no Adminstrator rights needed)
-
portable application
Caution
Please be aware of breaking changes
| Version | status | Comment |
|---|---|---|
| v0.1.0 | NOT compatible to higher versions. | initial creation, text mode |
| v1.0.0 | NOT compatible with lower versions. | optimized input/output, text mode limited to some text-based files |
| v2.0.0 | NOT compatible with lower versions. | binary-mode, works on every readable file. No filesize limit. |
file_encryption-decryption-x86_64 -h
cli app to encrypt and decrypt a given file
Usage:
qt-cli_file_encryption-decryption [OPTION...]
-s, --source arg <path/to/sourcefile> to en-/de-crypt. Mandatory: -s | -d
-t, --target arg target <path/to/outputfile>. Optional: -t | -d
-p, --pwd arg name of password env variable. Mandatory: -p | -d
-d, --dotenv arg <path/to/dotenv> file. Mandatory: -s | -p | -d
-h, --help Print help
encryption or decryption
- if sourcefile has not extension
.aes, sourcefile will be encrypted as targetfile<sourcefile>.aes - if sourcefile has extension
.aes, sourcefile will be decrypted as targetfile<sourcefile>(without extension.aes)
Warning
existing targetfile will be overwritten
flowchart TD;
A["path/to/sourcefile"]-. "has not .aes" .->B[[encrypt sourcefile]]
B-- "has --target" -->C["new/path/to/sourcefile.aes"]
B-- "has no --target" -->D["path/to/sourcefile.aes"]
A["path/to/sourcefile"]-. "has .aes" .->F[["decrypt sourcefile"]]
F-- "has --target" -->G["new/path/to/sourcefile"]
F-- "has no --target" -->H["path/to/sourcefile"]
dotenv-file vs env variables
The program works with given arguments and/or given dotenv-file.
- if an entry is not defined (dotenv-file, environment variable, argument), the program exit with failure
- a given argument overwrites a dotenv-file entry
- if a given dotenv-file entry is missing, the program looks for the related environment variable
flowchart TD;
A["Variable"]-->Dotenv{"is defined in dotenv-file"}
Dotenv-. "Y" .->S1[["set environment variable"]]
S1[["set environment variable"]]-->Attrib{"is defined as attribute"}
Dotenv-. "N" .->Attrib{"is defined as attribute"}
Attrib-. "Y" .->S[["set environment variable"]]
Attrib-. "N" .->V{"get environment variable"}
S-->V
V-- "is empty" -->E("EXIT")
V-- "not empty and valid" -->P[["encrypt or decrypt file"]]
Warning
don't loose your password. Decryption/Recovery without valid password is impossible!
encrypt
Encrypt /path/to/sourcefile.xlsx to /path/to/sourcefile.xlsx.aes with environment password-variable
export my_secret_env_var="my_top_secret_password"
./file_encryption-decryption-x86_64.AppImage --source /path/to/sourcefile.xlsx --pwd my_secret_env_var
Encrypt /path/to/sourcefile.xlsx to /new/path/to/targetfile.xlsx.aes with dotenv-file
./file_encryption-decryption-x86_64.AppImage --source /path/to/sourcefile.xlsx --target /new/path/to/targetfile.xlsx --dotenv /my/configpath/.file_enc-dec
decrypt
Decrypt /path/to/sourcefile.xlsx.aes to /path/to/sourcefile.xlsx
./file_encryption-decryption-x86_64.AppImage --source /path/to/sourcefile.xlsx.aes ...
Decrypt /path/to/sourcefile.xlsx.aes to /new/path/to/targetfile.xlsx
./file_encryption-decryption-x86_64.AppImage --source /path/to/sourcefile.xlsx.aes --target /new/path/to/targetfile.xlsx ...
Example dotenv file .env
export my_env_secret="my_top_secret_password"
# PWD => $my_secret_env_var => my_top_secret_password
SOURCE_FILE=/inpath/to/file.xlsx # Mandatory or mandatory via argument --source
TARGET_FILE=/outpath/to/file.xlsx # Optional or optional via argument --target
PWD=my_secret_env_var # Mandatory get password from $my_secret_env_var or mandatory via --pwd my_secret_env_var./file_encryption-decryption-x86_64.AppImage --source /path/to/sourcefile.xlsx --pwd my_secret_env_var
tested on
- x86_64 Ubuntu 24.04.2 LTS
- Intel(R) Core(TM) i5-9600K CPU @ 3.70GHz with 6 cpu cores
- average SSD storage
- fallocate -l 1G test.img
read / write binary mode of 1 GB file with a chunk size of 4 MB
| type | val |
|---|---|
| real | 5m52,734s |
| user | 5m49,905s |
| sys | 0m2,391s |
read / write binary mode of 1 GB file with a chunk size of 16 MB
| type | val |
|---|---|
| real | 5m50,753s |
| user | 5m48,691s |
| sys | 0m2,049s |
=> so compiled chunk size is 4 MB to give better feedback about the process status.
Several installation packages are available, depending on your Linux system (deb, rpm, zip, AppImage).
Note
see (latest) Release for packages
- make DiskImage executable (eg.
chmod 755 file_encryption-decryption.dmg) - execute / double-click on the
.dmgfile. A window should appear showing the program you are installing and the Applications Folder. - drag the program into the Applications Folder; macOS will automatically install the software for you.
under construction
Note
All licenses are therefore Open Source.
CMake: A Powerful Software Build System
Note
QT6 - Community Edition >= 6.7
The Qt framework contains a comprehensive set of highly intuitive and modularized C++ library classes and is loaded with APIs to simplify your application development. Qt produces highly readable, easily maintainable and reusable code with high runtime performance and small footprint – and it's cross-platform.
Small and portable AES encryption class for Qt. Native support for all key sizes - 128/192/256 bits - ECB, CBC, CFB and OFB modes for all key sizes partial AES-NI support
An utility to load environment variables from a .env file
.
├── .github
│ ├── actions
│ │ └── doctoc
│ │ ├── README.md
│ │ ├── action.yml
│ │ └── dist
│ │ ├── index.js
│ │ ├── index.js.map
│ │ ├── licenses.txt
│ │ └── sourcemap-register.js
│ └── workflows
│ ├── ghp-call_Readme.yml
│ ├── ghp-create_doctoc.yml
│ ├── ghp-markdown_index.yml
│ ├── repo-actions_docu.yml
│ ├── repo-call_Readme.yml
│ ├── repo-create_doctoc.yml_
│ ├── repo-create_doctoc_md.yml
│ └── repo-create_tree_readme.yml
├── .gitignore
├── LICENSE
├── README.md
├── docs
│ └── dot.env
├── src
│ ├── .gitignore
│ ├── CMakeLists.txt
│ ├── configure
│ │ ├── ClangTidy.cmake
│ │ ├── Doxygen.cmake
│ │ ├── extra_headers
│ │ └── rz_config.h.in
│ ├── includes
│ │ ├── cxxopts.hpp
│ │ ├── dotenv.h
│ │ ├── qaesencryption.cpp
│ │ ├── qaesencryption.h
│ │ ├── rz_config.h
│ │ ├── rz_options.h
│ │ ├── rz_qt-aes.h
│ │ └── rz_snippets.h
│ └── main.cpp
└── tree.bak
10 directories, 34 files
Copyright (c) 2025 ZHENG Robert
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
🖖
````