File Encryptor is a powerful command-line tool written in Go that provides secure file encryption and decryption using either RSA key pairs or password-based encryption. It features a modern web UI and supports all file types, including text files, media files, and office documents.
- Encrypt files using RSA public keys or passwords
- Decrypt files using RSA private keys or passwords
- Hybrid encryption: RSA for key exchange, AES for file content
- Support for both PEM and OpenSSH format keys
- Automatically preserve and restore the original file extensions
- Support for all file types: text, images, videos, spreadsheets, and more
- Concurrent processing with worker pool for faster encryption and decryption of multiple files
- Graceful cancellation with timeout support and signal handling (Ctrl+C)
- Modern web interface with drag-and-drop file support
- Real-time progress tracking and status updates
- Responsive design for desktop, tablet, and mobile devices
- Dark/light theme toggle with preference persistence
- Batch file operations with drag & drop
- RSA key pair generation directly in the browser
- Secure REST API with CORS support and security headers
- Single binary deployment with embedded web assets
The easiest way to use File Encryptor is with Docker:
# Pull the latest image
docker pull ghcr.io/sd416/file-encryptor:latest
# Encrypt a file
docker run --rm -v $(pwd):/data ghcr.io/sd416/file-encryptor:latest -e -f myfile.txt -p "mypassword"
# Decrypt a file
docker run --rm -v $(pwd):/data ghcr.io/sd416/file-encryptor:latest -d -f myfile.txt.enc -p "mypassword"π See DOCKER.md for complete Docker usage guide
- Go 1.23 or later
- Git
-
Clone this repository:
git clone https://github.com/sd416/file-encryptor.git cd file-encryptor -
Build the CLI version:
make build
-
Build with Web UI support:
make build-web
Start the web server:
# Start web UI on default port 8080
./bin/file-encryptor-web --web
# Start on custom port
./bin/file-encryptor-web --web --web-port 9000
# Start with HTTPS
./bin/file-encryptor-web --web --web-tls --cert-file cert.pem --key-file key.pemThen open your browser to http://localhost:8080 for the web interface.
- Drag & Drop: Simply drag files onto the interface
- Encrypt/Decrypt: Choose password or key file authentication
- Generate Keys: Create RSA key pairs and download them
- Progress Tracking: Real-time status updates
- Theme Toggle: Switch between dark and light modes
- Mobile Friendly: Responsive design for all devices
# Generate RSA key pair
./bin/file-encryptor --generate-keys
# Generate keys with custom name
./bin/file-encryptor --generate-keys --key-name mykey
# Generate and encrypt in one step
./bin/file-encryptor --generate-keys -e -f document.pdfUsing RSA public key:
./bin/file-encryptor -e --file picture.jpg --key my_ssh_key.pub
# Output: picture.jpg.encUsing password:
./bin/file-encryptor -e --file document.pdf --password myStrongPassword123
# Output: document.pdf.encMultiple files:
./bin/file-encryptor -e --password myPassword123 --file file1.txt file2.jpg file3.pdfUsing RSA private key:
./bin/file-encryptor -d --file picture.jpg.enc --key my_ssh_key
# Output: picture.jpg (original extension restored)Using password:
./bin/file-encryptor -d --file document.pdf.enc --password myStrongPassword123
# Output: document.pdfSet operation timeout:
./bin/file-encryptor -e -f large_file.mp4 -p myPassword --timeout 10mVerbose logging:
./bin/file-encryptor -e -f file.txt -p password --verboseConfiguration file:
./bin/file-encryptor -e -f file.txt -p password --config custom-config.yamlmake build # Build CLI version
make build-web # Build with web UI
make test # Run tests
make lint # Run linters
make clean # Clean build artifacts
make dev-setup # Setup development environmentfile-encryptor/
βββ cmd/file-encryptor/ # Main application
βββ pkg/ # Core packages
β βββ crypto/ # Encryption logic
β βββ logging/ # Logging utilities
β βββ webapi/ # Web API components
βββ web/ # Web UI assets
β βββ templates/ # HTML templates
β βββ static/ # CSS, JS, images
βββ Makefile # Build automation
βββ README.md # This file
- AES-256-GCM for file encryption (authenticated encryption)
- RSA-4096 for key exchange (configurable key size)
- PBKDF2 with SHA-256 for password-based key derivation
- HMAC-SHA-256 for integrity verification
- Secure random number generation for all cryptographic operations
- CORS Protection with configurable origins
- Security Headers (CSP, HSTS, X-Frame-Options)
- File Size Limits to prevent DoS attacks
- Path Traversal Protection for static file serving
- HTTPS Support with TLS 1.2+ enforcement
- Always use strong, unique passwords (12+ characters)
- Keep private keys secure and never share them
- Use HTTPS in production environments
- Regularly update to the latest version
- Backup important files before encryption
The tool supports all file types, including:
- Text: TXT, CSV, JSON, XML, YAML
- Images: JPG, PNG, GIF, BMP, TIFF, SVG
- Videos: MP4, AVI, MOV, MKV, WebM
- Audio: MP3, WAV, FLAC, AAC
- Documents: PDF, DOCX, XLSX, PPTX
- Archives: ZIP, TAR, 7Z, RAR
- Code: JS, Python, Go, Java, C++
- Any other binary or text file
Contributions are welcome! Please:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
- Follow Go best practices and conventions
- Add tests for new functionality
- Update documentation as needed
- Ensure all tests pass before submitting
This project is licensed under the MIT License - see the LICENSE file for details.
This tool is provided as-is, without any warranties. Always ensure you have backups of your important files before encryption. Test the tool with non-critical files first to ensure it meets your requirements.
- Documentation: Check this README and inline help (
--help) - Issues: Report bugs via GitHub Issues
- Feature Requests: Submit enhancement ideas via GitHub Issues
- Security: Report security issues privately via email