• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号
登陆 注册
描述文字

shlemph/ipfsecret: Encrypt and decrypt IPFS files with a secret passphrase.

原作者: [db:作者] 来自: 网络 收藏 邀请

开源软件名称:

shlemph/ipfsecret

开源软件地址:

https://github.com/shlemph/ipfsecret

开源编程语言:

JavaScript 80.1%

开源软件介绍:

npm license npm node GitHub last commit

Introduction

IPFSecret lets you encrypt and decrypt IPFS files with a secret passphrase.

If you are new to IPFS, there are guides for getting started and running the daemon with the right port.

Install

λ npm install -g ipfsecret

Quickstart

Add a file

λ ipfsecret add README.md
Passphrase?
Confirm passphrase:
QmeVMn7oLoSC7ShLeLPu2tMrGq4TEr9icSxPbKxAF7CJ7Q

Get a file

λ ipfsecret get QmeVMn7oLoSC7ShLeLPu2tMrGq4TEr9icSxPbKxAF7CJ7Q
Passphrase?
λ head -n1 ipfsecret-decrypted-QmeVMn7oLoSC7ShLeLPu2tMrGq4TEr9icSxPbKxAF7CJ7Q
* [Introduction](#introduction)
λ

Add a directory

λ ipfsecret add -r node_modules/webcrypto-crypt
Passphrase?
Confirm passphrase:
QmfSi8rg7ismstGwDKoEwKySCr8Ptt7XHV1xMkB27DAARv

Get a directory

λ ipfsecret get QmfSi8rg7ismstGwDKoEwKySCr8Ptt7XHV1xMkB27DAARv
Passphrase?
λ ls ipfsecret-decrypted-QmfSi8rg7ismstGwDKoEwKySCr8Ptt7XHV1xMkB27DAARv/node_modules/webcrypto-crypt/
CHANGES.md      README.md       bin             examples        lib             test
LICENSE         SIGNED.txt      dist            index.js        package.json

Add a file, include web interface

λ ipfsecret add -w README.md
Passphrase?
Confirm passphrase:
http://127.0.0.1:8080/ipfs/QmNndRMk9sQzYGmszosGCYUiDm9WBKGy512bLZNoxcAcPm/ipfsecret.html

Add a directory, include web interface

λ ipfsecret add -wr node_modules/webcrypto-crypt
Passphrase?
Confirm passphrase:
http://127.0.0.1:8080/ipfs/QmWCGgmQdT1xNd44kUwEqY61aX551kRMwrXdvBPBGA1Qto/ipfsecret.html

Warnings

  • File contents added via IPFSecret are encrypted but file and directory names are stored in clear text.
  • There are problems with symmetric algorithms.
  • Depending on pinning activity, your encrypted data could be distributed to many nodes across the IPFS network.
  • Entities with access to your IPFSecret multihashes that then guess, learn, or crack the relevant passphrase will be able to decrypt your data.
  • Unknown bugs in this code or its dependency tree (e.g., the webcrypto-crypt package) could render encryption ineffective.
  • Downloading large files over IPFS web gateways can be slow and in the case of decryption there is currently no feedback on download progress.
  • Private Networks, public-key cryptography tools, or something like FileNation or Firefox Send may better fit your needs.

Testing

Node.js

Optionally run the relevant daemon using the --offline option for the duration of the tests. Tests assume the API settings present in lib/config.js.

λ npm run test

Web browsers

As part of the install process, IPFSecret adds a multihash for browser testing and extracts it to .examples/. The password will be justtesting and you can access it over the local web gateway using the same multihash.

Tested environments

OS Environment Version
Mac Sierra Chrome 70.0.3538.110
Mac Sierra Firefox 63.0.3
Mac Sierra Node v10.13.0
Mac Sierra Safari 11.0.2

Help

Commands

λ ipfsecret --help
Usage: ipfsecret <command> [options]

Commands:
  get   Retrieve & decrypt encrypted files from IPFS
  add   Encrypt & add files to IPFS
  list  List known HTTPS gateways

Options:
  --debug, -d    Print debugging info to stderr  [boolean] [default: false]
  --api, -a      Specify IPFS API configuration  [string] [default: "/ip4/127.0.0.1/tcp/5001"]
  --gateway, -g  Use this HTTP(S) gateway when returning gateway address  [string] [default: false]
  --version, -v  Display version and exit  [boolean] [default: false]
  --help         Show help  [boolean]
add
λ ipfsecret add -h
File or directory required
Usage: ipfsecret add [options] [file|dir]

Options:
  --debug, -d      Print debugging info to stderr  [boolean] [default: false]
  --api, -a        Specify IPFS API configuration  [string] [default: "/ip4/127.0.0.1/tcp/5001"]
  --gateway, -g    Use this HTTP(S) gateway when returning gateway address  [string] [default: false]
  --version, -v    Display version and exit  [boolean] [default: false]
  --help           Show help  [boolean]
  --web, -w        Add web interface  [boolean] [default: "false"]
  --naked, -n      With --web, return naked hash vs URL  [boolean] [default: "false"] 
  --recursive, -r  Add as directory, recursively  [boolean] [default: "false"]
  --hidden, -H     When adding directory, include hidden files  [boolean] [default: "false"]
get
λ ipfsecret get --help
Multihash required
Usage: ipfsecret get [multihash]

Options:
  --debug, -d    Print debugging info to stderr  [boolean] [default: false]
  --api, -a      Specify IPFS API configuration  [string] [default: "/ip4/127.0.0.1/tcp/5001"]
  --gateway, -g  Use this HTTP(S) gateway when returning gateway address  [string] [default: false]
  --version, -v  Display version and exit  [boolean] [default: false]
  --help         Show help  [boolean]
  --output, -o   Path where output should be stored  [string]

example of specifying output paths

λ ipfsecret get -o decrypted.md QmXCsAFuP7Jv2bePvcZEmHeygSHLYfVEB9rtkvhaKF5pL9
Passphrase?
λ head -n1 decrypted.md
* [Purpose](#purpose)

λ ipfsecret get -o decrypted-dir-test QmfSi8rg7ismstGwDKoEwKySCr8Ptt7XHV1xMkB27DAARv
Passphrase?
λ ls decrypted-dir-test/node_modules/webcrypto-crypt/
CHANGES.md      README.md       bin             examples        lib             test
LICENSE         SIGNED.txt      dist            index.js        package.json

API

Please assume the following lines precede these examples:

const IPFSecret = require('ipfsecret'),
    ipfsecret = new IPFSecret();

ipfsecret.add(path, passphrase)

Wraps ipfs.files.add to require a path to add to IPFS and a passphrase for encryption. Encrypts each file found along the path using webcrypto-crypt and appends the .wcrypt suffix before adding.

Add file

ipfsecret.add('./README.md', 'justtesting')
    .then(results => {
        console.log(results);
    })
    .catch(err => {
        console.error(err);
    });

Example:

[ { path: 'README.md.wcrypt',
  hash: 'QmcrMFv4f4yef5EpdM9mUTGiE4msi2VKLmTPbGenRaiKLd',
  size: 20871 } ]

Add directory

ipfsecret.add('./test', 'justtesting')
    .then(results => {
        console.log(results);
    })
    .catch(err => {
        console.error(err);
    });

Example:

[ { path: 'ipfsecret/test/add-indexed.js.wcrypt',
    hash: 'QmPm5MGHooEiDuiJjDg5dFRvaNgyTNYuM7Lx4gqj5k77cB',
    size: 8013 },
  { path: 'ipfsecret/test/add.js.wcrypt',
    hash: 'Qmcdj2aRshwSkVnEUSAANcHEmbyjb1tnt9Cg5Ubh2bxvav',
    size: 6900 },
  { path: 'ipfsecret/test/get.js.wcrypt',
    hash: 'QmXYeFbCBL8vgYKsvy4K98kYNvqDHMXVeEogR6zQzdedg7',
    size: 5322 }...

0 byte files are skipped during encryption. Symbolic links encountered are resolved and encrypted as separate files.

Other options

If the caller passes in an Object instead of passphrase, ipfsecret.add recognizes the following key:value pairs:

  const options = {
      directory: 'mydirname',                 // Use this wrapping dir, default 'ipfsecret'
      hidden: false,                          // Include hidden files.  Default true
      passphrase: 'justtesting',              // Use value to encrypt, always required
      root: true,                             // Return just multihash.  Default false
      suffix: 'myfilesuffix',                 // Use this suffix, default 'wcrypt'
      wcrypt: {config:{crypto:tagLength:112}} // Pass options to webcrypto-crypt (see below)
  };

Root multihash only

The multihash is returned as a Buffer:

const bs58 = require('bs58');

ipfsecret.add('./test', {passphrase:'justtesting', root:true})
    .then(hash => {
        console.log(bs58.encode(hash));
    })
    .catch(err => {
        console.error(err);
    });

Example:

Qmf22oxRTsz6CPWf2xDZeF729xdBx7ULDQsdtqpXYh8UKV

Custom file suffix

ipfsecret.add('./test', {passphrase:'justtesting', suffix: 'shazam'})
    .then(results => {
        console.log(results);
    })
    .catch(err => {
        console.error(err);
    });

Example:

[ { path: 'ipfsecret/test/add-indexed.js.shazam',
    hash: 'QmY4EWxfvBVAUVzpbB7wXhktWLFwE4xunx1jiFbpiNWiKM',
    size: 8013 },
  { path: 'ipfsecret/test/add.js.shazam',
    hash: 'QmRGKq3VHsuX4kyerYE1atNBC7wCu2gRpmxXqocKdXTQsT',
    size: 6900 },
  { path: 'ipfsecret/test/get.js.shazam',
    hash: 'QmRU2qKJBScmedhcDgGGPCvtpWVnasQEJdkF9UvVEM9L7N',
    size: 5322 },...

Custom wrapping dir

ipfsecret.add('./test', {passphrase:'justtesting', directory:'shazam'})
    .then(results => {
        console.log(results);
    })
    .catch(err => {
        console.error(err);
    });

Example:

[ { path: 'shazam/test/add-indexed.js.wcrypt',
    hash: 'QmTWSp9uyPG2DuxFuw3XBhuqJd7cq4zemz4iJqxMw6693r',
    size: 8013 },
  { path: 'shazam/test/add.js.wcrypt',
    hash: 'QmXC348Z6PZGUCSz4tMGaRuhcQ7cgiAxhD8h4gbqhCoAEn',
    size: 6900 },
  { path: 'shazam/test/get.js.wcrypt',
    hash: 'QmcU8eu2fWFfUsM1SkKq8zSrmDa9hWB6hze6yVzNtDKE2G',
    size: 5322 }...

Custom cryptography settings

To pass custom settings to webcrypto-crypt, use the wcrypt options attribute:

ipfsecret.add('./test', {
    passphrase:'justtesting',
    root: true,
    wcrypt: {
        config: {
            crypto: {
                tagLength: 112
            },
            derive: {
                hash: 'SHA-256',
                length: 192,
                iterations: 5000
            },
            paranoid: true
        }
    }
})
    .then(hash => {
        console.log(hash);
    })
    .catch(err => {
        console.error(err);
    });
QmesGPZmiAgGhQSvEF7m7AdotmMygaPsJHvUH9STRjttwB
λ head -n1 QmesGPZmiAgGhQSvEF7m7AdotmMygaPsJHvUH9STRjttwB/test/add-index.js.wcrypt
WCRYPT00.01.125000112192SHA-256....

ipfsecret.get(hash, passphrase)

Wraps ipfs.files.get to require a multihash for retrieval and a passphrase for decryption. If passphrase is accepted, returns a promise that resolves to an object stream of decrypted file objects.

Any files encountered during an ipfsecret.get operation that could not be decrypted will not be retrieved.

Consider the following IPFS directory, encrypted with the passphrase, "学年別漢字配当表":

λ ipfs ls QmZdNHJpzvTYqS3ba6EW4tryGaaEjHYyqY4ji6jZGK6Les/assets/fonts
QmX6KnVkx6L3uXsLcTfi5d8SUwc4F1DLTEMeYgeRWYscoc 34016 roboto-v16-latin-300.woff.wcrypt
QmYWKumL3aj54gRyG11dLRKp9eon9kCZzDM4MDMdzg7nQg 26475 roboto-v16-latin-300.woff2.wcrypt
QmXAVPjgS2FiCpGXz7pA5Prh5WjHJtan1H1L7PSNNZLMCz 37008 roboto-v16-latin-300italic.woff.wcrypt
QmaX7JAakBrgw5GAaMSuqxGyyntQsmxHc3jHLDDuuMsxSt 29439 roboto-v16-latin-300italic.woff2.wcrypt
QmPPoCqdCCxNEqyPJmsEqasDUes9uP49UAzyJ6S4JVEnJb 34001 roboto-v16-latin-700.woff.wcrypt
QmeFr49dWjcRJm9LM6vzfVEHZaZB8JwbgA5fXkq68vL4gn 26494 roboto-v16-latin-700.woff2.wcrypt
QmSsuY2teXgFRk5dXx4P2CBe4VG4QmmjJsAXVMRofpKmvP 35974 roboto-v16-latin-700italic.woff.wcrypt
Qmb3LegLP2kNLmvjUPsWkt82mVPX9BVGCbgTajj5KidrRG 28344 roboto-v16-latin-700italic.woff2.wcrypt
QmU5ehUCXbbMcoEDHgdp55T51kqi1X1Qjh3VeeZAz94xdN 33648 roboto-v16-latin-regular.woff.wcrypt
QmUWp3DJNujDFXvQaxdR8qm3ueYnGd6tnnsHuVP4qmiQVL 26516 roboto-v16-latin-regular.woff2.wcrypt
λ

const fs = require('fs'),
    path = require('path'),
    hash = 'QmZdNHJpzvTYqS3ba6EW4tryGaaEjHYyqY4ji6jZGK6Les';

ipfsecret.get(hash, '学年別漢字配当表')
    .then((stream) => {stream.on('data', (obj) => {
        if (obj.content) {
            var filename = path.basename(obj.path),
                writeable = fs.createWriteStream(filename);
            obj.content.pipe(writeable);
            obj.content.on('finish', () => {
                console.log('Wrote ' + filename);
            });
            obj.content.on('error', (err) => {
                console.error('Error: ' + err);
            });
        }
    });})
    .catch(err => {
        console.error(err);
    });

Example:

Wrote roboto-v16-latin-300.woff
Wrote roboto-v16-latin-300.woff2
Wrote roboto-v16-latin-300italic.woff
Wrote roboto-v16-latin-300italic.woff2
Wrote roboto-v16-latin-700.woff
Wrote roboto-v16-latin-700.woff2
Wrote roboto-v16-latin-700italic.woff
Wrote roboto-v16-latin-700italic.woff2
Wrote roboto-v16-latin-regular.woff
Wrote roboto-v16-latin-regular.woff2
λ ls roboto-v16-latin-*
roboto-v16-latin-300.woff               roboto-v16-latin-300italic.woff         roboto-v16-latin-700.woff               roboto-v16-latin-700italic.woff         roboto-v16-latin-regular.woff
roboto-v16-latin-300.woff2              roboto-v16-latin-300italic.woff2        roboto-v16-latin-700.woff2              roboto-v16-latin-700italic.woff2        roboto-v16-latin-regular.woff2
λ file roboto-v16-latin-300.woff
roboto-v16-latin-300.woff: Web Open Font Format, flavor 65536, length 18972, version 1.1

Other options

If the caller passes in an Object instead of a passphrase, ipfsecret.get recognizes the following key:value pairs:


鲜花
握手
雷人
路过
鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
More+
上一篇:
jonnycrunch/ipid: Interplanetary Identifiers - Implementation of the DID ( dece ...发布时间:2022-06-23
下一篇:
redcpp/algorand-ipfs-js: Algorand and IPFS for secure file sharing发布时间:2022-06-23
热门推荐
More+
热门话题
More+
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap