Ask HN: Is there a portable encryption file format?

5 points

4 years ago

Even after a lot of research, I wasn't able to find an encryption file format that is widely used and still considered "supported" on most platforms. The obvious answer is OpenPGP [1], but that's widely considered "not modern" and some languages even deprecate their support for it (e.g. Go [2]).

Specifically, I'm looking for a container format like OpenPGP that can support different cipher suites, e.g. "passphrase-to-key via PBKDF2, then AES-GCM-128" or similar and is portable across different programming languages and operating systems.

I do not believe such a tool exists, but I'm scratching my head as to why. It's 2022. TLS is ubiquitous. Why is there no TLS-in-a-file?

My use case is my push notification project [3]. I want people to be able to do this (on the shell):

   echo "secret message" | encxyz -p "password" | curl -T- ntfy.sh/mytopic

Or this (in JS):

   import {xyz_encyrpt} from "encryptxyz";
   const message = xyz_encrypt("secret message", "password");
   fetch(...);

Of course I can design my own thing (and I have), but then I have to make my own libraries for all languages that I want to offer end-to-end encryption for.

[1] https://datatracker.ietf.org/doc/html/rfc4880

[2] https://github.com/golang/go/issues/44226

[3] https://github.com/binwiederhier/ntfy

13 comments