This is an ECIES Go implementation, a hybrid asymmetric–symmetric key encryption algorithm based on the Diffie–Hellman key exchange, specifically uses one of the following combinations:
go get golang.org/x/crypto
(included Poly1305 MAC)go build -o ./ecies *.go
to compile all related .go files./ecies -en -in=<input_file> -out=<output_file> -pub=<path_to_public_key>
for encryption./ecies -de -in=<input_file> -out=<output_file> -prv=<path_to_private_key>
for decryption-mode
to specify whether to use curve P-521 with AES-256 and SHA-512 (-mode=P521
) or P-256 with AES-128 and SHA-256 (-mode=P256
). SHA-512 or SHA-256 only applies to hashing, for MAC, Poly1305 is used in both cases.-hex
flag to encode encrypted ciphertext to hex encoding, or decode ciphertext for decription from hex encoding. IMPORTANT You must specify the same mode for both encryption and decryption, otherwise, you will encounter "Incorrect public key" error.-generate-key-pair
flag to generate new pair of private and public key. In such case, -prv
and -pub
specify the path for the generate private key, respectively public key./ecies -generate-key-pair -mode=<P256||P521> -prv=<output_private_key_path> -pub=<output_public_key_path>
to generate new key pair-mode
: P256-hex
: False-generate-key-pair
: False-prv
: key.pem-pub
: key.pub-in
: file.txt-out
: out.out./ecies -en -in=file.txt -out=out.out -generate-key-pair -hex -mode=P521
generates new private and public key storred as key.pem and key.pub encrypts file.txt to hexadecimal out.out using mode P521../ecies -de -in=out.out -out=decrypted.txt -hex -mode=P521
decrypts hexadecimal out.out into decrypted.txt using default key.pem (public key not required for decryption)../ecies -generate-key-pair -prv=p256-key.pem -pub=p256-key.pub
generates new key pair for EC P-256 and saves the keys in "p256-key.pem" and "p256-key.pub"../ecies -h