Skip to content

mjethani/miniLock-cli

Repository files navigation

GitHub version

miniLock-cli is a Node.js command line version of the miniLock encryption software.

You can read about miniLock here:

https://minilock.io/

The CLI version is written from scratch using the same crypto libraries as the original Google Chrome app.

Installation

Install Node.js.

Then run the following command:

$ npm install -g minilock-cli@0.2.13
/usr/local/bin/mlck -> /usr/local/lib/node_modules/minilock-cli/mlck
minilock-cli@0.2.13 /usr/local/lib/node_modules/minilock-cli
├── bs58@2.0.1
├── nacl-stream@0.3.3
├── scrypt-async@1.0.1
├── blake2s-js@1.0.3
├── tweetnacl@0.13.1
└── zxcvbn@1.0.0
$ 

Verify the installation:

$ mlck --version
miniLock-cli v0.2.13
$ 

Tutorial

Let's get started!

Generate an ID

First, you need a miniLock ID.

$ mlck id alice@example.com --save
period dry million besides usually wild everybody

Passphrase (leave blank to quit): 

Enter a good passphrase, such as the one shown before the prompt. You need ~100 bits of entropy. Any 7-8 randomly selected words out of the English lexicon should be fine.

If you insist on using a simple passphrase like "hello" (not recommended at all!), you must use the --passphrase option.

$ mlck id alice@example.com --save --passphrase='hello'

Your miniLock ID: LRFbCrhCeN2uVCdDXd2bagoCM1fVcGvUzwhfVdqfyVuhi.

$ 

You can look up your miniLock ID any time.

$ mlck id

Your miniLock ID: LRFbCrhCeN2uVCdDXd2bagoCM1fVcGvUzwhfVdqfyVuhi.

$ 

Once you're sure about it (i.e. you've picked a good passphrase that is also easy to remember), you can publish it on Twitter, on your website, and on various other channels. If people know your miniLock ID they can encrypt information to you even anonymously.

Encrypt a file

Let's say you have a text file called message.txt containing the following message:

The PIN code is 1337.

Withdraw 10,100 euros and meet me at Frederick Street at 5pm.

Don't forget my chocolate!

Now you can encrypt it to the miniLock ID gT1csvpmQDNRQSMkqc1Sz7ZWYzGZkmedPKEpgqjdNTy7Y using the following command:

$ mlck encrypt -f message.txt gT1csvpmQDNRQSMkqc1Sz7ZWYzGZkmedPKEpgqjdNTy7Y
Passphrase (leave blank to quit): 

Once again, it asks you for your passphrase. This time it's to identify you as the sender. If you wish to send anonymously (using a randomly generated sender ID), use the --anonymous option.

Note that you can send anonymously even if the message itself contains identifying information.

Here's the full interaction:

$ mlck encrypt -f message.txt gT1csvpmQDNRQSMkqc1Sz7ZWYzGZkmedPKEpgqjdNTy7Y
Passphrase (leave blank to quit): 

Encrypted from LRFbCrhCeN2uVCdDXd2bagoCM1fVcGvUzwhfVdqfyVuhi.

Wrote 1075 bytes to message.txt.minilock

$ 

Now you can send the file message.txt.minilock to its intended recipient.

Decrypt a file

Your friend Bob receives a file called message.txt.minilock in the mail. Luckily he has miniLock-cli installed. He proceeds to decrypt the file using his email address and his passphrase.

$ mlck decrypt -f message.txt.minilock -e bob@example.com --passphrase='puff magic dragon sea frolic autumn mist lee'
--- BEGIN MESSAGE ---
The PIN code is 1337.

Withdraw 10,100 euros and meet me at Frederick Street at 5pm.

Don't forget my chocolate!
--- END MESSAGE ---

Message from LRFbCrhCeN2uVCdDXd2bagoCM1fVcGvUzwhfVdqfyVuhi.

Original filename: message.txt

$ 

Bob knows exactly what you mean by "Don't forget my chocolate!"

Links

Here are some useful links: