I’ve just released secure_packager, a Go utility designed to solve a common problem: how to securely ship sensitive files to customers without complex key management or heavy DRM.
The project uses a hybrid encryption approach. Files are encrypted with a symmetric Fernet key, which is then wrapped using the recipient’s RSA public key. This ensures confidentiality by design, as the symmetric key is never in plaintext and can only be unwrapped by the intended recipient’s private key.
An optional feature allows vendors to include a signed license token, which can be verified at decrypt time to enforce basic access rules (e.g., expiry). It’s a simple, portable solution available via CLI or multi-arch Docker images.
Looking forward to your feedback and thoughts.
Link: https://github.com/stevef1uk/secure_packager.git
Comments URL: https://news.ycombinator.com/item?id=45274781
Points: 1
# Comments: 0
Source: news.ycombinator.com
