CatArmor is a powerful command line tool for secure, symmetric file encryption and decryption. It uses pyca/cryptography for encryption primitives, pydantic for validation, cyclopts for command line argument parsing, and pytest for unit tests. Encryption and decryption are parallelized using multiprocessing, configurable using the -j parameter with a separate --parallel-kdfs limit for concurrent KDF derivations to avoid running out of memory.

File Format

Encrypted files use a custom binary format with a structured header encoding the cipher, HMAC, and KDF algorithm IDs, KDF parameters, salt, and IV/nonce, followed by the encrypted payload and a final HMAC auth tag.

file:
  header          # magic, version, timestamp, algorithm IDs, KDF params, salt, IV/nonce
  encrypted_data  # variable-length ciphertext
  auth_tag        # HMAC digest of the file

See the file format spec.

View project repo at ManpreetXSingh/catarmor.