Key Facts
- Category
- Security & Validation
- Input Types
- select, file, text, checkbox, textarea
- Output Type
- json
- Sample Coverage
- 4
- API Ready
- Yes
Overview
The Age-like Encrypted File Bundle tool allows you to secure files using the AGEX v1 format, which packages your data into a self-describing, password-protected bundle. By combining Argon2id key derivation, XChaCha20-Poly1305 encryption, and optional Ed25519 digital signatures, it ensures your files remain confidential, tamper-proof, and verifiable during transit or storage.
When to Use
- •When you need to securely share a sensitive file over untrusted channels using a strong, password-derived key.
- •When archiving local backups that require high-grade encryption parameters like Argon2id and XChaCha20-Poly1305.
- •When you want to verify the origin and integrity of an encrypted file bundle using Ed25519 public key signatures.
How It Works
- •Select the operation (Encrypt or Decrypt) and upload your source file or existing AGEX bundle file.
- •Provide a passphrase and choose the Argon2id strength level to control key derivation hardness.
- •Optionally enable Ed25519 signing by providing or auto-generating a private key to sign the bundle.
- •Run the tool to generate a self-describing JSON bundle containing the ciphertext, metadata, and optional signature, or to decrypt and verify an existing bundle.
Use Cases
Encrypting database backups before uploading them to public cloud storage providers.
Signing and encrypting software update binaries for distribution to remote servers.
Exchanging confidential documents between team members using a pre-shared passphrase.
Examples
1. Encrypting a sensitive audio recording
Journalist- Background
- A journalist needs to store an interview recording securely on an external drive.
- Problem
- The audio file contains sensitive information and must be encrypted with a strong passphrase to prevent unauthorized access if the drive is lost.
- How to Use
- Select the 'Encrypt' operation, upload the audio file, enter a strong passphrase, set the strength to 'moderate', and run the encryption.
- Example Config
-
{ "operation": "encrypt", "passphrase": "correct horse battery staple", "strength": "moderate", "includeSignature": false } - Outcome
- An AGEX JSON bundle is generated containing the encrypted audio file and Argon2id metadata.
2. Decrypting and verifying a signed configuration bundle
DevOps Engineer- Background
- An engineer receives an encrypted configuration bundle from a teammate and needs to apply it.
- Problem
- The engineer must decrypt the configuration file and verify that it was actually created by the teammate's private key.
- How to Use
- Select the 'Decrypt' operation, upload the AGEX bundle file, enter the shared passphrase, and paste the teammate's base64 Ed25519 public key into the public key field.
- Example Config
-
{ "operation": "decrypt", "passphrase": "correct horse battery staple", "signerPublicKey": "BASE64_PUBLIC_KEY" } - Outcome
- The original configuration file is decrypted, and the tool confirms the signature status as 'verified'.
Try with Samples
json, fileDistributed Tracing Samples
Comprehensive distributed tracing examples using Jaeger, OpenTelemetry, and other modern observability tools for microservices architecture
preferred input family json
ELK Stack Log Analysis Samples
Comprehensive ELK Stack (Elasticsearch, Logstash, Kibana) samples for log aggregation, processing, and visualization in distributed systems
preferred input family json
AWS EventBridge Samples
AWS EventBridge examples including event buses, rules, targets, schema registry, custom events, and cross-account event routing for serverless event-driven architecture
preferred input family json
Grafana Advanced Application Samples
Comprehensive Grafana samples covering advanced dashboard design, alerting configurations, data source integrations, and plugin development
preferred input family json
Related Hubs
AGEX Secure File Bundle and Handoff Tools
Create encrypted AGEX bundles, inspect metadata, rotate passphrases, verify signatures, redact exposed fields, and prepare safer secure-file handoffs in one focused hub.
JSON Interchange and Format Translation Tools
Compare JSON conversion tools for CSV, YAML, TOML, GraphQL, XML, Markdown, Excel, BSON, EDN, and related structured formats in one hub.
JSON Inspection, Diff, and Transformation Tools
Compare JSON formatting, diffing, path inspection, schema validation, merging, transformation, and export tools in one hub for API and data workflows.
JSON Schema, Mock Data, and API Fixture Generators
Curated tools for JSON schema generation, mock payload building, and API fixture preparation in one hub.
FAQ
What encryption algorithms does this tool use?
It uses Argon2id for password hashing and key derivation, and XChaCha20-Poly1305 for symmetric file encryption.
What is the purpose of the optional signature?
The Ed25519 signature allows the recipient to verify the identity of the sender and confirm the bundle has not been tampered with.
What are the differences between the strength levels?
The strength levels (interactive, moderate, sensitive) adjust the Argon2id memory and CPU limits, making password-cracking attempts progressively harder.
Can I decrypt a bundle without the original public key?
Yes, you can decrypt the file using only the passphrase, but you will not be able to verify the sender's signature without the public key.
Is the output bundle format compatible with standard age?
No, this tool uses the AGEX v1 format, which wraps the ciphertext and metadata into a self-describing JSON structure.