• What is Zencrypt
• Getting To Know About The Zencrypt CLI

• Zencrypt Documentation
  • A Shorter Description About My Enhancement Plans for Zencrypt:
    • Enhancing and Updating The Software Engineering and Design
      • Key Flowchart Explanation
    • Updating The Algorithms and Data Structures:
      • Flowchart Explanation
    • Enhancing the Database Management For Zencrypt
      • Flowchart Explanation
    • Skills and Illustrated Outcomes
      • ePortfolio

For now, I'm satisfied with the ways that Zencrypt has evolved from a simple CLI tool into a scalable and modular web platform. Starting out as a hash generator, Zencrypt has become more than just an encryption suite, but more or less, it shows a genuine reflection of my commitment to strong and solid security practices along with clean software design and development. In order to make an app have complex and intricate back ends without compromising the UI/UX is to simply remember that the key to web development is to keep it simple.

• Core Functionality:
  I started Zencrypt as a simple command-line tool, focusing primarily on basic SHA-256 hash generation and verification. With that being said, I learned quite a bit while developing each version, steadily expanding its capabilities to include comprehensive file encryption and RSA-based PGP features that give users more control over their security needs. None the less, my work on version 4.2 marked a significant milestone - I noticed the need to restructure the entire system into distinct modules, making it easier to scale while maintaining solid security practices.

• Evolutionary Path:
  Throughout this journey, I focused on transforming Zencrypt from a single-file script into a full-fledged web service without compromising its core security principles. I made sure each component could stand independently, thus creating a more dependable foundation for future enhancements. With that experience, I've learned that good software isn't just about adding features - it's about building a structure that stays strong as it grows.

• Backend Architecture: I built the core application using Flask, focusing on creating secure routes for authentication, encryption, and file handling. None the less, I realized how important it was to have solid data management, so I implemented SQLAlchemy ORM for modeling users, hashes, and encryption keys into a dedicated module. None the less, I made sure to include Flask-Migrate and Alembic to properly be able to handle database changes or merges but still keeping it flexible and scalable for other systems. I used SQLite for development and production, but for this reason I made sure to keep the code modular to easily switch to another storage system or database, like MongoDB or MySQL.

• Security Implementation: I focused on implementing JWT authentication through Flask-JWT-Extended, making sure that only registered users can access the webapp. None the less, this project has helped teach me that proper key management plays a crucial role in keeping the foundations of the webapp secure. With that in mind, I decided to store all of the sensitive configurations in external environment files and keys in specific directories outisde of the user environment, to respect the users privaledges and rules, while still having dedicated functions for key rotation and management.

• Cryptographic Foundation: For encryption, I chose to use Fernet for handling text and AES (in CFB mode) for files, implementing a random salt for secure key derivation. In my webapp, I also noticed PGP encryption needed to be approached differently. To still get the functionality, I developed RSA functions for handling asymmetric encryption, along with generating keys and any file operations as well. This approach helped me understand that different encryption methods require different frameworks and implementations, but still can be achieved with a modular codebase and a solid foundation.

• Frontend Development: I designed a responsive UI using React to help the layout stand out by adding components like Navbar.js, which is a navigation feature that helps provide the user with a clean and simple way to access to all of the webapp's features. I also made sure that auth.js handled not just the user authentication but also was integrated with the system used to generate PGP keys. This was a big way to keep a solid structure in modularity, scalability, and security, while still keeping the UI/UX simple and easy to use. Each user is given a unique set of keys, which is used when encrypting using PGP, thus making it to where the users dont have to worry about managing or sharing keys, but still have the ability to export and import keys as needed. This is a small feature that I believe can be made as a good example of how something simple can be made complex and intricate without compromising the UI/UX.

• CLI Integration: I made sure that version 6 of Zencrypt kept its CLI foundation while expanding into a web application. None the less, I noticed that keeping the core cryptographic functions in utils.py modular enough to serve both interfaces was important. This helped me learn how to keep the codebase clean and maintainable, while still being able to expand and add features without having to rewrite the entire system. Mind mapping the structure of the code and the way the user interacts with the system helped me understand that the key to web development is to keep it simple, and to make sure that the user can interact with the system in a way that is easy to understand and use.

• Hash Generation:

  • Uses SHA256 with an optional salt.
  • Hashes can be stored in the database for parsing or later verification.

• Text Encryption/Decryption:

  • Implements encryption of text using Fernet.
  • Both encryption and decryption are supported.

• File Encryption/Decryption:

  • Encrypts files using AES with a random salt and initialization vector, and decrypts them using the same key.
  • Supports file uploads, processing, and download operations, depending on the user's input.

• PGP Encryption:

  • Generates RSA keys for the user and encrypts messages using the recipient's public key.
  • Allows users to encrypt messages using a recipients public key and decrypt messages using their own private key.
  • Features for exporting and importing public keys are optional but provided to enhance the security of key management.

• User Authentication & Session Management:

  • Secure registration and login routes, including password hashing and JWT-based authentication.
  • Session management ensures that users can access their data securely and efficiently.
  • User-specific encryption keys are generated and stored securely to ensure data privacy.

• Database Operations:

  • Models are defined for storing user information, encryption keys, logs of hashing or encryption events, and PGP keys.
  • SQLAlchemy ORM is used for database interactions, making it easy to manage and query data.
  • Database migrations are handled using Flask-Migrate and Alembic, ensuring that the database schema can be updated seamlessly.
  • The use of SQLite for development and production databases ensures a lightweight and scalable solution.
  • The modular code structure allows for easy switching to other database systems like MongoDB or MySQL.

• UI/UX Enhancements:

  • The React components help to create a responsive and intuitive user interface. Features like Navbar.js and auth.js provide easy navigation and user authentication.
  • The UI is designed to be clean, simple, and user-friendly, ensuring that users can easily access and utilize the encryption features.
  • The integration of PGP encryption features into the UI demonstrates a commitment to enhancing security while maintaining the UI/UX simplicity.
  • Zencrypt is still being developed in a format where eventually both, the CLI and Web-Applciation can be merged into one and make it easier for user to access the system in a way that is easy to understand and use.

Extensive Documentation: I focused on making all of the documentation on Zencrypt to be clear and purposeful and explain both the how and why behind my development and design choices. I made sure to include detailed diagrams that can be used to better visualize database interactions and encryption workflows. This helped me as well, because the more that I was able to mind map the structure of the code and the way the user interacts with the system, the more detail I was able to put into the documentation, which in turn helps the users understand the system better. I used to struggle with organization and documentation, but I learned that the more that I was able to add into the details, the more the users were able to understand and expect from the system.

Whitepapers: With that being said, I created a few important documents like "A Shorter Description About My Enhancement Plan for Zencrypt CLI" to help explain what the goal of this project is and to track the project's progress during the merge to the webapp. I also found that using flowcharts inside of my documentation is a good way to help users to properly visualize the systems logic and the back end more effectively.

Enhancement Plans: I mapped out several enhancements that I still want to implement. For example, I plan to add ECC encryption and Argon2 hashing to the system, as well as optimize large file handling through parallel processing. I also plan to transition Zencrypt from web2 to web3, bringing its security features to the blockchain. These enhancements will help me to continue to grow and develop the system, while still keeping the core features and functionality of the system in place.

Professional Skills and ePortfolio: I've learned that building secure software is about more than just writing code, but is also about creating systems that grow thoughtfully. Looking back at the progress along the way, from a CLI tool to a web platform, I noticed how each change taught me something valuable about security and scalable design.

With that being said, Im still planning on adding different methods of encryption and hashing along with optimizing the way that large files are currently handled, by using parallel processing. For version 7, Im hopeful to be able to transition this application yet again, but this time from web2 to web3 applications. None the less, Im still satisfied to see my work reflecting in both, solid security practices and in clean development principles.

Deployment Configuration: I set up Zencrypt for cloud deployment using Gunicorn as my web server, configuring everything in render.yaml. With that being said, I learned that proper environment variable management was crucial for maintaining security in production. Thus, I made sure that my configuration system remained flexible yet secure across different deployment environments. I also made sure to keep the code modular, so that it could be easily deployed to different cloud services, like AWS or Azure, without having to rewrite the entire system.

Testing and Quality Assurance: I focused heavily on building a thorough testing process for Zencrypt. I started with unit tests in test_webapp.py to make sure that the database operations stayed solid. Then I ran security checks using Snyk for vulnerability scanning and OWASP ZAP to guard against common web attacks. With that being said, I made sure to maintain clean code practices, using Pylint and Flake8 to keep my codebase consistent. I also made sure to keep the code modular, so that it could be easily tested and maintained, without having to, once again, rewrite the entire system.

Looking back at Zencrypt's progress along the last few months, I have seen how the program grew from a simple offline and local CLI tool into something online, accessible, and more meaningful. I focused on merging traditional encryption methods with modern methods and technologies in order to create a platform that stays secure while still being easier to use. On another note, I was taught that good software design is about balancing simple and complex functionalities without breaking the UI/UX. In my case, I combined the reliability that Flask offers with React's clean UI, all while maintaining strong cryptographic foundations in the design.

I made sure every part of Zencrypt reflected showed that there was a thought process before and during the development, from the modular architecture that I used in my code to the length of my in depth documentation. In the end, my little hash generator CLI has been merged into something that can be looked at as more than just code and a website. Zencrypt has become a timestamped entry journal over the past several years that can be used to see how I approach software development with security in mind. Zencrypt is a testimony as to the way that I practice keeping a balance between security and usability, while still keeping the code clean and maintainabl

Zencrypt is a webapp that allows users to hash, encrypt, and decrypt text and files. The webapp runs on the Flask framework and is hosted at Here.

The web app is built for simplicity and ease of use, allowing users to hash, encrypt, and decrypt text and files effortlessly. Future updates will include PGP encryption, fully integrating the CLI scripts capabilities into the web app. The backend uses MongoDB for user authentication, session management, and securely storing encrypted metadata while keeping user inputs in plain text.

Zencrypt is a Flask-based web application focused on encryption, hashing, and secure file operations. The project aims to provide a seamless transition from the CLI experience to a web interface while maintaining strong security foundations.

• SHA256 hashing with optional salt values
• Fernet symmetric encryption for text
• AES-based file encryption with password protection
• PGP asymmetric encryption with key management
• User authentication with JWT tokens
• Secure key storage in dedicated directory
• SQLite database with encrypted storage

To install Zencrypt, you will need to follow these steps:

1. Clone the repository or download the source code with the command:
   git clone https://github.com/ryanshatch/Zencrypt.git.
2. Navigate to the project directory with the command: cd Zencrypt.
3. First, you will need to install Python 3.7 or higher. You can download Python from the official website: https://www.python.org/downloads/.
4. Next, you will need to install pip, the Python package manager. You can install pip by following the instructions on the official website: https://pip.pypa.io/en/stable/installation/.
5. Once you have installed Python and pip, you can create a virtual environment with the command: python -m venv venv.
6. Activate the virtual environment with the command: source venv/bin/activate on Linux or venv\Scripts\activate on Windows.
7. Install the required dependencies with the command: pip install -r requirements.txt.

To use the webapp, you will need to follow these steps:

1. Run the webapp with the command: python webapp.py.
2. Open a web browser and navigate to http://localhost:5000.
3. Use the webapp to hash, encrypt, and decrypt text and files.

PGP Functionality: Users and how it ties with their email within the PGP functionality to lookup the public key of the recipient within the database for encryption/ decryption.

The process is:

User enters recipient's email System looks up that user in the database Gets that user's public PGP key Uses that public key to encrypt the message This follows the standard PGP encryption workflow where:

Messages are encrypted using the recipient's public key Only the recipient can decrypt it using their private key No actual emails are sent - it's just used as an identifier to find the right public key Think of it like a mailbox system - you need someone's address (email) to look up their mailbox (public key) to send them an encrypted message.

In your code, the "Recipient's email" is not used for sending emails - it's used to look up the recipient's PGP public key in the database for encryption. Here's how it works:

@app.route('/pgp/encrypt', methods=['POST'])
def pgp_encrypt():
    if not session.get('user_id'):
        return redirect(url_for('login'))

    message = request.form.get('message')
    recipient_email = request.form.get('recipient_email')
    
    try:
        # Right here it looks up the recipient user by their email
        recipient = User.query.filter_by(email=recipient_email).first()
        if not recipient:
            return "Recipient not found", 404
            
        # Get recipient's public key from database    
        recipient_key = PGPKey.query.filter_by(user_id=recipient.id, active=True).first()
        if not recipient_key:
            return "Recipient has no active PGP key", 400
            
        # Use recipient's public key to encrypt the message
        encrypted = pgp_encrypt_message(message, recipient_key.public_key)
        return render_template_string(APP_TEMPLATE,
            content="Encrypted message:<br><textarea readonly>%s</textarea>" % encrypted)
    except Exception as e:
        return f"Error encrypting message: {str(e)}", 500

The process I am using is:

1. The user will enter the recipients email enters recipient's email
2. The System looks for that user in the database using the email as the unique identifier
3. Gets that user's public PGP key from the database
4. Uses that public key stored in the database to encrypt the message

This follows the standard PGP encryption workflow where:

• Messages are encrypted using the recipient's public key
• Only the recipient can decrypt things using their private key
• No actual emails are sent, so the email is just used as an identifier to find the right public key

To generate your own secure encryption keys, you can use the following methods:

For a Unix-based terminal you can run this command:

openssl rand -base64 32

Using python to generate a new key:

import os, base64
key = base64.b64encode(os.urandom(32)).decode('utf-8')
print(key)

For JavaScript environments, you can generate a new key by running:

const crypto = require('crypto');
const key = crypto.randomBytes(32).toString('base64');
console.log(key);

These methods will randomly generate a 256-bit key and format it as a Base64 string.

<=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=>

This script is provided for educational and demonstration purposes only.
Use it responsibly and please adhere to all applicable laws and regulations.

I am absolutely immune from any responsibility in regaurds to any damages or loss of data caused by the
use, abuse, or misuse of this software.

<=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=> <=>

This software is the property of the copyright holder and is protected by copyright laws. All rights are reserved. The copyright holder grants no implied or express license for the use, copying, modification, distribution, or reproduction of this software, in whole or in part, without the prior written permission of the copyright holder.

Any unauthorized use, copying, modification, distribution, or reproduction of this software, in whole or in part, is strictly prohibited and constitutes a violation of copyright law. Such unauthorized use may result in civil and/or criminal penalties, including but not limited to legal action and monetary damages.

To obtain permission for any use, copying, modification, distribution, or reproduction of this software, please contact the copyright holder at the following address: ryanshatch@gmail.com

By using this software, you acknowledge that you have read and understood the terms of this license and agree to comply with all applicable copyright laws.
Failure to abide by the terms of this license may subject you to legal consequences.

For any inquiries or suggestions, please contact me at ryanshatch@gmail.com.