anyhide 0.13.0

Hide any data in any file(s) - steganography tool with hybrid encryption and plausible deniability
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353

# Anyhide - Architecture & Development Guide

This document provides technical documentation for developers working on Anyhide.

## Project Structure

```
anyhide/
├── src/
│   ├── main.rs              # CLI entry point, clap parsing
│   ├── lib.rs               # Public re-exports, version constants
│   │
│   ├── commands/            # CLI command implementations (Strategy pattern)
│   │   ├── mod.rs           # CommandExecutor trait definition
│   │   ├── keygen.rs        # Key pair generation command
│   │   ├── encode.rs        # Message/file encoding command
│   │   ├── decode.rs        # Message/file decoding command
│   │   ├── multi_encrypt.rs # Multi-recipient encryption
│   │   ├── multi_decrypt.rs # Multi-recipient decryption
│   │   ├── qr_generate.rs   # QR code generation
│   │   ├── qr_read.rs       # QR code reading
│   │   ├── qr_info.rs       # QR capacity analysis
│   │   └── update.rs        # Self-update command
│   │
│   ├── crypto/              # Cryptographic primitives
│   │   ├── mod.rs           # Hybrid encryption with forward secrecy
│   │   ├── keys.rs          # X25519 + Ed25519 key generation, PEM format
│   │   ├── asymmetric.rs    # X25519 + ChaCha20-Poly1305 encryption
│   │   ├── symmetric.rs     # Passphrase-based encryption (HKDF + ChaCha20)
│   │   ├── signing.rs       # Ed25519 digital signatures
│   │   ├── compression.rs   # DEFLATE message compression
│   │   ├── multi_recipient.rs # Multi-recipient encryption scheme
│   │   └── ephemeral_store.rs # Contact key management for ratchet
│   │
│   ├── text/                # Text and carrier processing
│   │   ├── mod.rs           # Module exports
│   │   ├── carrier.rs       # Universal carrier abstraction (text/binary)
│   │   ├── fragment.rs      # Adaptive message fragmentation
│   │   ├── tokenize.rs      # Carrier search utilities
│   │   ├── permute.rs       # Carrier permutation, distributed selection
│   │   ├── padding.rs       # Block padding (256-char blocks)
│   │   └── suffix_array.rs  # O(m·log n) substring search
│   │
│   ├── qr/                  # QR code support
│   │   ├── mod.rs           # Base45 encoding for QR codes
│   │   ├── generator.rs     # QR code generation (PNG/SVG/ASCII)
│   │   └── reader.rs        # QR code reading and decoding
│   │
│   ├── encoder.rs           # Encoding pipeline: fragment → find → pad → encrypt
│   └── decoder.rs           # Decoding pipeline: decrypt → extract (never fails)
│
├── tests/
│   └── integration_tests.rs # End-to-end tests
│
├── .github/
│   └── workflows/
│       └── release.yml      # CI/CD: build + publish on tag
│
├── Cargo.toml
├── LICENSE
├── README.md                # User manual
├── ARCHITECTURE.md          # This file
└── CHANGELOG.md             # Version history
```

## Design Patterns

### Strategy Pattern (Commands)

Each CLI command implements the `CommandExecutor` trait:

```rust
pub trait CommandExecutor {
    fn execute(&self) -> Result<()>;
}
```

This allows:
- Clean separation of concerns
- Easy addition of new commands
- Independent testing of each command
- Minimal `main.rs` (~90 lines)

### Never-Fail Decoder

The decoder **never returns an error**. Invalid inputs produce deterministic garbage:

```rust
// Always returns a result, never Err
fn decode(&self) -> DecodedMessage {
    // Wrong passphrase? Different fragmentation → garbage from carrier
    // Wrong carrier? Wrong positions → garbage
    // Invalid base64? Hash-derived garbage
}
```

This provides:
- Plausible deniability
- Anti-brute-force (no success/fail signal)
- Deterministic garbage (same wrong inputs = same output)

## Cryptographic Architecture

### Encryption Flow

```
Message → Compress → Sign (optional) → Symmetric Encrypt → Asymmetric Encrypt → Base64
```

1. **Compression**: DEFLATE (only if it reduces size)
2. **Signing**: Ed25519 signature of message hash (optional)
3. **Symmetric**: ChaCha20-Poly1305 with HKDF-derived key from passphrase
4. **Asymmetric**: X25519 ECDH + ChaCha20-Poly1305 with ephemeral keys

### Forward Secrecy

Each message uses an ephemeral X25519 keypair:

```rust
// Encrypt
let ephemeral = EphemeralSecret::random();
let shared = ephemeral.diffie_hellman(&recipient_public);
// Ciphertext includes ephemeral public key

// Decrypt
let shared = recipient_secret.diffie_hellman(&ephemeral_public);
```

### Forward Secrecy Ratchet

The ratchet provides key rotation per message:

```rust
// EncoderConfig with ratchet enabled
let config = EncoderConfig {
    ratchet: true,
    ..Default::default()
};

// Encode generates next keypair
let result = encode_with_config(..., &config);
// result.next_keypair contains the next public/private key pair

// EncodedData includes next_public_key
struct EncodedData {
    next_public_key: Option<Vec<u8>>,  // 32 bytes X25519 public key
    // ...
}
```

Ratchet workflow:
1. Alice encodes with `--ratchet`, generates next keypair
2. Message includes Alice's next public key (encrypted)
3. Bob decodes, receives `next_public_key` for reply
4. Bob uses that key for his reply
5. Keys rotate with each message exchange

Key types distinguished by PEM headers:
- `ANYHIDE PUBLIC KEY` / `ANYHIDE PRIVATE KEY` - Static keys
- `ANYHIDE EPHEMERAL PUBLIC KEY` / `ANYHIDE EPHEMERAL PRIVATE KEY` - Rotating keys

### Ephemeral Key Storage Formats

Three storage formats for managing contacts and their ephemeral keys:

**1. Individual PEM files** (`.pub`, `.key`)
- Standard PEM format with EPHEMERAL headers
- One file per key, like long-term keys
- Best for: simple CLI usage, single contact

**2. Separate consolidated JSON** (`.eph.key`, `.eph.pub`)
- JSON with contact → key mapping
- Separate files for private and public keys
- Best for: multiple contacts, security separation

```json
// .eph.key format
{
  "version": 1,
  "contacts": {
    "bob": { "key": "base64..." },
    "alice": { "key": "base64..." }
  }
}
```

**3. Unified JSON** (`.eph`)
- Single file with both keys per contact
- `my_private`: your key for this contact
- `their_public`: contact's current public key
- Best for: chat applications, automated ratchet

```json
// .eph format
{
  "version": 1,
  "contacts": {
    "bob": {
      "my_private": "base64...",
      "their_public": "base64..."
    }
  }
}
```

### Key Derivation

All key derivation uses HKDF-SHA256 with domain-specific salts:

```rust
const HKDF_INFO: &[u8] = b"KAMO-V3-SYMMETRIC";  // Legacy salt (DO NOT CHANGE)
const HKDF_SALT: &[u8] = b"KAMO-V3-SALT-2024";  // Legacy salt (DO NOT CHANGE)
```

**Important**: Cryptographic salts use the legacy "KAMO" prefix for backwards compatibility. Do not change these values.

### Key Format (PEM)

```
# Static keys (long-term)
-----BEGIN ANYHIDE PUBLIC KEY-----
[base64 of 32 bytes X25519 public key]
-----END ANYHIDE PUBLIC KEY-----

-----BEGIN ANYHIDE PRIVATE KEY-----
[base64 of 32 bytes X25519 secret key]
-----END ANYHIDE PRIVATE KEY-----

# Signing keys
-----BEGIN ANYHIDE SIGNING PUBLIC KEY-----
[base64 of 32 bytes Ed25519 public key]
-----END ANYHIDE SIGNING PUBLIC KEY-----

-----BEGIN ANYHIDE SIGNING KEY-----
[base64 of 32 bytes Ed25519 secret key]
-----END ANYHIDE SIGNING KEY-----

# Ephemeral keys (for ratchet)
-----BEGIN ANYHIDE EPHEMERAL PUBLIC KEY-----
[base64 of 32 bytes X25519 public key]
-----END ANYHIDE EPHEMERAL PUBLIC KEY-----

-----BEGIN ANYHIDE EPHEMERAL PRIVATE KEY-----
[base64 of 32 bytes X25519 secret key]
-----END ANYHIDE EPHEMERAL PRIVATE KEY-----
```

## Encoding Pipeline

### Fragment Generation

Messages are fragmented based on passphrase-derived sizes:

```rust
// HKDF derives fragment sizes from passphrase
let sizes = derive_fragment_sizes(passphrase, message_len);
// e.g., "hello world" → ["hel", "lo", " ", "wor", "ld"]
```

### Position Selection

Fragments are found as substrings (text) or byte sequences (binary):

```rust
// Text carrier: case-insensitive substring search
"ama" found in "Amanda" at position 2

// Binary carrier: exact byte sequence match
[0x48, 0x65] found at position 1024
```

Multiple occurrences use distributed selection (passphrase-based randomization).

### Block Padding

Messages are padded to 256-character blocks with random carrier substrings:

```rust
const BLOCK_SIZE: usize = 256;
const MIN_SIZE: usize = 64;

// "hello" (5 chars) → padded to 256 chars with carrier fragments
```

## Building & Testing

```bash
# Development
cargo build
cargo test
cargo clippy

# Release
cargo build --release

# Run specific test
cargo test test_encode_decode_roundtrip

# Generate docs
cargo doc --open
```

## Code Quality Standards

All code follows SOLID principles:

- **Single Responsibility**: Each module handles one concern
- **Open/Closed**: Extensible through traits (`CommandExecutor`, `Carrier`)
- **Liskov Substitution**: Text and Binary carriers are interchangeable
- **Interface Segregation**: Small, focused traits
- **Dependency Inversion**: Core logic uses abstractions, not concretions

## Adding a New Command

1. Create `src/commands/newcmd.rs`:

```rust
use clap::Args;
use super::CommandExecutor;

#[derive(Args, Debug)]
pub struct NewCommand {
    #[arg(short, long)]
    pub option: String,
}

impl CommandExecutor for NewCommand {
    fn execute(&self) -> Result<()> {
        // Implementation
        Ok(())
    }
}
```

2. Add to `src/commands/mod.rs`:

```rust
mod newcmd;
pub use newcmd::NewCommand;
```

3. Add to `src/main.rs` enum and match.

## CI/CD Pipeline

On tag push (`v*`):
1. Build for 5 platforms (Linux x86_64/aarch64, macOS x86_64/aarch64, Windows)
2. Create GitHub Release with binaries
3. Publish to crates.io

## Version History

See [CHANGELOG.md](CHANGELOG.md) for detailed version history.