The project uses a hybrid encryption approach. Files are encrypted with a symmetric Fernet key, which is then wrapped using the recipient's RSA public key. This ensures confidentiality by design, as the symmetric key is never in plaintext and can only be unwrapped by the intended recipient's private key.
An optional feature allows vendors to include a signed license token, which can be verified at decrypt time to enforce basic access rules (e.g., expiry). It's a simple, portable solution available via CLI or multi-arch Docker images.
Looking forward to your feedback and thoughts.
Link: https://github.com/stevef1uk/secure_packager.git