formseal-decrypt 0.2.0__tar.gz

formseal_decrypt-0.2.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 useFormseal contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

formseal_decrypt-0.2.0/PKG-INFO

@@ -0,0 +1,150 @@
+Metadata-Version: 2.4
+Name: formseal-decrypt
+Version: 0.2.0
+Summary: CLI tool for decrypting formseal ciphertexts
+Author: grayguava
+License: MIT License
+        
+        Copyright (c) 2026 useFormseal contributors
+        
+        Permission is hereby granted, free of charge, to any person obtaining a copy
+        of this software and associated documentation files (the "Software"), to deal
+        in the Software without restriction, including without limitation the rights
+        to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+        copies of the Software, and to permit persons to whom the Software is
+        furnished to do so, subject to the following conditions:
+        
+        The above copyright notice and this permission notice shall be included in all
+        copies or substantial portions of the Software.
+        
+        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+        SOFTWARE.
+        
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: keyring>=25.0
+Requires-Dist: pynacl>=1.5.0
+Dynamic: license-file
+
+<p align="center">
+  <img src="fsd.png" alt="formseal-decrypt">
+</p>
+
+<p align="center">
+  <img src="https://img.shields.io/pypi/v/formseal-decrypt?style=flat&label=pypi&labelColor=1e293b&color=3776ab">
+  <img src="https://img.shields.io/github/actions/workflow/status/useFormseal/decrypt/publish.yml">
+  <img src="https://img.shields.io/badge/license-MIT-fc8181?style=flat&labelColor=1e293b">
+  <img src="https://img.shields.io/badge/formseal-ecosystem-10b981?style=flat&labelColor=1e293b">
+</p>
+
+<p align="center">
+  Decrypt formseal ciphertexts locally.
+</p>
+
+---
+
+formseal-decrypt decrypts form submissions downloaded by formseal-fetch. Nothing is decrypted in transit or on the server — only the holder of the private key can read submissions.
+
+formseal-decrypt is not a hosted service or dashboard. It is a CLI decryption utility.
+
+---
+
+## Installation
+
+**Via pipx (recommended)**
+
+```bash
+pipx install formseal-decrypt
+```
+
+**Via pip**
+
+```bash
+pip install formseal-decrypt
+```
+
+---
+
+## Quick start
+
+```bash
+fsd connect
+fsd decrypt
+fsd status
+```
+
+---
+
+## How it works
+
+```
+Browser (formseal-embed)
+       │
+       ▼ (encrypted submissions)
+ Your server / endpoint
+       │
+       ▼ (fsf fetch)
+ ciphertexts.jsonl ──► Your PC
+       │
+       ▼ (fsd decrypt)
+ formseal.decrypted.jsonl (or .json for pretty output)
+```
+
+Your backend stores opaque ciphertext only. `fsf fetch` downloads it. `fsd decrypt` decrypts it offline with your private key.
+
+---
+
+## Commands
+
+| Command | Description |
+|---------|-------------|
+| `fsd` | Show about / info |
+| `fsd connect` | Configure source, destination, private key, and format |
+| `fsd decrypt` | Decrypt ciphertexts |
+| `fsd status` | Show configuration |
+| `fsd disconnect` | Clear credentials |
+| `fsd disconnect --wipe` | Clear everything including messages |
+
+Run `fsd --help` for all options.
+
+---
+
+## Output Formats
+
+During `fsd connect`, you can choose the output format:
+
+- **JSON Lines** (`jsonl`) — One JSON object per line
+- **JSON** (`json`) — Pretty-printed JSON array
+
+---
+
+## Security
+
+Your private key never leaves your machine. formseal-decrypt:
+
+- Stores credentials in your OS keychain (Windows Credential Manager / macOS Keychain / Linux Secret Service)
+- Decrypts locally only
+- Sends no telemetry, has no analytics
+- Skips already-decrypted messages automatically
+
+---
+
+## Documentation
+
+- [SECURITY.md](./.github/SECURITY.md) — Security policy
+
+---
+
+Please star the repo if you find formseal-decrypt useful.
+
+---
+
+## License
+
+MIT

formseal_decrypt-0.2.0/README.md

@@ -0,0 +1,116 @@
+<p align="center">
+  <img src="fsd.png" alt="formseal-decrypt">
+</p>
+
+<p align="center">
+  <img src="https://img.shields.io/pypi/v/formseal-decrypt?style=flat&label=pypi&labelColor=1e293b&color=3776ab">
+  <img src="https://img.shields.io/github/actions/workflow/status/useFormseal/decrypt/publish.yml">
+  <img src="https://img.shields.io/badge/license-MIT-fc8181?style=flat&labelColor=1e293b">
+  <img src="https://img.shields.io/badge/formseal-ecosystem-10b981?style=flat&labelColor=1e293b">
+</p>
+
+<p align="center">
+  Decrypt formseal ciphertexts locally.
+</p>
+
+---
+
+formseal-decrypt decrypts form submissions downloaded by formseal-fetch. Nothing is decrypted in transit or on the server — only the holder of the private key can read submissions.
+
+formseal-decrypt is not a hosted service or dashboard. It is a CLI decryption utility.
+
+---
+
+## Installation
+
+**Via pipx (recommended)**
+
+```bash
+pipx install formseal-decrypt
+```
+
+**Via pip**
+
+```bash
+pip install formseal-decrypt
+```
+
+---
+
+## Quick start
+
+```bash
+fsd connect
+fsd decrypt
+fsd status
+```
+
+---
+
+## How it works
+
+```
+Browser (formseal-embed)
+       │
+       ▼ (encrypted submissions)
+ Your server / endpoint
+       │
+       ▼ (fsf fetch)
+ ciphertexts.jsonl ──► Your PC
+       │
+       ▼ (fsd decrypt)
+ formseal.decrypted.jsonl (or .json for pretty output)
+```
+
+Your backend stores opaque ciphertext only. `fsf fetch` downloads it. `fsd decrypt` decrypts it offline with your private key.
+
+---
+
+## Commands
+
+| Command | Description |
+|---------|-------------|
+| `fsd` | Show about / info |
+| `fsd connect` | Configure source, destination, private key, and format |
+| `fsd decrypt` | Decrypt ciphertexts |
+| `fsd status` | Show configuration |
+| `fsd disconnect` | Clear credentials |
+| `fsd disconnect --wipe` | Clear everything including messages |
+
+Run `fsd --help` for all options.
+
+---
+
+## Output Formats
+
+During `fsd connect`, you can choose the output format:
+
+- **JSON Lines** (`jsonl`) — One JSON object per line
+- **JSON** (`json`) — Pretty-printed JSON array
+
+---
+
+## Security
+
+Your private key never leaves your machine. formseal-decrypt:
+
+- Stores credentials in your OS keychain (Windows Credential Manager / macOS Keychain / Linux Secret Service)
+- Decrypts locally only
+- Sends no telemetry, has no analytics
+- Skips already-decrypted messages automatically
+
+---
+
+## Documentation
+
+- [SECURITY.md](./.github/SECURITY.md) — Security policy
+
+---
+
+Please star the repo if you find formseal-decrypt useful.
+
+---
+
+## License
+
+MIT

formseal_decrypt-0.2.0/formseal_decrypt.egg-info/PKG-INFO

@@ -0,0 +1,150 @@
+Metadata-Version: 2.4
+Name: formseal-decrypt
+Version: 0.2.0
+Summary: CLI tool for decrypting formseal ciphertexts
+Author: grayguava
+License: MIT License
+        
+        Copyright (c) 2026 useFormseal contributors
+        
+        Permission is hereby granted, free of charge, to any person obtaining a copy
+        of this software and associated documentation files (the "Software"), to deal
+        in the Software without restriction, including without limitation the rights
+        to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+        copies of the Software, and to permit persons to whom the Software is
+        furnished to do so, subject to the following conditions:
+        
+        The above copyright notice and this permission notice shall be included in all
+        copies or substantial portions of the Software.
+        
+        THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+        IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+        FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+        AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+        LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+        OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+        SOFTWARE.
+        
+Requires-Python: >=3.8
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: keyring>=25.0
+Requires-Dist: pynacl>=1.5.0
+Dynamic: license-file
+
+<p align="center">
+  <img src="fsd.png" alt="formseal-decrypt">
+</p>
+
+<p align="center">
+  <img src="https://img.shields.io/pypi/v/formseal-decrypt?style=flat&label=pypi&labelColor=1e293b&color=3776ab">
+  <img src="https://img.shields.io/github/actions/workflow/status/useFormseal/decrypt/publish.yml">
+  <img src="https://img.shields.io/badge/license-MIT-fc8181?style=flat&labelColor=1e293b">
+  <img src="https://img.shields.io/badge/formseal-ecosystem-10b981?style=flat&labelColor=1e293b">
+</p>
+
+<p align="center">
+  Decrypt formseal ciphertexts locally.
+</p>
+
+---
+
+formseal-decrypt decrypts form submissions downloaded by formseal-fetch. Nothing is decrypted in transit or on the server — only the holder of the private key can read submissions.
+
+formseal-decrypt is not a hosted service or dashboard. It is a CLI decryption utility.
+
+---
+
+## Installation
+
+**Via pipx (recommended)**
+
+```bash
+pipx install formseal-decrypt
+```
+
+**Via pip**
+
+```bash
+pip install formseal-decrypt
+```
+
+---
+
+## Quick start
+
+```bash
+fsd connect
+fsd decrypt
+fsd status
+```
+
+---
+
+## How it works
+
+```
+Browser (formseal-embed)
+       │
+       ▼ (encrypted submissions)
+ Your server / endpoint
+       │
+       ▼ (fsf fetch)
+ ciphertexts.jsonl ──► Your PC
+       │
+       ▼ (fsd decrypt)
+ formseal.decrypted.jsonl (or .json for pretty output)
+```
+
+Your backend stores opaque ciphertext only. `fsf fetch` downloads it. `fsd decrypt` decrypts it offline with your private key.
+
+---
+
+## Commands
+
+| Command | Description |
+|---------|-------------|
+| `fsd` | Show about / info |
+| `fsd connect` | Configure source, destination, private key, and format |
+| `fsd decrypt` | Decrypt ciphertexts |
+| `fsd status` | Show configuration |
+| `fsd disconnect` | Clear credentials |
+| `fsd disconnect --wipe` | Clear everything including messages |
+
+Run `fsd --help` for all options.
+
+---
+
+## Output Formats
+
+During `fsd connect`, you can choose the output format:
+
+- **JSON Lines** (`jsonl`) — One JSON object per line
+- **JSON** (`json`) — Pretty-printed JSON array
+
+---
+
+## Security
+
+Your private key never leaves your machine. formseal-decrypt:
+
+- Stores credentials in your OS keychain (Windows Credential Manager / macOS Keychain / Linux Secret Service)
+- Decrypts locally only
+- Sends no telemetry, has no analytics
+- Skips already-decrypted messages automatically
+
+---
+
+## Documentation
+
+- [SECURITY.md](./.github/SECURITY.md) — Security policy
+
+---
+
+Please star the repo if you find formseal-decrypt useful.
+
+---
+
+## License
+
+MIT

formseal_decrypt-0.2.0/formseal_decrypt.egg-info/SOURCES.txt

@@ -0,0 +1,26 @@
+LICENSE
+README.md
+pyproject.toml
+formseal_decrypt.egg-info/PKG-INFO
+formseal_decrypt.egg-info/SOURCES.txt
+formseal_decrypt.egg-info/dependency_links.txt
+formseal_decrypt.egg-info/entry_points.txt
+formseal_decrypt.egg-info/requires.txt
+formseal_decrypt.egg-info/top_level.txt
+fsd/cmd.py
+fsd/fsd.py
+fsd/commands/config/config.py
+fsd/commands/connect/connect.py
+fsd/commands/decrypt/decrypt.py
+fsd/commands/general/about.py
+fsd/commands/general/help.py
+fsd/commands/general/version.py
+fsd/formats/__init__.py
+fsd/formats/formatter.py
+fsd/formats/json.py
+fsd/formats/jsonl.py
+fsd/security/keys.py
+fsd/ui/__init__.py
+fsd/ui/bodies.py
+fsd/ui/headers.py
+fsd/ui/styles.py

formseal_decrypt-0.2.0/formseal_decrypt.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

formseal_decrypt-0.2.0/formseal_decrypt.egg-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+fsd = fsd.fsd:main

formseal_decrypt-0.2.0/formseal_decrypt.egg-info/requires.txt

@@ -0,0 +1,2 @@
+keyring>=25.0
+pynacl>=1.5.0

formseal_decrypt-0.2.0/formseal_decrypt.egg-info/top_level.txt

@@ -0,0 +1 @@
+fsd

formseal_decrypt-0.2.0/fsd/cmd.py

@@ -0,0 +1,14 @@
+# fsd/cmd.py
+# Command registry
+
+from fsd.commands.config.config import run_status, run_disconnect
+from fsd.commands.connect.connect import run as run_connect
+from fsd.commands.decrypt.decrypt import run as run_decrypt
+
+
+COMMANDS = {
+    "connect": ("Configure source, destination, and private key", lambda a: run_connect(a)),
+    "decrypt": ("Decrypt ciphertexts", lambda a: run_decrypt(a)),
+    "status": ("Show configuration status", lambda a: run_status()),
+    "disconnect": ("Clear all credentials", lambda a: run_disconnect(a)),
+}

formseal_decrypt-0.2.0/fsd/commands/config/config.py

@@ -0,0 +1,117 @@
+# commands/config/config.py
+# Config management
+
+import json
+import sys
+from pathlib import Path
+
+from fsd.ui import br, fail, ok, info, warn, G, W, D, C, Y, R, HEAD, header
+from fsd.security import keys
+from fsd.formats import FORMATTERS
+
+
+CONFIG_DIR = Path.home() / ".config" / "formseal-decrypt"
+CONFIG_FILE = CONFIG_DIR / "config.json"
+
+
+def load_config():
+    CONFIG_DIR.mkdir(parents=True, exist_ok=True)
+    if CONFIG_FILE.exists():
+        return json.loads(CONFIG_FILE.read_text())
+    return {}
+
+
+def save_config(cfg):
+    CONFIG_DIR.mkdir(parents=True, exist_ok=True)
+    CONFIG_FILE.write_text(json.dumps(cfg, indent=2))
+
+
+def get_token():
+    pass
+
+
+def get_namespace():
+    pass
+
+
+def run_status():
+    cfg = load_config()
+
+    br()
+    header()
+    br()
+
+    print(f"  {D}Configuration Status:{R}")
+    br()
+
+    source = cfg.get("source")
+    if not source:
+        warn("Not configured. Run: fsd connect")
+        br()
+        return
+
+    def row(label, value, color=W):
+        print(f"  {D}{label:<26}{R}{color}{value}{R}")
+
+    row("Source:", source)
+
+    destination = cfg.get("destination")
+    row("Destination:", destination or "(not set)", W if destination else D)
+
+    output_format = cfg.get("format", "jsonl")
+    formatter = FORMATTERS.get(output_format)
+    format_display = formatter.name if formatter else output_format
+    row("Format:", format_display, G)
+
+    private_key = keys.load_private_key()
+    if private_key:
+        row("Private Key:", keys.private_key_location(), G)
+    else:
+        row("Private Key:", "Not set", D)
+
+    br()
+
+
+def run_disconnect(args=None):
+    args = args or []
+    wipe = "--wipe" in args
+
+    if wipe:
+        br()
+        print(f"{Y}THIS WILL DELETE EVERYTHING.{R}")
+        print(f"Config, private key, AND decrypted messages will be deleted.")
+    else:
+        br()
+        print(f"{Y}This will delete config and private key.{R}")
+        print(f"Decrypted messages will NOT be affected.")
+    br()
+    sys.stdout.write(f"  Continue? [y/N]: ")
+    sys.stdout.flush()
+    confirm = input().strip().lower()
+
+    if confirm != "y":
+        br()
+        info("Cancelled.")
+        br()
+        return
+
+    cfg = load_config()
+
+    if wipe:
+        destination = cfg.get("destination")
+        if destination:
+            dest_path = Path(destination)
+            if dest_path.exists():
+                dest_path.unlink()
+
+    if CONFIG_FILE.exists():
+        CONFIG_FILE.unlink()
+
+    keys.clear_all()
+
+    br()
+    if wipe:
+        ok("Disconnected. Everything wiped.")
+    else:
+        ok("Disconnected. Config and private key cleared.")
+    br()

formseal_decrypt-0.2.0/fsd/commands/connect/connect.py

@@ -0,0 +1,122 @@
+# Connect command
+
+import sys
+from pathlib import Path
+
+from fsd.ui import br, fail, ok, info, warn, G, W, D, C, Y, O, R, HEAD, OK, header
+from fsd.commands.config.config import load_config, save_config
+from fsd.security import keys
+from fsd.formats import FORMATTERS, get_format_names
+
+
+def _parse_args(args):
+    parsed = {}
+    for arg in args:
+        if ":" not in arg:
+            continue
+        key, value = arg.split(":", 1)
+        parsed[key] = value
+    return parsed
+
+
+def run(args):
+    parsed = _parse_args(args)
+
+    cfg = load_config()
+    if cfg.get("source"):
+        fail(f"Already configured.\nRun 'fsd disconnect' first.")
+
+    print()
+    header("setup")
+    print()
+
+    cfg = load_config()
+
+    source = parsed.get("source")
+    if not source:
+        try:
+            sys.stdout.write(f"  Source File (ciphertexts): ")
+            sys.stdout.flush()
+            source = input().strip()
+            if not source:
+                fail("Source file is required")
+            if not source.endswith(".jsonl"):
+                source = source + ".jsonl"
+        except KeyboardInterrupt:
+            br()
+            info("Cancelled.")
+            br()
+            return
+
+    destination = parsed.get("destination")
+    if not destination:
+        try:
+            sys.stdout.write(f"  Destination Directory: ")
+            sys.stdout.flush()
+            destination = input().strip()
+            if not destination:
+                destination = "."
+        except KeyboardInterrupt:
+            br()
+            info("Cancelled.")
+            br()
+            return
+
+    available_formats = get_format_names()
+    output_format = parsed.get("format")
+    if not output_format:
+        try:
+            sys.stdout.write(f"  Output Format [{available_formats}]: ")
+            sys.stdout.flush()
+            output_format = input().strip()
+            if not output_format:
+                output_format = "jsonl"
+        except KeyboardInterrupt:
+            br()
+            info("Cancelled.")
+            br()
+            return
+
+    if output_format.lower() not in FORMATTERS:
+        fail(f"Invalid format: {output_format}. Available: {available_formats}")
+
+    output_format = output_format.lower()
+
+    private_key = parsed.get("private-key")
+    if not private_key:
+        try:
+            sys.stdout.write(f"  Private Key: ")
+            sys.stdout.flush()
+            private_key = input().strip()
+        except KeyboardInterrupt:
+            br()
+            info("Cancelled.")
+            br()
+            return
+
+    if not private_key:
+        fail("Private key is required")
+
+    source_path = Path(source).expanduser().resolve()
+    dest_dir = Path(destination).expanduser().resolve()
+
+    if not source_path.exists():
+        fail(f"Source file not found: {source}")
+
+    try:
+        dest_dir.mkdir(parents=True, exist_ok=True)
+    except Exception:
+        fail("Could not create destination directory. Check permissions.")
+
+    cfg["source"] = str(source_path)
+    cfg["destination"] = str(dest_dir)
+    cfg["format"] = output_format
+    save_config(cfg)
+
+    keys.save_private_key(private_key)
+
+    print()
+    print(f"{G}{OK}{R} Saved!")
+    print()
+    print(f"  Run {W}fsd decrypt{R} to decrypt messages")
+    print()

formseal_decrypt-0.2.0/fsd/commands/decrypt/decrypt.py

@@ -0,0 +1,117 @@
+# decrypt command
+
+import json
+from pathlib import Path
+
+import nacl.public
+import nacl.encoding
+
+from fsd.ui import br, fail, ok, info, warn, G, W, D, C, Y, R, HEAD, header
+from fsd.commands.config.config import load_config
+from fsd.security import keys
+from fsd.formats import get_formatter, get_extension
+
+
+def run(args):
+    cfg = load_config()
+
+    source = cfg.get("source")
+    if not source:
+        fail("Not configured. Run: fsd connect")
+
+    destination = cfg.get("destination")
+    if not destination:
+        fail("Destination not set. Run: fsd connect")
+
+    output_format = cfg.get("format", "jsonl")
+    formatter = get_formatter(output_format)
+
+    private_key = keys.load_private_key()
+    if not private_key:
+        fail("Private key not set. Run: fsd connect")
+
+    source_path = Path(source)
+    dest_dir = Path(destination)
+    ext = get_extension(output_format)
+    dest_path = dest_dir / f"formseal.decrypted.{ext}"
+
+    if not source_path.exists():
+        fail(f"Source file not found: {source}")
+
+    br()
+    header("decrypt")
+    br()
+
+    def row(label, value, color=W):
+        print(f"  {D}{label:<26}{R}{color}{value}{R}")
+
+    row("Source:", str(source_path))
+    row("Destination:", str(dest_path))
+    row("Format:", output_format)
+
+    br()
+
+    private_key_bytes = _decode_base64url(private_key)
+    if not private_key_bytes or len(private_key_bytes) != 32:
+        fail("Invalid private key. Must be 32-byte base64url.")
+
+    private_key_box = nacl.public.PrivateKey(private_key_bytes)
+
+    decrypted = []
+    failed = 0
+    total = 0
+
+    with open(source_path, "r", encoding="utf-8") as f:
+        for line in f:
+            line = line.strip()
+            if not line:
+                continue
+
+            total += 1
+            try:
+                decrypted_msg = _decrypt_line(line, private_key_box)
+                decrypted.append(decrypted_msg)
+            except Exception:
+                failed += 1
+
+    if decrypted:
+        formatter.write(decrypted, dest_path)
+
+    br()
+    row("Processed:", total, G)
+    row("Decrypted:", len(decrypted), G if len(decrypted) > 0 else D)
+    row("Failed:", failed, Y if failed > 0 else D)
+
+    if failed > 0:
+        br()
+        warn(f"Some messages could not be decrypted.")
+        warn(f"Check that the private key is correct.")
+
+    br()
+
+
+def _decode_base64url(b64url):
+    b64url = b64url.replace("-", "+").replace("_", "/")
+    pad = len(b64url) % 4
+    if pad:
+        b64url += "=" * (4 - pad)
+    try:
+        import base64
+        return base64.b64decode(b64url)
+    except Exception:
+        return None
+
+
+def _decrypt_line(line, private_key_box):
+    if not line.startswith("formseal."):
+        raise ValueError("Invalid format: missing formseal. prefix")
+
+    ciphertext_b64url = line[9:]
+    ciphertext_bytes = _decode_base64url(ciphertext_b64url)
+
+    if not ciphertext_bytes:
+        raise ValueError("Invalid ciphertext encoding")
+
+    sealed_box = nacl.public.SealedBox(private_key_box)
+    plaintext = sealed_box.decrypt(ciphertext_bytes, encoder=nacl.encoding.RawEncoder)
+    return json.loads(plaintext)

formseal_decrypt-0.2.0/fsd/commands/general/about.py

@@ -0,0 +1,19 @@
+# commands/general/about.py
+# About command - shows project info
+
+from fsd.ui import br, header, C, G, W, R
+
+
+def run():
+    br()
+    header()
+    br()
+
+    print(f"  {W}CLI for decrypting formseal ciphertexts{R}")
+    br()
+    print(f"  Part of the {C}formseal{R} ecosystem")
+    br()
+    print(f"  {G}License:      {R}  MIT")
+    print(f"  {G}Maintained by:{R}  grayguava")
+    print(f"  {G}Repository:   {R}  https://github.com/useFormseal/decrypt")
+    br()

formseal_decrypt-0.2.0/fsd/commands/general/help.py

@@ -0,0 +1,60 @@
+# commands/general/help.py
+# Help command - shows all available commands
+
+from fsd.ui import br, header, cmd_line, rule
+from fsd.ui.styles import C, G, R, W, GRAY
+
+
+def _get_help_groups():
+    return {
+        "Connect": [
+            ("fsd connect", "configure source, destination, and private key"),
+            ("fsd disconnect", "clear configuration"),
+            ("fsd disconnect --wipe", "clear everything including messages"),
+        ],
+        "Decrypt": [
+            ("fsd decrypt", "decrypt ciphertexts"),
+        ],
+        "Info": [
+            ("fsd status", "show configuration"),
+            ("fsd --version", "show version"),
+            ("fsd --aliases", "list shorthand flags"),
+        ],
+        "Docs": [
+            ("https://github.com/useFormseal/decrypt", None),
+        ],
+    }
+
+
+def _show_help():
+    groups = _get_help_groups()
+    br()
+    header()
+    br()
+
+    for group, cmds in groups.items():
+        print(f"  {GRAY}>> {group}{R}")
+        print(G + " " + "─" * 44 + R)
+        for cmd, desc in cmds:
+            if desc:
+                print(f"  {W}{cmd:<27}{R} {G}{desc}{R}")
+            else:
+                print(f"  {C}{cmd}{R}")
+        br()
+
+
+def run():
+    _show_help()
+
+
+def run_aliases():
+    br()
+    header("shorthand aliases")
+    br()
+
+    print(f" {W}Short{R}  {G}Canonical{R}")
+    print(G + " " + "─" * 44 + R)
+    print(f" {W}-s{R}     {G}status{R}")
+    print(f" {W}-c{R}     {G}connect{R}")
+    print(f" {W}-d{R}     {G}decrypt{R}")
+    br()

formseal_decrypt-0.2.0/fsd/commands/general/version.py

@@ -0,0 +1,7 @@
+# commands/general/version.py
+
+VERSION = "0.2.0"
+
+
+def run():
+    print(f"v{VERSION}")

formseal_decrypt-0.2.0/fsd/formats/__init__.py

@@ -0,0 +1,26 @@
+# formats/__init__.py
+
+from .formatter import Formatter
+from .jsonl import JsonlFormatter
+from .json import JsonFormatter
+
+FORMATTERS: dict[str, type[Formatter]] = {
+    "jsonl": JsonlFormatter,
+    "json": JsonFormatter,
+}
+
+
+def get_formatter(format_name: str) -> Formatter:
+    formatter_class = FORMATTERS.get(format_name)
+    if not formatter_class:
+        available = ", ".join(FORMATTERS.keys())
+        raise ValueError(f"Unknown format: {format_name}. Available: {available}")
+    return formatter_class()
+
+
+def get_format_names() -> str:
+    return ", ".join(f"{fmt.name} ({fmt})" for fmt in FORMATTERS.values())
+
+
+def get_extension(format_name: str) -> str:
+    return FORMATTERS[format_name].extension

formseal_decrypt-0.2.0/fsd/formats/formatter.py

@@ -0,0 +1,13 @@
+# formats/formatter.py
+
+from abc import ABC, abstractmethod
+from pathlib import Path
+
+
+class Formatter(ABC):
+    name: str = ""
+    extension: str = ""
+
+    @abstractmethod
+    def write(self, data: list[dict], path: Path):
+        pass

formseal_decrypt-0.2.0/fsd/formats/json.py

@@ -0,0 +1,15 @@
+# formats/json.py
+
+import json
+from pathlib import Path
+from .formatter import Formatter
+
+
+class JsonFormatter(Formatter):
+    name = "Pretty JSON"
+    extension = "json"
+
+    def write(self, data: list[dict], path: Path):
+        path.parent.mkdir(parents=True, exist_ok=True)
+        with open(path, "w", encoding="utf-8") as f:
+            json.dump(data, f, indent=2, ensure_ascii=False)

formseal_decrypt-0.2.0/fsd/formats/jsonl.py

@@ -0,0 +1,16 @@
+# formats/jsonl.py
+
+import json
+from pathlib import Path
+from .formatter import Formatter
+
+
+class JsonlFormatter(Formatter):
+    name = "JSON Lines"
+    extension = "jsonl"
+
+    def write(self, data: list[dict], path: Path):
+        path.parent.mkdir(parents=True, exist_ok=True)
+        with open(path, "w", encoding="utf-8") as f:
+            for msg in data:
+                f.write(json.dumps(msg, ensure_ascii=False) + "\n")

formseal_decrypt-0.2.0/fsd/fsd.py

@@ -0,0 +1,61 @@
+# Main entry point
+
+import sys
+import os
+from pathlib import Path
+
+script_dir = Path(__file__).absolute()
+project_root = script_dir.parent.parent
+sys.path.insert(0, str(project_root))
+os.chdir(project_root)
+
+from fsd.cmd import COMMANDS
+from fsd.general.aliases import resolve
+from fsd.general.errors import unknown_command, handle_interrupt, handle_exception
+
+from fsd.commands.general import about as cmd_about
+from fsd.commands.general import help as cmd_help
+from fsd.commands.general import version as cmd_version
+
+
+def main():
+    if len(sys.argv) < 2:
+        cmd_about.run()
+        return
+
+    args = resolve(sys.argv[1:])
+    cmd = args[0].lower()
+    cmd_args = args[1:]
+
+    if cmd == "--help":
+        cmd_help.run()
+        return
+
+    if cmd == "--about":
+        cmd_about.run()
+        return
+
+    if cmd == "--version":
+        cmd_version.run()
+        return
+
+    if cmd == "--aliases":
+        cmd_help.run_aliases()
+        return
+
+    if cmd not in COMMANDS:
+        unknown_command(cmd)
+
+    _, handler = COMMANDS[cmd]
+
+    try:
+        handler(cmd_args)
+    except KeyboardInterrupt:
+        handle_interrupt()
+        sys.exit(130)
+    except Exception as e:
+        handle_exception(e)
+
+
+if __name__ == "__main__":
+    main()

formseal_decrypt-0.2.0/fsd/security/keys.py

@@ -0,0 +1,104 @@
+# Credential storage (keyring + JSON fallback)
+
+import json
+import base64
+from pathlib import Path
+
+try:
+    import keyring
+    HAS_KEYRING = True
+except ImportError:
+    HAS_KEYRING = False
+
+SERVICE = "formseal-decrypt"
+
+CONFIG_DIR = Path.home() / ".config" / "formseal-decrypt"
+SECRETS_FILE = CONFIG_DIR / "secrets.json"
+
+
+def _ensure_config_dir():
+    CONFIG_DIR.mkdir(parents=True, exist_ok=True)
+
+
+def _load_secrets() -> dict:
+    if not SECRETS_FILE.exists():
+        return {}
+    try:
+        return json.loads(SECRETS_FILE.read_text())
+    except:
+        return {}
+
+
+def _save_secrets(secrets: dict):
+    if not secrets:
+        if SECRETS_FILE.exists():
+            SECRETS_FILE.unlink()
+        return
+    _ensure_config_dir()
+    SECRETS_FILE.write_text(json.dumps(secrets, indent=2))
+
+
+def save_private_key(private_key: str) -> bool:
+    """Save private key to OS keyring. Falls back to JSON if keyring fails."""
+    if HAS_KEYRING:
+        try:
+            keyring.set_password(SERVICE, "private-key", private_key)
+            return True
+        except Exception:
+            pass
+
+    secrets = _load_secrets()
+    secrets["private-key"] = base64.b64encode(private_key.encode()).decode()
+    _save_secrets(secrets)
+    return True
+
+
+def load_private_key() -> str | None:
+    """Load private key from OS keyring. Falls back to JSON if not in keyring."""
+    if HAS_KEYRING:
+        try:
+            key = keyring.get_password(SERVICE, "private-key")
+            if key:
+                return key
+        except Exception:
+            pass
+
+    secrets = _load_secrets()
+    encoded = secrets.get("private-key")
+    if encoded:
+        return base64.b64decode(encoded.encode()).decode().strip()
+    return None
+
+
+def delete_private_key():
+    """Delete private key from keyring."""
+    if HAS_KEYRING:
+        try:
+            keyring.delete_password(SERVICE, "private-key")
+            return
+        except Exception:
+            pass
+
+    secrets = _load_secrets()
+    secrets.pop("private-key", None)
+    _save_secrets(secrets)
+
+
+def private_key_location() -> str:
+    """Check where private key is stored."""
+    if HAS_KEYRING:
+        try:
+            if keyring.get_password(SERVICE, "private-key"):
+                return "OS Keychain"
+        except Exception:
+            pass
+
+    secrets = _load_secrets()
+    if "private-key" in secrets:
+        return "Config File"
+    return "Not set"
+
+
+def clear_all():
+    """Clear all secrets."""
+    delete_private_key()

formseal_decrypt-0.2.0/fsd/ui/__init__.py

@@ -0,0 +1,10 @@
+# ui/__init__.py
+# Re-export from styles and bodies
+
+from fsd.ui.styles import (
+    RESET, BOLD, DIM, RED, GREEN, YELLOW, BLUE, MAGENTA, CYAN, WHITE, GRAY,
+    O, S, G, C, Y, M, W, D, R, HEAD, OK, TICK, CROSS, ERR
+)
+
+from fsd.ui.bodies import br, badge, fail, row, cmd_line, code, link, ok, info, warn
+from fsd.ui.headers import header, rule

formseal_decrypt-0.2.0/fsd/ui/bodies.py

@@ -0,0 +1,50 @@
+# ui/bodies.py
+
+from fsd.ui.styles import C, D, G, O, R, S, W, Y, BOLD, RED
+
+
+def br():
+    print()
+
+
+def badge(label, color):
+    return f"{color}{BOLD} {label} {R}"
+
+
+def fail(msg):
+    br()
+    print(f"{badge('❌', RED)} {msg}")
+    br()
+    raise SystemExit(1)
+
+
+def row(icon, label, value):
+    pad   = 12
+    label = (label + " " * pad)[:pad]
+    print(f"{S}{icon}{R}  {D}{label}{R}  {W}{value}{R}")
+
+
+def cmd_line(command, desc):
+    pad     = 34
+    command = (command + " " * pad)[:pad]
+    print(f"  {W}{command}{R}{G}{desc}{R}")
+
+
+def code(msg):
+    print(f"  {O}{msg}{R}")
+
+
+def link(msg):
+    print(f"  {O}{msg}{R}")
+
+
+def ok(msg):
+    print(f"  {G}✨{R} {msg}")
+
+
+def info(msg):
+    print(f"  {O}{msg}{R}")
+
+
+def warn(msg):
+    print(f"{Y}⚠️ {R}{msg}")

formseal_decrypt-0.2.0/fsd/ui/headers.py

@@ -0,0 +1,16 @@
+# ui/headers.py
+# Header and rule functions
+
+from fsd.ui.styles import C, G, R, W, Y, HEAD
+
+
+def header(title=""):
+    if title:
+        print(f"{C} \u250c\u2500 {HEAD} {R}{W}formseal-decrypt{R}  {Y}{title}{R}")
+    else:
+        print(f"{C} \u250c\u2500 {HEAD} {R}{W}formseal-decrypt{R}")
+    print(G + " " + "\u2500" * 52 + R)
+
+
+def rule():
+    print(G + " " + "\u2500" * 52 + R)

formseal_decrypt-0.2.0/fsd/ui/styles.py

@@ -0,0 +1,45 @@
+# ui/styles.py
+
+import os
+import sys
+
+if os.name == "nt":
+    try:
+        os.system("chcp 65001 >nul")
+    except:
+        pass
+
+try:
+    sys.stdout.reconfigure(encoding="utf-8")
+    sys.stderr.reconfigure(encoding="utf-8")
+except:
+    pass
+
+RESET  = "\x1b[0m"
+BOLD   = "\x1b[1m"
+DIM    = "\x1b[2m"
+
+RED    = "\x1b[31m"
+GREEN  = "\x1b[32m"
+YELLOW = "\x1b[33m"
+BLUE   = "\x1b[34m"
+MAGENTA= "\x1b[35m"
+CYAN   = "\x1b[36m"
+WHITE  = "\x1b[37m"
+GRAY   = "\x1b[90m"
+
+O = "\x1b[38;5;208m"
+S = "\x1b[38;5;112m"
+G = "\x1b[38;5;244m"
+C = "\x1b[38;5;108m"
+Y = "\x1b[38;5;103m"
+M = "\x1b[38;5;141m"
+W = WHITE + BOLD
+D = DIM
+R = RESET
+
+HEAD = "🙈"
+OK = "✨"
+TICK = "✔️"
+CROSS = "❌"
+ERR = "😵‍💫"

formseal_decrypt-0.2.0/pyproject.toml

@@ -0,0 +1,34 @@
+[build-system]
+requires = ["setuptools>=65.0"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "formseal-decrypt"
+version = "0.2.0"
+description = "CLI tool for decrypting formseal ciphertexts"
+readme = "README.md"
+license = {file = "LICENSE"}
+requires-python = ">=3.8"
+authors = [
+    {name = "grayguava"}
+]
+dependencies = [
+    "keyring>=25.0",
+    "pynacl>=1.5.0",
+]
+
+[project.scripts]
+fsd = "fsd.fsd:main"
+
+[tool.setuptools]
+packages = [
+    "fsd",
+    "fsd.ui",
+    "fsd.commands",
+    "fsd.commands.general",
+    "fsd.commands.config",
+    "fsd.commands.connect",
+    "fsd.commands.decrypt",
+    "fsd.security",
+    "fsd.formats",
+]

formseal_decrypt-0.2.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+