I have a problem with encrypting a string.
I have the command to encrypt a file using OpenSSL.
But I wanted to know the encrypt the string not the File.
The command for encrypting a file is:
system("openssl des3 -e -nosalt -in %s -out %s -k %s > /tmp/sys; cat /tmp/sys", src, dest, key);
where src and dest are the two file names.
what are the options available with OPEN SSL.
In above in and out are options for encrypting a text file.
I need the option to encrypting character array variable.
As pointed out on another question (by someone who dug through the code more than I did):
https://opensource.conformal.com/viewgit/?a=viewblob&p=cyphertite&h=899259f8ba145c11087088ec83153db524031800&hb=6782c6839d847fbed0aed8c55917e78b5684110f&f=cyphertite/ct_crypto.c
has the code you need to use OpenSSL natively to perform encryption/decryption in your app.
Happy hacking!
Related
Hi I am wondering what to do when decrypting an encrypted file that does not know the original extension while studying aes ctr encryption from this link at https://www.gurutechnologies.net/blog/aes-ctr-encryption-in-c/ To
Thank you in advance.
The "classic" UNIX way (as done by compress, gzip, bzip2, xz, ...) is to keep the original file name and append (not replace) your own extension, so if you encrypt the file foo.txt, you'll output - say - a foo.txt.enc file. When decrypting, just remove the .enc extension.
You can use the Linux file command to see what a file may contain and append the extension manually.
If you're running windows, a quick google search showed that TrID has similar functionality.
i have to create an aes-256 key and store it in a .pem file. I am using RAND_bytes() to simply create a 256 bit random key. After this how can i save this to a pem file.
I have looked at Reading and writing rsa keys to a pem file in C and openssl pem. But i am not working with RSA keys.
I suspect my task is much simpler like create pem from base64 but not much help.
PS: This key will be used to encrypt a self signed digital certificate.
EDIT: looking around more i found that i could use bio to covert to pem, something likePEM_write_bio_PrivateKey but it takes EVP_PKEY format as argument. So how can i convert char buf to EVP_PKEY. i found d2i_PublicKey but it involves RSA and am unsure how RSA would fit into picture here.
AES key is just a random byte array. You can simple store the bytes in a file without any structure.
You can convert aes key to .pem by using PEMWriter class of bouncyCastle library.
http://www.bouncycastle.org/documentation.html
I am decrypting a gpg file using a batch file with the below code.
gpg.exe --output test.csv --batch --passphrase-fd 0 --decrypt WSB330TJ.CSTDJIDF.TXT.asc.14.04.22_00.59.gpg
Although it does Decrypt the file but I have to enter the passphrase manually.
How can I improve it so that it automatically pick the passphrase and decrypt the file without any manual intervention?
What should I add here?
You tell GnuPG to read the passphrase from stdin by using --passphrase-fd 0. There are different options to read the passphrase, from man gpg:
--passphrase-fd n
Read the passphrase from file descriptor n. Only the first line
will be read from file descriptor n. If you use 0 for n, the
passphrase will be read from STDIN. This can only be used if only
one passphrase is supplied.
--passphrase-file file
Read the passphrase from file file. Only the first line will be
read from file file. This can only be used if only one passphrase
is supplied. Obviously, a passphrase stored in a file is of ques-
tionable security if other users can read this file. Don't use this
option if you can avoid it.
--passphrase string
Use string as the passphrase. This can only be used if only one
passphrase is supplied. Obviously, this is of very questionable
security on a multi-user system. Don't use this option if you can
avoid it.
If you use GnuPG 2, remember to use --batch, otherwise the passphrase options will be ignored.
If you stored the passphrase in a file, use --passphrase-file password.txt, if you want to pass it as a string use --passphrase "f00b4r" (both times using appropriate parameter values, of course).
#Thierry noted in the comments that (especially when using Windows) make sure to end the file with a UNIX line feed (\n / LN) instead of a Windows line feed + carriage return (\n\r / LNRF).
For myself I had to do *gpg --batch --passphrase "MyPassword" --decrypt-files C:\PGPFiles\\\*.pgp*. Doing it with --passphrase not before --decrypt-files would always prompt me for the password. Also as Thierry said when I was using a password file I had to use Notepad++ to convert to unix style (Edit->EOL->Unix/OSX Format)
Try this:
gpg2 -se --passphrase yourpassword --batch --yes -r user#mydomain.com filename
I need to use both compression and encryption in a project. There are two programs in the project.
In the first program, an ascii text file is first compressed and then encrypted. Further operations follow on this encrypted version of the file. However, a second program in the project follows the reverse process i.e. first decrypts and then decompresses to get the original ascii text file.
I've implemented the encryption module (aes via openssl) and it works fine. But when i looked for compression options in linux, i found that gzip, zlib etc throw their own versions of the file i.e. filename.gz or some other extension, the contents of which are not purely ascii. (For instance, i see diamond shaped symbols when i view the output in the terminal) Beause of this, i'm unable to read the compressed file completely in my C program.
So in short, i require a compressed file which contains only ascii characters. Is this possible by any means?
Finally resolved the issue. The program is handling everything correctly.
On the sending side:
compression: gzip -c secret.txt -9 > compressed.txt.gz
encryption: openssl enc -aes-256-cbc -a -salt -in compressed.txt.gz -out encrypted.txt
The compression output (gz) is given as an input for encryption which outputs a text file. The resulting output is purely ascii.
On the receiving side:
decryption: openssl enc -d -aes-256-cbc -a -in decryptme.txt -out decrypted.txt.gz
decompression: gunzip -c decrypted.txt.gz > message.txt
You can add uuencode / uudecode filter in between compression and encryption -- or you might want to loosen the restriction of the compressed data to be in ascii form: options:
read binary data from you c-program.
(e.g. char buffer[256]; c=fread(buffer,1,256,stdin); )
convert the data to hexadecimal format
static char encrypted_file[]={ 0x01,0x6e, ... };
I have a text file that I have to sign with RSA private key and then append this signature and do an AES encryption over this "text file+signature".
For demonstration reasons I am testing such an encrypted file.
I am writing a simple program in C to do the following:
First do an RSA sign(1024 bit) on a text file.
Then append the signature to the text file
Then do an AES encryption over the file.
Then perform the AES decryption
Then remove the 128 byte signature from the file.
Then do an RSA verification of the original text file and the text file after decryption.
Here are my questions:
Is it a good idea to append a binary signature to a text file?
If no what is the general way this is done?
I tried a simple program to do the above but I always get one or two junk characters on AES decryption and therefore RSA verification fails.
Do please suggest.
an AES decrypt of such a file and then remove the 128 byte(1024 bit modulus) signature.
The ad-hoc standard for embedding crypto information in text files was introduced by Privacy Enhanced Mail some time ago: Basically the binary information is encoded in base-64 and appended to the text file along with a header line to identify the "snip" point for the added content.
Here is a sample of what it typically looks like (this chunk would be added to the end of the existing text file)
-----BEGIN PRIVACY-ENHANCED MESSAGE-----
Proc-Type: 4,ENCRYPTED
Content-Domain: RFC822
DEK-Info: DES-CBC,F8143EDE5960C597
Originator-ID-Symmetric: linn#zendia.enet.dec.com,,
Recipient-ID-Symmetric: linn#zendia.enet.dec.com,ptf-kmc,3
Key-Info: DES-ECB,RSA-MD2,9FD3AAD2F2691B9A,
B70665BB9BF7CBCDA60195DB94F727D3
Recipient-ID-Symmetric: pem-dev#tis.com,ptf-kmc,4
Key-Info: DES-ECB,RSA-MD2,161A3F75DC82EF26,
E2EF532C65CBCFF79F83A2658132DB47
LLrHB0eJzyhP+/fSStdW8okeEnv47jxe7SJ/iN72ohNcUk2jHEUSoH1nvNSIWL9M
8tEjmF/zxB+bATMtPjCUWbz8Lr9wloXIkjHUlBLpvXR0UrUzYbkNpk0agV2IzUpk
J6UiRRGcDSvzrsoK+oNvqu6z7Xs5Xfz5rDqUcMlK1Z6720dcBWGGsDLpTpSCnpot
dXd/H5LMDWnonNvPCwQUHt==
-----END PRIVACY-ENHANCED MESSAGE-----