Most examples involving using the OpenSSL libraries for symmetric encryption acts on buffers (sometimes loading whole files to memory before processing them).
That is a perfectly reasonable thing to do to keep the examples minimal. The tools presented in this page, instead, try to do a little step forward showing how to approach the problem of handling with OpenSSL files of arbitrary dimensions.
The provided tools are:
- ccaKeyGen, given a encryption algorithm C, generates a random key k of suitable size
- ccaEncrypt, given the path to a file pt (plaintext), a symmetric encryption algorithm C, a key k (generated running ccaKeyGen for C), and a hashing algorithm md, outputs a file ct (ciphertext) which is ct = C(pt,k)||HMAC(C(pt,k),md)
- ccaDecrypt, given the path to a file ct
(ciphertext) obtained running ccaEncrypt, a suitable key k
and a hashing algorithm md,
- calculates HMAC(C(pt,k),md), where C(pt,k) is the first part of the ciphtertext ct
- if the calculated value matches the HMAC stored at the end of ct, it considers the file authentic, and so proceeds with the decryption, otherwise it gives an error
Source code is available for download:
source code archive