• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Text file encryption
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Text file encryption

  • Subject: Re: Text file encryption
  • From: Bryan Blackburn <email@hidden>
  • Date: Sun, 15 Sep 2002 21:21:20 -0600
  • Mail-followup-to: email@hidden
The easiest thing would be to use the EVP_EncryptInit(),
EVP_EncryptUpdate(), and EVP_EncryptFinal() for encryption, and
EVP_DecryptInit(), EVP_DecryptUpdate(), EVP_DecryptFinal() for
decryption. These simply operate on data buffers passed to them, so
you can then write to disk after (or read from disk prior). They do
have manpages (man EVP_EncryptInit), believe it or not. One thing to beware,
Apple (at least on 10.1.5) doesn't ship the headers for OpenSSL, so you'd
have to grab them from openssl.org and put them someplace useful.

Here's a quick-and-dirty example demonstrating how to hash a passphrase
to encrypt a string (compile with 'cc -I /usr/local/ssl/include -lssl
-lcrypto -o executable file.c' where /usr/local/ssl/include is where I
have the OpenSSL includes):

// Begin
#include <stdio.h>
#include <unistd.h>
#include <fcntl.h>
#include <openssl/evp.h>

int main( void )
{
char *passphrase = "This would be the passphrase to protect everything";
char *dataToEncrypt = "This text will be encrypted and decrypted";
EVP_MD_CTX digestContext;
EVP_CIPHER_CTX cipherContext;
int digestLen, devrandom, prevLen;
unsigned char passphraseDigest[ EVP_MAX_MD_SIZE ];
unsigned char iv[ 8 ], encBuffer[ 92 ], decBuffer[ 92 ];
long encBufLen, decBufLen;

OpenSSL_add_all_algorithms();

EVP_DigestInit( &digestContext, EVP_sha1() );
EVP_DigestUpdate( &digestContext, passphrase, strlen( passphrase ) );
EVP_DigestFinal( &digestContext, passphraseDigest, &digestLen );

devrandom = open( "/dev/random", O_RDONLY, 0777 );
read( devrandom, iv, 8 );
close( devrandom );

encBufLen = decBufLen = 0;
EVP_EncryptInit( &cipherContext, EVP_bf_cbc(), NULL, iv );
EVP_CIPHER_CTX_set_key_length( &cipherContext, digestLen );
EVP_EncryptInit( &cipherContext, NULL, passphraseDigest, NULL );
EVP_EncryptUpdate( &cipherContext, encBuffer, &prevLen, dataToEncrypt,
strlen( dataToEncrypt ) + 1 );
encBufLen += prevLen;
EVP_EncryptFinal( &cipherContext, encBuffer + encBufLen, &prevLen );
encBufLen += prevLen;
EVP_CIPHER_CTX_cleanup( &cipherContext );

EVP_DecryptInit( &cipherContext, EVP_bf_cbc(), NULL, iv );
EVP_CIPHER_CTX_set_key_length( &cipherContext, digestLen );
EVP_DecryptInit( &cipherContext, NULL, passphraseDigest, NULL );
EVP_DecryptUpdate( &cipherContext, decBuffer, &prevLen, encBuffer,
encBufLen );
decBufLen += prevLen;
EVP_DecryptFinal( &cipherContext, decBuffer + decBufLen, &prevLen );
decBufLen += prevLen;
EVP_CIPHER_CTX_cleanup( &cipherContext );

EVP_cleanup();

printf( "Final string is \"%s\" (%ld)\n", decBuffer, decBufLen );

return 0;
}
// End

Bryan


On Sep 15, 2002 04:43, Dustin Voss stated:
> Thanks. I downloaded the OpenSSL material, but there seems to be a vast
> quantity of it, and virtually no clue anywhere on which bits of it would
> be useful to me, and little documentation on how to use any of it. I
> have a feeling my requirements are slightly unusual, in that I'm not
> planning to use encryption in network communications. Could you suggest
> how SSL might be used to encrypt a string (with style attributes) and
> save it to disk?
>
> On Saturday, September 14, 2002, at 06:07 pm, David Remahl wrote:
>
> >> Does anyone know of a good secure Cocoa method of encrypting text
> >> files?
> >> I'd like my app to be able to encrypt/decrypt collections of rtf files.
> >> At the moment I'm using a pretty rudimentary approach (which isn't
> >> encryption at all really), in which I take my collections of attributed
> >> strings and archive them as data objects. These are then put in a
> >> dictionary which is saved into a plist file. Good enough to thwart your
> >> average Joe User, but wouldn't fool anyone with any serious technical
> >> know-how longer than about ten seconds.
> >>
> >> I'd like a *proper* encryption method which would bar any attempt
> >> (short
> >> of cracking the reader app) to copy encrypted resource files out of the
> >> app bundle and read them. What I'm after, ideally, is a roll-my-ownable
> >> C or obj-C technique which I can write into my application rather
> >> than a
> >> piece of proprietary encryption software. Any advice?
> >
> > The services of OpenSSL <http://www.openssl.org/> are available to you.
> >
> > / Regards, David Remahl
> >
> >
> -Jeremy
>
> ========================================
> email@hidden // email@hidden
> The Alchemy Pages:
> - fractious fiction at http://freespace.virgin.net/jeremy.dronfield
> ========================================
_______________________________________________
cocoa-dev mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/cocoa-dev
Do not post admin requests to the list. They will be ignored.
  • Follow-Ups:
    • Re: Text file encryption
      • From: Kurt Revis <email@hidden>
  • Prev by Date: Re: showing a checkbox and a pulldown-menu in a NSTableView
  • Next by Date: How to use NSWorkspace's getFileSystemInfoForPath?
  • Previous by thread: UI: "Direct manipulation" is in conflict with "Forgiveness"
  • Next by thread: Re: Text file encryption
  • Index(es):
    • Date
    • Thread