Passphrase-Protecting a File

[QuadraticFighte]

My question: How can one programmatically passphrase-protect a file? I know that we can do it with PGP and other cryptography software, but how does it actually work? I don't really care about what programming language or algorithm to use. I am just looking for commonly-used processes. (Do we SHA512 the passphrase and use that as part of an asymmetric key-pair and then encrypt our files that way? That kind of thing.)

What I have done to try and answer my question: Google results just tell me how to use openssl/pgp/etc/etc on the command line. Searching this forum has not turned up anything I am looking for. I am not interested in how to use openssl to do it. I'm interested in how to use something like libssl to do it.

[laserlight]

* Moved to Tech Board *

A direct approach: encrypt the file. To read it, the user must provide the passphrase, from which the secret key is derived.

[MK27]

My question: How can one programmatically passphrase-protect a file?

You can't, or at least not meaningfully, without entering the domain of the OS.

A simpler solution is to write your own an application to (as per laserlight) scramble and de-scramble a file. I believe you can use part of libssl to do the encryption, eg:

http://www.openssl.org/docs/crypto/blowfish.html#

Meaning you could then have a per-file key. However, depending on who you think your attacker is, it might be easier to just devise some kind of simple, reversible scramble, password protect the application that does it, scramble the source code for the application, hide/disguise/keep secret the executable, etc.