Thread: Passphrase-Protecting a File

  1. #1
    Registered User
    Join Date
    Oct 2010

    Passphrase-Protecting a File

    My question: How can one programmatically passphrase-protect a file? I know that we can do it with PGP and other cryptography software, but how does it actually work? I don't really care about what programming language or algorithm to use. I am just looking for commonly-used processes. (Do we SHA512 the passphrase and use that as part of an asymmetric key-pair and then encrypt our files that way? That kind of thing.)

    What I have done to try and answer my question: Google results just tell me how to use openssl/pgp/etc/etc on the command line. Searching this forum has not turned up anything I am looking for. I am not interested in how to use openssl to do it. I'm interested in how to use something like libssl to do it.

  2. #2
    C++ Witch laserlight's Avatar
    Join Date
    Oct 2003
    * Moved to Tech Board *

    A direct approach: encrypt the file. To read it, the user must provide the passphrase, from which the secret key is derived.
    Quote Originally Posted by Bjarne Stroustrup (2000-10-14)
    I get maybe two dozen requests for help with some sort of programming or design problem every day. Most have more sense than to send me hundreds of lines of code. If they do, I ask them to find the smallest example that exhibits the problem and send me that. Mostly, they then find the error themselves. "Finding the smallest program that demonstrates the error" is a powerful debugging tool.
    Look up a C++ Reference and learn How To Ask Questions The Smart Way

  3. #3
    spurious conceit MK27's Avatar
    Join Date
    Jul 2008
    segmentation fault
    Quote Originally Posted by QuadraticFighte View Post
    My question: How can one programmatically passphrase-protect a file?
    You can't, or at least not meaningfully, without entering the domain of the OS.

    A simpler solution is to write your own an application to (as per laserlight) scramble and de-scramble a file. I believe you can use part of libssl to do the encryption, eg:

    Meaning you could then have a per-file key. However, depending on who you think your attacker is, it might be easier to just devise some kind of simple, reversible scramble, password protect the application that does it, scramble the source code for the application, hide/disguise/keep secret the executable, etc.
    C programming resources:
    GNU C Function and Macro Index -- glibc reference manual
    The C Book -- nice online learner guide
    Current ISO draft standard
    CCAN -- new CPAN like open source library repository
    3 (different) GNU debugger tutorials: #1 -- #2 -- #3
    cpwiki -- our wiki on sourceforge

Popular pages Recent additions subscribe to a feed

Similar Threads

  1. Protecting Constructors
    By kidburla in forum C++ Programming
    Replies: 12
    Last Post: 10-14-2006, 11:18 PM
  2. Password protecting a .exe file
    By Opel_Corsa in forum C++ Programming
    Replies: 8
    Last Post: 02-01-2006, 02:03 PM
  3. protecting my plugin
    By danielC++ in forum C++ Programming
    Replies: 7
    Last Post: 03-11-2005, 03:58 AM
  4. Protecting files
    By bookworm in forum Linux Programming
    Replies: 6
    Last Post: 06-14-2004, 03:55 PM