Reputation: 3239
Proper way to encrypt a file with openssl using the EVP api in C
What I am trying to do: Encrypt an executable, then decrypt it later.
What my problem is: looping properly through the exe.
Here is what my code currently looks like:
unsigned char ckey[] = "thiskeyisverybad";
unsigned char ivec[] = "dontusethisinput";
//Initiate the EVP interface
EVP_CIPHER *c = EVP_aes_256_cbc();
//Initialize symmetric cypher
EVP_CIPHER_CTX *ctx = (EVP_CIPHER_CTX) malloc(sizeof(EVP_CIPHER_CTX));
EVP_CIPHER_CTX_init(ctx);
//Set up cypher contex
EVP_EncryptInit(ctx,c,ckey,ivec);
Of course there are better ways to set up the key and the iv (I am looking at the book network security with openssl). This is not my problem, my problem is how should I properly load up an exe, and encrypt it. From my understanding I should open it up in rb mode and read it. What I dont understand is what size chunks I should be using. I understand that I must, when calling EVP_EncryptUpdate I have to enter in an input buffer and a buffer length. I would like to know how I should read the input exe. Should I loop through the file for and read one AES_BLOCK_SIZE per iteration? What would be the proper way to accomplish this?
Upvotes: 2
Views: 5071
Answers (1)
Reputation: 3239
Here is a working example, Apparently the EVP api will handle an arbitrary input size.
void encrypt(FILE *ifp, FILE *ofp)
{
//Get file size
fseek(ifp, 0L, SEEK_END);
int fsize = ftell(ifp);
//set back to normal
fseek(ifp, 0L, SEEK_SET);
int outLen1 = 0; int outLen2 = 0;
unsigned char *indata = malloc(fsize);
unsigned char *outdata = malloc(fsize*2);
unsigned char ckey[] = "thiskeyisverybad";
unsigned char ivec[] = "dontusethisinput";
//Read File
fread(indata,sizeof(char),fsize, ifp);//Read Entire File
//Set up encryption
EVP_CIPHER_CTX ctx;
EVP_EncryptInit(&ctx,EVP_aes_128_cbc(),ckey,ivec);
EVP_EncryptUpdate(&ctx,outdata,&outLen1,indata,fsize);
EVP_EncryptFinal(&ctx,outdata + outLen1,&outLen2);
fwrite(outdata,sizeof(char),outLen1 + outLen2,ofp);
}
Here is my answer to this in another post. OpenSSL AES 256 CBC via EVP api in C
Upvotes: 3
Related Questions
- Decryption failure using openssl EVP_CipherFinal_ex
- openssl command encrypt data does not match EVP_aes_128_cbc C code
- In place encryption/decryption using EVP_*
- How to decrypt using openssl EVP?
- Openssl EVP encryption and decryption from a file
- OpenSSL EVP API: How to decrypt the encrypted file using a symmetric key file
- Issues with encrypting a file using openssl evp api(aes256cbc)
- Working with EVP and OpenSSL, coding in C
- Encrypt file with public key using openssl EVP routines
- OpenSSL AES 256 CBC via EVP api in C