Reputation:
encrypt file without creating a new one
I wrote a C program using openssl library to encrypt/decrypt files with AES. The problem is that I can't work on (read: encrypt) the same file.rar. Instead, all I can do is to create a new file.rar.enc then delete the original file.rar.
This way it’s possible to recover the original file.rar and – as a result – the encrypting process is really useless. Is there any way to operate in the same file during encryption/decryption?
Here is my C code :
FILE *ifp = fopen(to_encrypt, "rb");
FILE *ofp = fopen(new_name, "wb");
int bytes_read, bytes_written, num=0;
unsigned char indata[AES_BLOCK_SIZE], outdata[AES_BLOCK_SIZE];
unsigned char skey[17],iv[] = "myIV";
strcpy(skey, "myKey");
AES_KEY key;
AES_set_encrypt_key(skey, 128, &key);
while (1) {
bytes_read = fread(indata, 1, AES_BLOCK_SIZE, ifp);
AES_cfb128_encrypt(indata, outdata, bytes_read, &key, iv, &num, AES_ENCRYPT);
bytes_written = fwrite(outdata, 1, bytes_read, ofp);
if (bytes_read < AES_BLOCK_SIZE) break;
}
Upvotes: 1
Views: 1196
Answers (2)
Reputation: 94118
Sure you can encrypt files: simply map the file to memory and encrypt blocks of data. Store the optional IV / authentication tag at the end of the file or you may not be able to encrypt in place.
As Thomas already mentioned, you may run into problems with SSD's, where it is very likely that you may not write over the original file. However, the SSD could delete the block depending on the implementation. Actually, hard disks could do the same, but usually they only do such a thing if a sector is marked bad.
That said, you'd still be protected against persons that cannot directly access the device itself. You could combine it with SSD encryption to offer additional protection (this also makes it easy to destroy the data on SSD: the SSD can basically just destroy the data encryption key).
Upvotes: 0
Reputation: 64750
in this way it's possible to recover the original file.rar, then the encrypting process is really useless.
Your statement here implies a particular use case. Such encryption is not useless if you are sending the encrypted file. The encryption is useless if it is intended to protect against some later system compromise (ex: a lost laptop).
In the event your system is compromised any encryption short of full disk encryption will not suffice and the original data will likely remain recoverable.
- Your operating system has swap (on disk) memory.
- Programs you might have used to read files contained in your now-encrypted rar-file might have made copies.
- Most printing involves a sequence of temporary files.
- Modern SSD drives do not really "delete" anything since writing to flash causes wear which negatively impacts the product lifetime.
- Moreover, modern flash has wear-leveling - that means over-writing a file almost never obliterates the previous data but instead writes the new data to a new block.
In each of the above cases there exists the original plaintext on your drive that can be forensically recovered. You will not escape this situation just by making a C program that over-writes the previous file.
Upvotes: 5
Related Questions
- How to use OpenSSL to encrypt/decrypt files?
- How to encrypt a file so that OpenSSL can decrypt it without providing the IV manually
- Encrypt file in java and decrypt in openssl with key aes
- Encrypt file with aes 128
- How to encrypt a file with AES using OpenSSL?
- How to encrypt a file with python but can be decrypted using the shell?
- Encrypting strings write to file and then decrypt file in PHP
- how to duplicate openssl_encrypt?
- Encrypt file with PHP OpenSSL
- Temporarily decrypt file in shell