63 lines
2.8 KiB
Plaintext
63 lines
2.8 KiB
Plaintext
File Encryption
|
|
|
|
|
|
The ENCRYPT sample is a console application that encrypts files. Files
|
|
encrypted with this sample can be later decrypted with the DECRYPT sample.
|
|
|
|
Note that the INITUSER sample (or equivalent) must be run prior to running
|
|
these samples, to create a key container for the default user.
|
|
|
|
Usage
|
|
-----
|
|
|
|
The ENCRYPT sample is run from the command line as follows:
|
|
|
|
encrypt <source file> <dest file> [ <password> ]
|
|
|
|
The <source file> argument specifies the filename of the plaintext file
|
|
to be encrypted, and the <dest file> argument specifies the filename of
|
|
the ciphertext file to be created. The optional <password> argument specifies
|
|
a password with which to encrypt the file.
|
|
|
|
If no password is specified, then a random session key is used to encrypt
|
|
the file. This session key is then encrypted with the key exchange public
|
|
key of the default user and stored with the encrypted file. In this case,
|
|
the corresponding key exchange private key is later used (by DECRYPT) to
|
|
decrypt the session key, which is used in turn to decrypt the file itself.
|
|
|
|
The DECRYPT sample is run from the command line as follows:
|
|
|
|
decrypt <source file> <dest file> [ <password> ]
|
|
|
|
The <source file> argument specifies the filename of the ciphertext file
|
|
to be decrypted, and the <dest file> argument specifies the filename of
|
|
the plaintext file to be created. The optional <password> argument specifies
|
|
a password with which to decrypt the file.
|
|
|
|
If a bogus password is supplied to DECRYPT, no error is typically generated.
|
|
Of course, the file isn't decrypted properly either.
|
|
|
|
Exercises for the Reader
|
|
------------------------
|
|
|
|
1. By default, these samples use the RC4 stream cipher to perform the
|
|
encryption and decryption operations. If the USE_BLOCK_CIPHER constant is
|
|
defined at the top of each file, however, the RC2 block cipher is used
|
|
instead.
|
|
|
|
2. For the sake of simplicity, these samples do not use salt values or (in the
|
|
case of a block cipher) initialization vectors (IVs). This greatly
|
|
diminishes their effective security. It would be a small matter to modify
|
|
these programs such that salt values and IVs are used (see CryptSetKeyParam
|
|
in the documentation). These values should be generated using the
|
|
CryptGenRandom function, and need to be stored (in a non-encrypted form)
|
|
along with the ciphertext file.
|
|
|
|
3. Another command line argument could be added, which would specify a file
|
|
containing the public key to use when encrypting the session key. This file
|
|
would ideally be in the form of a certificate. If this is done, then it
|
|
becomes possible to encrypt a file such that only the owner of the
|
|
corresponding private key would be able to decrypt the file. This is useful
|
|
if you want to send the file to someone else. Note that this is only
|
|
applicable in the case when a password is not specified.
|