Depends on how you plan on using the file, for me I was encrypting a file
(3DES)and pushing it out a socket to be decrypted on a server, the only good
way I found to doing this was to put the file data into a byte array and then
pipe it chunk by chunk (sizeof(chunk) = BLOCK_SIZE) into the StringSink method
which I then Base64 encoded and shot out the pipe, there is also a FileSink
method but from what I saw it writes directly to the disk and not memory which
sounds kind of like what you want. You'll need to do a lot of reading on the
mailing list sight it took me (a newbie as well) a good two months to get
everything working the way I needed it to. here are some pointers that if I
knew would have made my life a lot easier hopefully will help you save time and
sanity.
1. When possible use the same library for encrypting and decrypting, I tried
using MScryptoAPI and php's mcrypt with crypto++
and it was a nightmare, when I changed cryptoPP (the PHP port for
decrypting on my server) life got A LOT easier.
2. For 3DES ( and I believe most Block ciphers ) data must be broken up into
chunks ( largest chunk 128 bytes ) which are multiples of the
BLOCK_SIZE which is a predetermined size depending on the cipher used
(3DES = 8 bytes),
(I used 3DES so that is the one I know the most about) then it each
chunk is passed to the
encryptor object with the "Put" method and then "MessageEnd" called
after the lastblock. Use this with StringSink or
FileSink. I found my padding got screwed up if I tried using "Put" and
"Get", which would be fine if your data is smaller than 128 bytes mine wasn't, which
might have been just me, but anyway
use the StringSink or FileSink methods they are MUCH easier regardless
of what size your data is.
3. make sure you are using the same padding type for encrypting and decrypting,
types are ZEROS_PADDING, ONE_ZEROS_PADDING,
PKCS5_PADDING, I have found ZEROS_PADDING to be the easiest to deal
with but your needs and mileage will vary,
important thing is make sure the encryption method and decryption
method use the same padding type.
4. encryption modes, here is a great link describing them
http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation.
with Block ciphers you will need to declare or generate an
initialization vector http://en.wikipedia.org/wiki/Initialization_vector
unless you are using ecb mode, which I
wouldn't suggest (see wikipedia link on cipher modes)
5. Useful Links:
Crypto++ mailing list: good advice and code snippet source
http://www.mail-archive.com/cryptopp-list%40eskimo.com/
Crypto++ FAQ site very useful but assumes some knowledge
http://www.eskimo.com/~weidai/cgi-bin/fom-serve/cache/1.html
Here is the Doxygen Reference, good reference for method parameters,
variable types needed, etc
http://cryptopp.sourceforge.net/docs/ref5/index.html
Although this may look complicated and a bit overwhelming believe me
crypto++ is actually a lot easier library to use then
a number of others I looked at it's a steep learning curve, but you can do it.
Good Luck
A.J. Mayorga
Network Security Engineer
US NAVY~FIWC~Red Team~R&D
-----Original Message-----
From: news [mailto:[EMAIL PROTECTED] Behalf Of John Windle
Sent: Tuesday, March 08, 2005 21:56
To: [email protected]
Subject: Is an encrypted filestream possible?
Hi
I'm new to crypto++, cryptography in general and my C++ is rusty so apologies if
this question has an obvious answer.
I want to create an encrypted file stream, ie one that my application pushes in
plaintext data and it is encrypted before being written to the file; ie I can
output to it as a standard stream. Later another application needs to setup a
decoding file stream, decodes the data into plain text as it is read, so the
file can then be read as if it were a standard stream.
Is this possible and is there an example that shows how to do it? The examples
in test.cpp either don't seem to do what I want, or they are to complex for my
limited brain.
Any advice greatly appreciated.
john
