PDA

View Full Version : About Password Protected Files:



vermarajeev
16th February 2007, 10:07
Hi,

well say,there is a exe file "a.exe" (on fedora ./a)(Qt 3.3.5 application) which does some operation with a text file "b.txt".Now if you double click on a.exe it will ask for password to open b.txt.Writing code for this type of operation is easy.

But if we directly open b.txt using any text editor it will show content.
one cant password protect this file by writing any c code, because every code needs to be executed,which is irrelevant here.

My target is to make a file password protected in such a way that while double clicking over it in windows/fedora,it will ask for password for opening.

And the code should be in c/c++.
Can anyone please help me with this?

rajesh
16th February 2007, 12:14
Better you write .bin file in place of text file.
or Encrypt text file

vermarajeev
16th February 2007, 12:22
Better you write .bin file in place of text file.
or Encrypt text file

Yes I can encrypt the file. Once I encrypt the file, the user shouldnt be able to see the encrypted data. Also my requirement is to use only text file.

Thanks

wysota
16th February 2007, 13:26
Why don't you want someone to not see the encrypted file? Why encrypt it then? You can just read-protect the file...

Anyway you won't be able to activate decryption on double click if you want to operate on text files, because all text files would then be opened by the application instead of the text editor. You'd have to find a way to differenciate between an encrypted file and a plain text file (for example by using some header) and either decrypt or call a text editor. Be warned that this may render your desktop installation useless if you do that incorrectly. And users will still be able to read the encrypted file by opening it in a text editor.

vermarajeev
16th February 2007, 13:41
Why don't you want someone to not see the encrypted file? Why encrypt it then? You can just read-protect the file...

Anyway you won't be able to activate decryption on double click if you want to operate on text files, because all text files would then be opened by the application instead of the text editor. You'd have to find a way to differenciate between an encrypted file and a plain text file (for example by using some header) and either decrypt or call a text editor. Be warned that this may render your desktop installation useless if you do that incorrectly. And users will still be able to read the encrypted file by opening it in a text editor.

Yes I dont want the user to even see the encrypted file as he might have some source to decrypt it, though I have used standard algorithm provided by crypto++.

Yes I'm also differentiating the encoded and decoded file. Encoded file by samp.ct.enc and Decoded file by samp.ct...which my program takes care.

I'm able to encrypt the samp.ct(in alphanumerical characters) to samp.ct.enc(in encoded usng AES256 algorithm).

But when I minimize the application and go to the particular folder where the samp.ct.enc is saved and then double click on it, I'm asked to open the file with some application, I choose KWrite or KEdit, it opens....The text is not understood.

Alternately, I want a pop up telling enter the password to view the file. If the password is correct the file opens in encrypted format.....

I have found a solution for windows but I want the same for linux. Here is the link for windows solution

http://msdn2.microsoft.com/en-us/library/aa365005.aspx

Thanks

wysota
16th February 2007, 15:10
Yes I dont want the user to even see the encrypted file as he might have some source to decrypt it, though I have used standard algorithm provided by crypto++.
If you don't trust an encryption algorithm, why use it? The whole point of encryption is that when someone intercepts the ciphertext, he will not be able to retrieve the source message from it. AFAIK most ciphers used in libcrypto haven't been broken.


Yes I'm also differentiating the encoded and decoded file. Encoded file by samp.ct.enc and Decoded file by samp.ct...which my program takes care.
So just register your application to handle ".enc" files on your system. You can do it via a simple Desktop file. Just remember one has to be able to read the file to be able to decrypt it. You can use suid root on your app and chown all encrypted files to root with access rights 600 to deny read access but what's the point of encrypting the file then?


But when I minimize the application and go to the particular folder where the samp.ct.enc is saved and then double click on it, I'm asked to open the file with some application, I choose KWrite or KEdit, it opens....The text is not understood.
That's obvious, these are text editors that don't know how to decrypt your file.

Alternately, I want a pop up telling enter the password to view the file. If the password is correct the file opens in encrypted format.....

I have found a solution for windows but I want the same for linux.[/QUOTE]

You have to register your application in the system.
http://docs.kde.org/userguide/customizing-kde.html#desktop-icons

vermarajeev
16th February 2007, 15:29
If you don't trust an encryption algorithm, why use it? The whole point of encryption is that when someone intercepts the ciphertext, he will not be able to retrieve the source message from it. AFAIK most ciphers used in libcrypto haven't been broken.


So just register your application to handle ".enc" files on your system. You can do it via a simple Desktop file. Just remember one has to be able to read the file to be able to decrypt it. You can use suid root on your app and chown all encrypted files to root with access rights 600 to deny read access but what's the point of encrypting the file then?


That's obvious, these are text editors that don't know how to decrypt your file.

Alternately, I want a pop up telling enter the password to view the file. If the password is correct the file opens in encrypted format.....

I have found a solution for windows but I want the same for linux.

You have to register your application in the system.
http://docs.kde.org/userguide/customizing-kde.html#desktop-icons[/QUOTE]

Sounds like once the file is encrypted, there is no need to worry about password to read it back. What I can do is dont allow the user to write anything to the encrytpted file. This will make my encrypted file safe...

M I correct?????

Hi wysota,
One more doubt since I'm not an expert on linux, I have been struggling to link crypto++ lib with Qt application. I have done that successfully on windows but failing to do on linux.

I have some *.h and *.c files which I will use to create a library file. This created library file will be linked with my Qt application.

On windows I have created a static library called *.lib using *.h and *.c files and then using the Project-->Settings I have linked this *.lib to my *.exe(Qt application). The *.exe is dependent on *.lib

But on linux as I read through google, it requires *.so or *.a file(basically which are shared and static libraries). How do I create a library file on linux platform???? R is there a way by which I can make my running *.exe with *lib to run on linux.

Please explain about this in steps...

wysota
16th February 2007, 15:46
Sounds like once the file is encrypted, there is no need to worry about password to read it back. What I can do is dont allow the user to write anything to the encrytpted file. This will make my encrypted file safe...

M I correct?????
No. If you modify the contests of the file, it should not get decrypted. Furthermore you can protect the file by adding a signature - an encrypted hash (like md5) of the file. If the file contents changes, the hash will be different.


But on linux as I read through google, it requires *.so or *.a file(basically which are shared and static libraries). How do I create a library file on linux platform???? R is there a way by which I can make my running *.exe with *lib to run on linux.

qmake can help you with that. Use the "lib" template (instead of app).