What my Project FileSec did can be done straight from terminal which is quite nice to hear but CLI isn't for everyone, honestly respect their preference however. I am currently using Ubuntu 17.04 as my main work-space therefore OpenSSL is available through official repository.
Install it using
sudo apt install openssl.
The commands are pretty straightforward for
OpenSSL which can also be reviewed using
man openssl in your terminal. Basically, in order to simply encrypt or decrypt a file, we can make use of
-d parameters. Couple examples to easily understand what I am trying to say is shown below.
First, let us create a file which holds secret text/string/data and what not.
Verify whether the
secret.txt file was created and the string was successfully appended to our secret file. Once verified, run
openssl aes-256-cbc -e -in secret.txt -out secret.txt.enc in your terminal where you created your
Once the encryption command using AES 256 CBC is executed and completed, you should see an output file with the same name as
.enc in the end. The reason I do this is to keep track of file extensions during the encryption, once again, personal preference!
-out <output_file_name>, hence you can set the output filename to whatever you want. For small files like
secret.txt, we don’t necessarily need to use
aes-128-cbc works faster
openssl aes-128-cbc -e -in secret.txt -out secret.txt.enc.
You can test their performance and completion timing yourself using
time command in front of your main encryption/decryption commands.
Comparison AES-256-CBC vs. AES-128-CBC
0.001 second and -
9 seconds difference on
AES-256-CBC compared to
AES-128-CBC. I would still go with
256 Bits just because of the
3n layer encryption.
So yeah, yet another tiny Python script to make my life easier. I definitely have couple ideas running in my mind for this particular script, let us see what happens in the future. What this script does is simplifies this complex
openssl command into short and sweet command. If we take above codes as an example,
openssl aes-256-cbc -e -in secret.txt -out secret.txt.enc -pass pass:prashantme becomes
FileSec.py -e/-d secret.txt/secret.txt.enc prashantme. Simple, isn’t it?
You can create a Symlink for this file which allows the user to run
FileSec.py from anywhere. First of all, allow the
.py file execution permission using
sudo chmod +x FileSec.py. Creating Symlink is very easy, head over to
/usr/local/bin and type this command in your terminal.
Now you can call and encrypt your files from wherever you want.
I tried my best to write this script to make my life/work easier, without all key file, cipher, IV keys and such. Instead, I had a mindset of how big of a file will I be encrypting, the consistency of encryption and how often will I be encrypting/decrypting my files. Using
FileSec.py is as simple as I could write.
It uses 256 bits and
cbc encryption by default which you can change if you prefer 128. I knowingly decided not to remove the original copy of the file, things could go south in an instant but this way, the user can check and verify and remove the original copy if necessary.