From ecc098ea69173b23b156f61cdcecd290ce92842a Mon Sep 17 00:00:00 2001 From: trivernis Date: Sat, 15 Feb 2020 15:50:29 +0100 Subject: [PATCH] Update README --- README.md | 28 +++++++++++++++++++++++++++- cryptpng.go | 2 ++ 2 files changed, 29 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 25207d1..2b3d0b9 100644 --- a/README.md +++ b/README.md @@ -10,4 +10,30 @@ cryptpng --image --in --out # decrypt cryptpng --decrypt --image --out -``` \ No newline at end of file +``` + +## Technical Information + +It should be possible to store data with a size up to ~ 4GB, but in reality most image viewers have +problems with chunks that are bigger than several Megabytes. +The data itself is stored in a [png chunk](http://www.libpng.org/pub/png/spec/1.2/PNG-Structure.html) +and encrypted via aes. The encryption chunk is stored right before the `IDAT` chunk that contains the +image data. The steps for encrypting are: + +### Encrypt + +1. Parse the png file and split it into chunks. +2. Prompt for a password and use the sha512 32byte value. +3. Create a base64 string out of the data. +4. Encrypt the base64 string using aes and the provided hashed key. +5. Store the data into the `crPt` chunk. +6. Write the png header and chunks to the output file. + +### Decrypt + +1. Parse the png file and split it into chunks. +2. Get the `crPt` chunk. +3. Prompt for the password and create the sha512 32byte hash. +4. Decrypt the data using aes and the provided hash key. +5. Decode the base64 data. +6. Write the data to the specified output file. \ No newline at end of file diff --git a/cryptpng.go b/cryptpng.go index 20efd3f..c03c8ef 100644 --- a/cryptpng.go +++ b/cryptpng.go @@ -60,6 +60,7 @@ func main() { } } +// encrypts the data of fin inside the png (f) and writes it to fout func EncryptDataPng(f *os.File, fin *os.File, fout *os.File) { png := PngData{} err := png.Read(f) @@ -99,6 +100,7 @@ func encryptData(data []byte) ([]byte, error) { return encrypt(key, data) } +// decrypts the data of a png chunk func decryptData(data []byte) ([]byte, error) { key := readPassword() return decrypt(key, data)