You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1.5 KiB
1.5 KiB
Cryptpng
A proof of concept implementation of storing encrypted data inside of png metadata chunks.
Usage
# encrypt
cryptpng --image <name of the image> --in <input file> --out <output file>
# decrypt
cryptpng --decrypt --image <crypt image> --out <decrypted output file>
Technical Information
It should be possible to store data with a size up to ~ 4GB, but in reality most image viewers have
problems with chunks that are bigger than several Megabytes.
The data itself is stored in a png chunk
and encrypted via aes. The encryption chunk is stored right before the IDAT
chunk that contains the
image data. The steps for encrypting are:
Encrypt
- Parse the png file and split it into chunks.
- Prompt for a password and use the sha512 32byte value with a generated salt.
- Store the salt in the
saLt
chunk. - Create a base64 string out of the data.
- Encrypt the base64 string using aes and the provided hashed key.
- Split the data into parts of 1 MiB of size.
- Store every data part into a separate
crPt
chunk. - Write the png header and chunks to the output file.
Decrypt
- Parse the png file and split it into chunks.
- Get the
saLt
chunk. - Get the
crPt
chunks and and concat the data. - Prompt for the password and create the sha512 32byte hash with the salt.
- Decrypt the data using aes and the provided hash key.
- Decode the base64 data.
- Write the data to the specified output file.