Libcrypt examples?

Ronald F. Guilmette rfg at
Mon Oct 13 21:14:23 CEST 2014


I have a program that will frequently need to store modest-size
chunks of of data on disk, perhaps 1-4kB per chunk.  The data is
sensitive, but not ultra top secret.  I would like to make a
reasonable effort to keep it from prying eyes.  After being stored,
the data will later on need to be read back in, perhaps by the
same program or perhaps by a different one, and will then need to
be decrypted.

I don't need anything facy here.  A symmetric-key encryption/
decryption would be just fine, I think.  Mostly I just need
something that will be simple for me to implement in my program,
even though I am by no means knowledgable about cryptography
generally.  (Most of what little I do know has been garnered from
with Wikipedia.)

So anyway, last night I spent a lot of time googling to try to
find some simple code examples which would illustrate Libcrypt
being used for simple tasks, such as the one I've just described,
but I didn't find any.  I also looked over the Libcrypt manual,
which promised near the start that there were some programming
example near the end, but I could not find those either. :-(
(In fact, a search of the whole document for the word "example"
turned up only one hit, i.e. on the part in the very beginning of
the manual where later examples were promised.)

So, can anybody point me at some _really_ simple examples of
how to use Libcrypt to so simple things, e.g. encrypt a block
of data and then decrypt it?


P.S.  On my FreeBSD system, un-updated as it may be, there seems
to be a crypt(3) in the standard C library.  I suppose that I might
just be able to use that, but here again, I'm not finding any simple
coding examples for that either.  And more importantly, the man page
for it gives this omnious warning:

     All routines are designed to be time-consuming.  A brief test on a
     Pentium 166/MMX shows the DES crypt to do approximately 2640 crypts a
     CPU second and MD5 to do about 62 crypts a CPU second.

Fortunately, I *do* have something that's a bit faster than A Pentium 166
:-) but I'm still rather baffled by the meaning of the phrase "designed
to be time-consuming" in this context.  I understand that encryption
generally is intended to be very time-consuming FOR AN ATTACKER WHO
DOESN'T KNOW THE KEY, but the quote above does not clarify that this
is the only party for whom use of the FreeBSD libc crypt(3) function
will be "time-consuming".  (If it ends up being time consuming *for me*,
then this could be real a problem.)

More information about the Gnupg-users mailing list