Portable OpenSSL

From Makers Local 256
Jump to: navigation, search

Creator:
Jim Shoe
Status:
Research Complete
Born On:
01:19, 17 February 2008 (CDT)
Last Updated:
10:22, 23 January 2012 (CDT)

Overview

This is a guide to using OpenSSL in a portable fashion on Windows.

Talk

I did a talk in June '08 about a portable life.

Details

The other day I picked up a new 2gb USB Drive. I like to keep storage with me, as well as programs like Portable Putty, Firefox, Filezilla, VLC, 7Zip and KeePass. All of which can be downloaded free at PortableApps.com Keeping all these programs only takes up around 150MB, which isn’t bad when you have 1.9GB to play with. Now lets talk about encryption. Using a Mac or Linux a lot like I do, you find OpenSSL is awesome. You can easily encrypt and decrypt files quickly. I recently got to looking around and found an .exe of OpenSSL. So I started playing. When I was done I had OpenSSL working off a USB Drive, and a batch file that either encrypts or decrypts based on the file extension. Oh and the batch file is run by dropping a file onto it. Here is what I did.

  1. Download the latest OpenSSL Light from OpenSSL.org.
  2. Install OpenSSL
     a. Ignore the error about MS Visual C++
     b. Select Copy OpenSSL DLL to /bin directory
  3. Copy C:\OpenSSL\bin to your USB Drive.
  4. Rename the bin directory to openssl..
  5. Double click on openssl.exe in your openssl directory. If it works you should get a command prompt showing OpenSSL>
  6. Download this file to the root of your USB Drive. encrypt-and-decrypt.bat
  7. Now you have drag and drop encryption and decryption using aes-256.

The batch file will encrypt any file but will not encrypt a directory. If you want to encrypt a directory you can use 7zip to zip up the directory, then encrypt the .zip Also the batch file will only decrypt files ending in .enc Test it out and you will see what I mean. If you have any questions just leave a comment.

Thanks Nathan

ps. If you want separated encrypt and decrypt files you can download these. encrypt.bat decrypt.bat

encrypt-and-decrypt.bat

@echo off

SET EX=%~x1

rem Changes program to the dir .bat is in
cd /d %~dp0

if %EX%==.enc (GOTO :DECRYPT)
  IF EXIST %1.enc (
    echo Please rename/remove file.
    echo %~f1.enc 
    pause)
  IF EXIST %1.enc (GOTO :END)
  "%CD%\openssl\openssl.exe"  enc -aes-256-cbc -salt < %1 > %1.enc
  GOTO :END

:DECRYPT
  IF EXIST "%~dp1%~n1" (
    echo Please rename/remove file.
    echo %~dp1%~n1
    pause)
  IF EXIST "%~dp1%~n1" (GOTO :END)
  "%CD%\openssl\openssl.exe"  enc -d -aes-256-cbc -salt < %1 > "%~dp1%~n1"
  GOTO :END

:END

encrypt.bat

@echo off

rem Changes program to the dir .bat is in
cd /d %~dp0

rem First part is the path to openssl.exe, then the encryptions stuff.
rem rem Then %1 is the item you dropped on the .bat file.
rem Then the second %1 adds a .enc to the end of the file name, and saves it.
"%CD%\openssl\openssl.exe"  enc -aes-256-cbc -salt < %1 > %1.enc

decrypt.bat

@echo off

rem Changes program to the dir .bat is in
cd /d %~dp0

rem First part is the path to openssl.exe, then the encryptions stuff.
rem Then %1 is the item you dropped on the .bat file.
rem Then %~dp1%~n1 removes the .enc and places the file into original dir.
"%CD%\openssl\openssl.exe"  enc -d -aes-256-cbc -salt < %1 > "%~dp1%~n1"