For my C++ application, I have looked at Crypto++. Seems simple enough to encrypt some content and save it in a file. It also seems simple enough to decrypt the whole file. However, our requirement is that we cannot decrypt the whole file at once. I need to decrypt portions of the file on the fly as requested by the caller. Essentially, I need to implement the following pseudo methods:
int openFile(const char* aesFile); // returns a handle
long read(int handle, long pos, int size, byte* buffer);
How can I achieve this? Is there something in Crypto++ or some other library that is readily available to do this? Regards.
How can I achieve this? Is there something in Crypto++ ...
I think you need two things. First, you need a seekable cipher mode of operation. Counter mode (CTR) will probably work for that. You can check if a cipher is seekable using IsRandomAccess(). Its inherited from StreamTransfoormation Class.
In counter mode (and other seekable modes), be careful to ensure you still have authenticity assurances. This can be tricky. Also see Authenticated Encryption on the Crypto++ wiki.
Second, probably you need to avoid the streaming interface, and you need to use Put and Get. Put and Get are just C-like class functions present on every Crypto++ BufferedTransformation class.
Most examples of Put and Get are rather trivial. However, a more substantial one recently made an appearance on the Crypto++ wiki at Init-Update-Final. Though its more substantial, its not more complex because its a simple concept.
... or some other library that is readily available to do this?
Well, that's a choice you have to make. If C++ and security libraries are your only library requirements, then you can also check out Jack Lloyd's Botan.