posted 9 years ago
Well, it completely depends on the context.
You want to encrypt and decrypt using a password. If you have a system that users can log in to, you can do this simply by first authenticating the user, and then using their stored key to encrypt and decrypt files. If you don't have a log in system, you have to derive a key from their password on every encrypt and decrypt operation.
I'm going to assume the second case. Here are the steps you have to take for one encryption operation:
Generate a salt and an initialization vector (IV) using a cryptographically secure pseudo-random number generator.Derive a key from a pass phrase, salt and iteration count using a key derivation function, such as PBKDF2.Encrypt the file with the key and the IV using an AEAD algorithm such as AES-GCM.Add the salt, iteration count and IV to the message in clear.
Here are the steps for one decryption operation;
Remove the salt, iteration count and the IV from the message.Derive a key from a pass phrase, stored salt and iteration count using the same key derivation function you used when you encrypted the file.Decrypt the file with the key and the stored IV using the AEAD algorithm you used when you encrypted the file.
For both of these operations, keys, salts, and IVs should be stored as byte arrays. Pass phrases should be stored as char arrays. Keys and pass phrases should be zeroed out once you're done with them.