File Encryption

This guide explains how to encrypt and decrypt files with the SDK.

SECF Format

The SDK uses the .secf (Secure Exchanges Crypted File) format for encrypted files.

Encrypt a File

Quick Example

using SecureExchangesSDK.Helpers;

byte[] key = CryptoHelper.GenerateSecureRandomByteArray(32);
byte[] iv = CryptoHelper.GenerateSecureRandomByteArray(16);

// Encrypts and creates file.pdf.secf
bool success = CryptoHelper.EncryptSecfFile(@"C:\file.pdf", key, iv);

With Output Directory

// Encrypt to a specific directory
bool success = CryptoHelper.EncryptSecfFile(
    @"C:\source\file.pdf",
    @"C:\output",  // Output directory
    key,
    iv
);
// Creates: C:\output\file.pdf.secf

Decrypt a File

// Decrypt file.pdf.secf -> file.pdf
bool success = CryptoHelper.DecryptSecfFile(@"C:\file.pdf.secf", key, iv);

// With output directory
bool success = CryptoHelper.DecryptSecfFile(
    @"C:\file.pdf.secf",
    @"C:\output",
    key,
    iv
);

Complete Example: Secure Archiving

public class SecureArchiveService
{
    /// <summary>
    /// Archives a file securely
    /// </summary>
    public ArchiveResult ArchiveFile(string filePath, string archivePath)
    {
        // Generate keys
        byte[] key = CryptoHelper.GenerateSecureRandomByteArray(32);
        byte[] iv = CryptoHelper.GenerateSecureRandomByteArray(16);

        // Calculate original hash
        string originalHash = CryptoHelper.GetSHA512OfFile(filePath);

        // Encrypt
        bool encrypted = CryptoHelper.EncryptSecfFile(filePath, archivePath, key, iv);

        if (encrypted)
        {
            return new ArchiveResult
            {
                Success = true,
                EncryptedPath = Path.Combine(archivePath, Path.GetFileName(filePath) + ".secf"),
                Key = Convert.ToBase64String(key),
                IV = Convert.ToBase64String(iv),
                OriginalHash = originalHash
            };
        }

        return new ArchiveResult { Success = false };
    }

    /// <summary>
    /// Restores an archived file
    /// </summary>
    public bool RestoreFile(string encryptedPath, string outputPath, string base64Key, string base64IV)
    {
        byte[] key = Convert.FromBase64String(base64Key);
        byte[] iv = Convert.FromBase64String(base64IV);

        return CryptoHelper.DecryptSecfFile(encryptedPath, outputPath, key, iv);
    }
}

public class ArchiveResult
{
    public bool Success { get; set; }
    public string EncryptedPath { get; set; }
    public string Key { get; set; }
    public string IV { get; set; }
    public string OriginalHash { get; set; }
}

See Also

• Basic Concepts
• Key Management