1

I am reluctant to use open source alternatives for encrypted file containers.

Any suggestions for commercial ones?

System.IO.Packaging.EncryptedPackageEnvelop seems like too much effort to implement and the examples out there don't seem to support too much of the ZIP functionality.

Raheel Khan
  • 14,205
  • 13
  • 80
  • 168
  • Isn't your motivation inverted? I'd approach this from exactly the opposite angle... encryption should preferrably be open source and subject to review. The temptation of proprietary vendors is to downplay breaches and vulns because it's not in their commercial interest to do so. Look at RSA's lack of transparency over their breach. What is "highly" encrypted vs vanilla encrypted? – spender Apr 26 '12 at 12:17
  • Compelling argument for open source but my requirement is for a solution that combines a file container with encryption. I do plan on further encrypting that with a public-key implementation. Furthermore, I am looking for a commercial solution since my own product will be licensed as closed-source and commercial. – Raheel Khan Apr 26 '12 at 13:23
  • Vanilla encryption... Lol... I removed the 'highly' bit from the question. – Raheel Khan Apr 26 '12 at 13:26
  • I'd just go with a ZIP (sure, change the extension and the magic number if you feel like it) containing files each individually encrypted with, say, AES. – AKX Apr 26 '12 at 13:32
  • Licenses such as MIT,BSD,MS-PL, Apache can easily be used in commercial closed source products, you don't even have to release any changes to the open source code. – jbtule Apr 26 '12 at 13:33
  • @jbtule: In that case, you should post your comment as an answer. Also, where could I find more about these licenses? Reading the license file itself would be complete greek to me. – Raheel Khan Apr 26 '12 at 13:56
  • @AKX: ZIP would be fine as long as I have a managed wrapper. I'd like to see what jbtule suggests in his answer. – Raheel Khan Apr 26 '12 at 13:57
  • In response to a [similar question](http://stackoverflow.com/questions/8447367), someone [suggested SecureBlackBox](http://stackoverflow.com/a/8447744) – Brian Apr 26 '12 at 13:58
  • @Brian: Thanks. Judging from the features and licensing costs, this may well be the solution. You should post your comment as an answer and I will revert back after evaluating it. – Raheel Khan Apr 26 '12 at 14:03

1 Answers1

1

DotNetZip

creates AES-encrypted zip archives for privacy of archived content

Has examples too.

MS-PL licensed & while open source can be used with closed source products without releasing the source.

jbtule
  • 31,383
  • 12
  • 95
  • 128
  • I know the title is commercial alternatives to DotNetZipLib, but since in the comments asker's main issue is that the consuming product will be closed source commercial and that is not an issue with DotNetZip's License. http://stackoverflow.com/questions/633132/is-ms-pl-microsoft-public-license-code-allowed-in-commercial-product – jbtule Apr 26 '12 at 14:49
  • That's exactly right. I was seriously considering SecureBlackBox but your fact will probably change that in favor of DotNetZip. I'll mark whatever we end up choosing as the right answer. Thanks. – Raheel Khan Apr 26 '12 at 20:05