A secure file storage server with client-server architecture that provides encrypted file transfer and storage. Written in C using OpenSSL for encryption and SQLite for user management.
- Features
- Libraries and Dependencies
- Installation
- Server Documentation
- Client Documentation
- Usage
- Security
- File Structure
- Secure Authentication: Uses Argon2 for password hashing
- Encrypted File Transfer: All files are encrypted with AES-256-CBC before transfer
- Multi-user Support: Each user has isolated file storage
- Threaded Server: Handles multiple clients simultaneously
- Command-line Interface: Easy-to-use menu system
- Secure Storage: Files are stored encrypted on the server
- OpenSSL (for encryption and TLS)
- SQLite3 (for user database)
- Argon2 (for password hashing)
- pthread (for threading)
sudo apt-get update
sudo apt-get install libssl-dev libsqlite3-dev libargon2-devbrew install openssl sqlite argon2- Install vcpkg: https://vcpkg.io/en/getting-started.html
- Then install dependencies:
vcpkg install openssl:x64-windows sqlite3:x64-windows argon2:x64-windows- Generate SSL certificates:
openssl req -x509 -newkey rsa:4096 -keyout server.key -out server.crt -days 365 -nodes
The following is the protocol the client-server implements for communication
auth username:password- Authenticate a userregi username:password- Register a new userlist- List all user filesdele filename- Delete a fileupld filesize filename- Upload a filedwld filename- Download a file
./serverThe server will prompt for a port number (default: 8080)
When starting the client, you'll need to provide:
- Server host (default: 127.0.0.1)
- Server port (default: 8080)
- Create Account: Register a new user
- Login: Authenticate with existing credentials
- Delete File: Remove a file from server
- List Files: View all your files on server
- Upload File: Send a file to the server (automatically encrypted)
- Download File: Retrieve a file from server (automatically decrypted)
- Exit: Close the connection
- Files are encrypted with AES-256-CBC before upload
- The encryption key is derived from your password
- Files remain encrypted on the server, and are only decrypted client side
- Compile:
gcc -o server main.c user.c socket.c -lsqlite3 -lssl -lcrypto -largon2 -lpthread
- Run:
./server
- Compile:
gcc -o client client.c -lssl -lcrypto
- Run:
./client
- TLS 1.3 for all communications
- Argon2id for password hashing
- AES-256-CBC for file encryption
- Secure memory handling
- Protection against buffer overflows
- Per-user file isolation
- Use strong passwords
- Keep your SSL certificates secure
- Run server on trusted networks only
- Regularly backup the database directory
file-server/
│
├── server/
│ ├── main.c - Main server logic
│ ├── user.c - User authentication and management
│ ├── user.h - User function declarations
│ ├── socket.c - SSL/TLS and network operations
│ └── socket.h - Socket function declarations
│
├── client/
│ └── client.c - Client implementation
│ └── socket.c - SSL/TLS and network operations
├── database/ - Automatically created
│ ├── users.db - SQLite user database
│ └── [user_id]/ - Per-user encrypted files
│
├── server.crt - your SSL certificate
├── server.key - your SSL private key
└── README.md - This file
- The server creates a directory structure automatically
- First run will create the SQLite database
- Each user gets their own directory under database/
- Files are stored with their original names but encrypted contents
- The server must be restarted to change ports