Hi, sorry for not replying sooner. I missed your request somehow.
A brief technical description of the file format is given on the man page: http://ccrypt.sourceforge.net/ccrypt.html in the section "Description of the cipher". In particular, there is a description of how the "seed" (first 32 bytes of the file) is constructed.
The ccrypt file format intentionally contains no header such as 41 45 53; in fact, an encrypted file is indistinguishable from random data. You can only verify whether it is in the ccrypt format if you know the secret key. In that case, the method is: decrypt the first 32 bytes with one round of the Rijndael block cipher (using the ccrypt key hashing method). If the file is in ccrypt format, then the first 4 bytes of the decrypted data are "c051".
I hope this helps, -- Peter
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi, sorry for not replying sooner. I missed your request somehow.
A brief technical description of the file format is given on the man page: http://ccrypt.sourceforge.net/ccrypt.html in the section "Description of the cipher". In particular, there is a description of how the "seed" (first 32 bytes of the file) is constructed.
The ccrypt file format intentionally contains no header such as 41 45 53; in fact, an encrypted file is indistinguishable from random data. You can only verify whether it is in the ccrypt format if you know the secret key. In that case, the method is: decrypt the first 32 bytes with one round of the Rijndael block cipher (using the ccrypt key hashing method). If the file is in ccrypt format, then the first 4 bytes of the decrypted data are "c051".
I hope this helps, -- Peter