PDA

View Full Version : Questions @Encrypt Plugin



rhosk
02-13-2004, 08:20 AM
Before I purchase this plug-in, just have a few questions. Realize that I will have to learn as I go with this thing, but I hope I can manage.

I do understand that it will encrypt AMS5 files. I get that. Now, my questions.

1. Does it decrypt them as it's dropping the files to the temp directory (will the end user then be able to still open/look at all the files in the structure?)?

2. Can you encrypt external files without the need of the AMS runtime environment? IOW, could I say, encrypt an executable file that can be run independant of an AMS5 app?

3. Or conversely, would I need AMS in the background to decrypt (maybe a hidden window of sorts)?

4. Summary - is the plugin only useful if an AMS5 application is running is what I'm really asking? Or, can it apply this encryption to an external source? Thanks!

Lorne
02-13-2004, 09:22 AM
Originally posted by rhosk
I do understand that it will encrypt AMS5 files. I get that. Now, my questions.
Actually it will encrypt any files you want. Not specifically AMS5 files (as in, data files). Think of it in terms of an action like, say, File.Open or something. You get two actions to do blowfish encryption, for example:

Crypto.BlowfishEncrypt (string Source, string Destination, string Key);
Crypto.BlowfishDecrypt (string Source, string Destination, string Key);

For both actions you specify the source file, destination file, and a key.


1. Does it decrypt them as it's dropping the files to the temp directory (will the end user then be able to still open/look at all the files in the structure?)?It decrypts them wherever you want, whenever you want. :)

It pretty much goes without saying that when you decrypt a file on the user's system, they will be able to read that file if they're savvy enough. The best you can do is delete it as soon as you're done with it. (You can place it somewhere out of the way, too, but there are free tools out there to monitor file I/O so again a savvy user could get around this.)

Generally you will only be decrypting files once you've determined the user has the right to view them.


2. Can you encrypt external files without the need of the AMS runtime environment? IOW, could I say, encrypt an executable file that can be run independant of an AMS5 app?I'm not quite sure what you're asking. Can you make your AutoPlay app encrypt or decrypt an external file? Sure. Can you encrypt or decrypt a file using the plugin on its own, without AutoPlay? Uh, no...the plugin plugs into AutoPlay, it doesn't work on its own.


3. Or conversely, would I need AMS in the background to decrypt (maybe a hidden window of sorts)?You can easily build a standalone encryption or decryption tool using AutoPlay, even a command-line one if you wanted. The plugin uses a standard blowfish encryption algorithm, btw, so you should also be able to use any 3rd party tool to encrypt/decrypt the files (so long as you provide the same encryption key).


4. Summary - is the plugin only useful if an AMS5 application is running is what I'm really asking? Or, can it apply this encryption to an external source? Thanks!The plugin adds additional actions to AMS5. It isn't a standalone program, although you can use it to build one in AMS5 if you want.

rhosk
02-13-2004, 09:26 AM
Thanks Lorne, you've totally sold me. I'm sure I'll be back with more questions as I use it.

rhosk
02-13-2004, 10:24 AM
OK, here's the first dumb question, sorry.

Is Base-64 encode for text files only?

I ask because I tried to encode an executable and the encode seemed to work (added a couple megs to it?), but the decode failed.

rhosk
02-13-2004, 11:35 AM
Update - Blowfish encoded & decoded an executable :)

Base64 doesn't seem to be able to do it. Sorry for being so lame, but I'm sure there's a simple explanantion for a beginner like me. What's the "basic" difference?

Lorne
02-13-2004, 12:04 PM
Blowfish encrypts data so it can't be accessed until it is decrypted.

Base64 encodes data so it can be transmitted as text.

Base64 is usually how file attachments are sent via email, btw.

It's just a standard method of representing arbitrary binary data (like an executable or whatever) using the 64 most compatible ASCII characters in the world, i.e. the 64 ASCII characters that are virtually universal to all character sets.

Base64 isn't meant to be used for encryption on its own...it's essentially a method to store a non-text file inside a string. It can be useful for encryption, though...for example, as a means of packaging a blowfish-encrypted file so that it can be emailed to someone.

You should be able to base64 encode and decode an executable without any problems.

rhosk
02-13-2004, 12:15 PM
Thanks again.

CWRIGHT
02-13-2004, 03:44 PM
Hi Lorne,

Sorry to ask for confirmation, but is this definitely correct?:


The plugin uses a standard blowfish encryption algorithm, btw, so you should also be able to use any 3rd party tool to encrypt/decrypt the files (so long as you provide the same encryption key).

I was under the impression that the blowfish implementation IR had used in the plug-in was customised slightly. For example if I encrypt a text file, and view the encrypted contents, it includes a flag -- IRBlowfish.

If a 3rd party tool can decrypt the files I encrypt with AMS that will be a real bonus for my current project.

Thanks
CW

Lorne
02-19-2004, 01:41 PM
Originally posted by CWRIGHT
I was under the impression that the blowfish implementation IR had used in the plug-in was customised slightly. For example if I encrypt a text file, and view the encrypted contents, it includes a flag -- IRBlowfish.

If a 3rd party tool can decrypt the files I encrypt with AMS that will be a real bonus for my current project.

Thanks
CW
You're right, it does include a short header at the beginning of the file. The header consists of the identifying string "IRBlowfish" followed by a single DWORD containing the size of the unencrypted data. So, a 14-byte header.

If you chop off the first 14 bytes of the data file, you can pass the remaining data to any blowfish decrypter.

Lua has a bunch of IO routines which you could use in AutoPlay to trim off the file header. They aren't covered in the AutoPlay documentation, and aren't supported by IR...but you should be able to find enough information at the lua website to get the job done.

Corey
02-19-2004, 01:45 PM
Tales from decrypter.

Corey Milner
Creative Director, Indigo Rose Software (http://www.indigorose.com)

Lorne
02-19-2004, 03:07 PM
Originally posted by Corey
Tales from decrypter.

:)

Intrigued
02-19-2004, 05:30 PM
Thank you for explaining this Lorne. Another thread where another user asked a question(s) I too was wondering.

Lorne
02-20-2004, 12:43 AM
Actually, that might not be a bad suggestion for anotehr action. If I ever get the opportunity to do another version of the plugin, I'll try to remember to add an option to remove the header.

CWRIGHT
02-20-2004, 01:47 AM
Thanks Lorne, this is really useful info.

If you do ever get the opportunity to enhance the plug-in, an action to encrypt and decrypt a string would also be great. :)

Lorne
02-20-2004, 08:44 AM
The problem with encrypting and decrypting a string is that you can't store binary data in a string without encoding it.

I thought of adding a couple actions like "BlowfishEncryptAndBase64Encode" and "BlowfishDecryptAndBase64Decode" but shelved it until we saw whether there was any interest in this sort of thing.

Workaround:
You can do it right now, of course, by writing the string to a temporary text file, then blowfish encrypting that, and then base64 encoding the file to get it back into string form.

When you want to take it back the other way, base64 decode the string, blowfish decrypt the file, and then read in the text from the resulting text file.

CWRIGHT
02-20-2004, 09:24 AM
Thanks, the workaround is a good suggestion.