Questions @Encrypt Plugin

Re: Questions @Encrypt Plugin

Actually it will encrypt any files you want. Not specifically AMS5 files (as in, data files). Think of it in terms of an action like, say, File.Open or something. You get two actions to do blowfish encryption, for example:

Crypto.BlowfishEncrypt (string Source, string Destination, string Key);
Crypto.BlowfishDecrypt (string Source, string Destination, string Key);

For both actions you specify the source file, destination file, and a key.

It decrypts them wherever you want, whenever you want.

It pretty much goes without saying that when you decrypt a file on the user's system, they will be able to read that file if they're savvy enough. The best you can do is delete it as soon as you're done with it. (You can place it somewhere out of the way, too, but there are free tools out there to monitor file I/O so again a savvy user could get around this.)

Generally you will only be decrypting files once you've determined the user has the right to view them.

I'm not quite sure what you're asking. Can you make your AutoPlay app encrypt or decrypt an external file? Sure. Can you encrypt or decrypt a file using the plugin on its own, without AutoPlay? Uh, no...the plugin plugs into AutoPlay, it doesn't work on its own.

You can easily build a standalone encryption or decryption tool using AutoPlay, even a command-line one if you wanted. The plugin uses a standard blowfish encryption algorithm, btw, so you should also be able to use any 3rd party tool to encrypt/decrypt the files (so long as you provide the same encryption key).

The plugin adds additional actions to AMS5. It isn't a standalone program, although you can use it to build one in AMS5 if you want.

Thanks Lorne, you've totally sold me. I'm sure I'll be back with more questions as I use it.

OK, here's the first dumb question, sorry.

Is Base-64 encode for text files only?

I ask because I tried to encode an executable and the encode seemed to work (added a couple megs to it?), but the decode failed.

Update - Blowfish encoded & decoded an executable

Base64 doesn't seem to be able to do it. Sorry for being so lame, but I'm sure there's a simple explanantion for a beginner like me. What's the "basic" difference?

Blowfish encrypts data so it can't be accessed until it is decrypted.

Base64 encodes data so it can be transmitted as text.

Base64 is usually how file attachments are sent via email, btw.

It's just a standard method of representing arbitrary binary data (like an executable or whatever) using the 64 most compatible ASCII characters in the world, i.e. the 64 ASCII characters that are virtually universal to all character sets.

Base64 isn't meant to be used for encryption on its own...it's essentially a method to store a non-text file inside a string. It can be useful for encryption, though...for example, as a means of packaging a blowfish-encrypted file so that it can be emailed to someone.

You should be able to base64 encode and decode an executable without any problems.

Thanks again.

Hi Lorne,

Sorry to ask for confirmation, but is this definitely correct?:

I was under the impression that the blowfish implementation IR had used in the plug-in was customised slightly. For example if I encrypt a text file, and view the encrypted contents, it includes a flag -- IRBlowfish.

If a 3rd party tool can decrypt the files I encrypt with AMS that will be a real bonus for my current project.

Thanks
CW

You're right, it does include a short header at the beginning of the file. The header consists of the identifying string "IRBlowfish" followed by a single DWORD containing the size of the unencrypted data. So, a 14-byte header.

If you chop off the first 14 bytes of the data file, you can pass the remaining data to any blowfish decrypter.

Lua has a bunch of IO routines which you could use in AutoPlay to trim off the file header. They aren't covered in the AutoPlay documentation, and aren't supported by IR...but you should be able to find enough information at the lua website to get the job done.

Tales from decrypter.

Corey Milner
Creative Director, Indigo Rose Software

Thank you for explaining this Lorne. Another thread where another user asked a question(s) I too was wondering.

Actually, that might not be a bad suggestion for anotehr action. If I ever get the opportunity to do another version of the plugin, I'll try to remember to add an option to remove the header.

Thanks Lorne, this is really useful info.

If you do ever get the opportunity to enhance the plug-in, an action to encrypt and decrypt a string would also be great.

The problem with encrypting and decrypting a string is that you can't store binary data in a string without encoding it.

I thought of adding a couple actions like "BlowfishEncryptAndBase64Encode" and "BlowfishDecryptAndBase64Decode" but shelved it until we saw whether there was any interest in this sort of thing.

Workaround:
You can do it right now, of course, by writing the string to a temporary text file, then blowfish encrypting that, and then base64 encoding the file to get it back into string form.

When you want to take it back the other way, base64 decode the string, blowfish decrypt the file, and then read in the text from the resulting text file.