Data encryption and wx Topic is solved

[vasek]

Is there any way to encrypt/decrypt data using wx? Let's start with CBC/ECB modes of AES. I know there are possibilities to do this in multiplatform way but I haven't seen any using wxWidgets.

[Jorg]

I don't think there is. However you could write an wxInputStream or wxOutputStream derived class that handles encryption. I would surely be interested in it .. Using the streams has the huge advantage you can chain them together to first compress your data with a wxZlibOutputStream and then send it through a crypt stream.

- Jorgen

[priyank_bolia]

Bitwise Im uses cryto library, hopes it help you also.

[priyank_bolia]

Hi all,
Can't we write a new ones or make a wrapper around some existing libraries, I have some basic idea about encryption.

[vasek]

To be honest, I don't like streams (something that often has neither beginning nor end is scaring). I code software for proprietary hardware and I can't accept any form of 'smart' buffering in any way, so streams are not exactely what I need. But of course, encrypted and compressed stream is very neat solution and to be honest, I will think of it.

[vasek]

Hi all,
Can't we write a new ones or make a wrapper around some existing libraries, I have some basic idea about encryption.

What idea do you mean? Any good would be cool!

[priyank_bolia]

basic idea means basic knowledge, I had worked on DES and MD5.

[Jorg]

Ofcourse a stream has a beginning and an end. When it's destroyed it is ended. When it begins, is the first time you are writing or reading from it. You simply have to keep an internal state of your data. In case of seekable streams, that will be hard with encryption and archiving.

A very simple encryption stream can be (override wxOutputStream):

Code: Select all

YourCryptOutputStream::Write(void *ptr, size_t size)
{
  if(size > 0)
  {
      unsigned char *tmpbuf = new unsigned char[size];

      if(m_firstTimeWrite)
      { 
           m_lastByte = 0xabcd;
           m_firstTimeWrite = false;
      }
      
      for(size_t i = 0; i < size; i++)
     { 
        tmpbuf[i] ^= m_lastbyte;
        m_lastbyte = tmpbuf[i];
     }

     m_ostr.Write(tmpbuf, size);

     delete[] tmpbuf;
  }
}

Which is a VERY LAME xor based crypter that takes the previous byte and xors it with the current. When you keep state and you know the last byte you read you can continue decrypting it later. It is even seekable, because when the position > 0 the byte before the current can always be consulted for the last seed. This is ofcourse by no means encryption, but only to illustrate how easy a stream can be.

And you construct the stream giving it an wxOutputStream as argument, which can be a file. Like;

Code: Select all

wxFileOutputStream outfile("somename.txt");
YourCryptOutputStream crypter(outfile);

crypter.Write(your_buffer, your_size);

The big advantage is you can write to memory, sockets, files, zlib streams, into strings etc. When you are ysing a raw buffer approach you are always converting from one to the other.

- Jorgen

[Jorg]

Addition to my post, it would ofcourse be better to give a start passphrase to the stream create function like;

Code: Select all

wxFileOutputStream outfile("somename.txt");
YourCryptOutputStream crypter(outfile, _T("your start passphrase");

crypter.Write(your_buffer, your_size);

Which ofcourse you do not hard code like this in your software or use an MD5 algoritm to create a hash code that you use.

[vasek]

Well, thanks Jorg for your ideas, I'll consider everything you wrote.

Just curious about performance - when writing e.g. into string, how can be stringbuffer aware of amount of incoming data? Is it allocated with certain granularity and resized if needed? Is there any 'hint' for stream to tell it 'here are 10 bytes for you, 4kB will follow'? I've noticed you are experienced stream user, so I hope you know the truth

[Jorg]

Yep wxString works with granularity. It allocates a certain number of bytes. Not on the first go (I think the footprint is 32 bytes for an empty string) but with subsequent calls it will allocate a certain amount.

For a stream that works the same. You are in no way obliged to send all the data you get right away. For example if your encryption algoritm works on blocks of 32 bytes, you can keep them in your internal buffer, and write when there is more on the way.

Just remember to write the last bits when you are destroyed or closed. You can even make it an adaptive learning stream and remember the last block size and keep that pre-allocated in mem for subsequent calls.

Regards,
- Jorgen

[blockn102]

Bitwise Im uses cryto library, hopes it help you also.

Is it open source?

[DavidKlecker]

Is it possible to do this to a database? For example, say I wanted to encrypt a database so the end-user cannot read it (done for copyright purposes) but the application can still decrypt the database and read it as normal. Sure I have the extra step of decrypting but hopefully that's not a large performance hit.

Thanks!

[priyank_bolia]

@DavidKlecker
Which database you are using, most of the database provides inbuilt encryption, I guess ORACLE, SQLite, etc.
Why you want to encrypt the files, use DB encryption instead.

[Jorg]

I think if you use SQLite you can (as suggested before somewhere on this forum) specify it to be encryptd automatically.

http://www.hwaci.com/sw/sqlite/see.html

Too funny how it is called "SEE" while it's purpose is that you can't see a bloody thing afterwards

With regards,
- Jorgen