Hello,
I'm working on a application that stores some sensitive informations in its local preferences file, and I would like these infos to be somehow encrypted... and of course decrypted by the application when it reads the file.
Which kind of script do you think I could use for the encryption part?
I saw the LC encrypt command but I'm not sure what is the best way to use it, and what cipher use.
Thank you.
Encrypted local preferences?
Moderators: FourthWorld, heatherlaine, Klaus, kevinmiller
-
- VIP Livecode Opensource Backer
- Posts: 366
- Joined: Mon Jun 10, 2013 1:32 pm
Re: Encrypted local preferences?
Hi,
Don't over complicate, anybody who will spend time reverse engineering a 128 bit password will spend time with 256 (blowfish allows upto 448 bit encryption) - Unless you are in the gun sights of gchq or the NSA don't waste too much time.
Blowfish is adequate - there are no backdoors in it (it is public domain) whatever they said on the tv series "24"- but it can be broken if you are an intelligence agency, although if you have a key/passcode larger than 10 characters which has lower, upper characters, numbers and special characters , they will be there for some time
Anyway here is what I use short and simple
I use it to store the name of the customer of my program as it will appear on receipts/invoices and welcome messages on screen.
They can give a copy to someone and they can use it as long as they want - but all Documents will show the original purchasers information.
As an added bit of encryption I base64 encoded the text before I call the encryption.
If they change the gobbledygook stored in the field the program notices and replaces the customer info with "Ubregistered copy " and my company and phone number
example :
Regards Lagi
Don't over complicate, anybody who will spend time reverse engineering a 128 bit password will spend time with 256 (blowfish allows upto 448 bit encryption) - Unless you are in the gun sights of gchq or the NSA don't waste too much time.
Blowfish is adequate - there are no backdoors in it (it is public domain) whatever they said on the tv series "24"- but it can be broken if you are an intelligence agency, although if you have a key/passcode larger than 10 characters which has lower, upper characters, numbers and special characters , they will be there for some time

Anyway here is what I use short and simple
Code: Select all
-- pass the text/characters you want encrypted with a passcode
function BFencrypt pText pPass
encrypt pText using "blowfish" with pPass at 128 bit
return it
end BFencrypt
function BFDecrypt pText pPass
decrypt pText using "blowfish" with pPass at 128 bit
return it
end BFDecrypt
I use it to store the name of the customer of my program as it will appear on receipts/invoices and welcome messages on screen.
They can give a copy to someone and they can use it as long as they want - but all Documents will show the original purchasers information.
As an added bit of encryption I base64 encoded the text before I call the encryption.
If they change the gobbledygook stored in the field the program notices and replaces the customer info with "Ubregistered copy " and my company and phone number
example :
Code: Select all
-- I base64 encoded mine - I think because there might have been problems with characters passed back by the encryption if memory serves me right. Base64 doesn't save quote characters and other squiggleys that might cause problems with SQL.
put if BFDecrypt(base64decode(custname),"passcode") into lcCustname
if lcCustname is empty then
put ACME HOLDINGS Unregistered Copy - Phone: " && "666666" into lcShopName
put "UNREGISTERED" into lcVatnum
put "ACME 666666 " into lcTel
end if
Re: Encrypted local preferences?
Thank you very much Lagi, that's exactly what I was looking for 
