 |
|
|
I've found CXR to be quite useful, but its Windows-only MFC-dependencies are a blocker. I've removed the MFC dependencies (it now uses STL) and made it buildable cross-platform (using CMake).
This cross-platform branch of CXR is now up on Google Code here.
|
|
|
|
|
|
|
is it possible to do something like this:
void print(char* str);
print(_CXR("Encrypted"));
By this i mean to say, is it possible to encrypt the strings directly instead of adding them one by one to the .cxr file?
|
|
|
|
|
|
|
nope.
i think to do that, you'd need to do the encryption as part of the compiler's pre-processor step (when it processes all your macros and #includes), instead of as a pre-build step as CXR does. i don't if VC even allows that kind of integration.
but, see one of the comments below - the poster shows how to do a preproc encryption trick.
-- modified at 13:05 Friday 20th July, 2007
|
|
|
|
|
|
|
hi
i get some errors when i use this in the properties of the .cxr file(by right clicing on it in vs05):
cl /EP /C $(InputDir)$(InputFileName)>$(InputDir)$(InputName).i
$(InputDir)cxr.exe -i $(InputDir)$(InputName).i -o $(InputDir)$(InputName).cpp
del $(InputDir)$(InputName).i
These are the errors:
Performing Custom Build Step
Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 14.00.50727.42 for 80x86
Copyright (C) Microsoft Corporation. All rights reserved.
Documents
and
c1 : fatal error C1083: Cannot open source file: 'c:\Documents': Permission denied
My
c1 : fatal error C1083: Cannot open source file: 'and': No such file or directory
c1 : fatal error C1083: Cannot open source file: 'Settings\-----.HOMIE\My': No such file or directory
Visual
Studio
c1 : fatal error C1083: Cannot open source file: 'Documents\Visual': No such file or directory
strings.cxr
c1 : fatal error C1083: Cannot open source file: 'Studio': No such file or directory
c1 : fatal error C1083: Cannot open source file: '2005\Projects\Dope\Dope\Encrypt\strings.cxr': No such file or directory
and
My
c1 : fatal error C1083: Cannot open source file: 'and': No such file or directory
Visual
c1 : fatal error C1083: Cannot open source file: 'Settings\-----.HOMIE\My': No such file or directory
c1 : fatal error C1083: Cannot open source file: 'Documents\Visual': No such file or directory
Studio
strings.i
c1 : fatal error C1083: Cannot open source file: 'Studio': No such file or directory
c1 : fatal error C1083: Cannot open source file: '2005\Projects\Dope\Dope\Encrypt\strings.i': No such file or directory
'c:\Documents' is not recognized as an internal or external command,
operable program or batch file.
The system cannot find the path specified.
Project : error PRJ0019: A tool returned an error code from "Performing Custom Build Step"
Could someone please help me to resolve this error?
Thanks
|
|
|
|
|
|
|
looks like you need some double quotes around $(InputDir)$(InputFileName).
|
|
|
|
|
|
|
Hi,
I like your idea, in fact I recently implemented the same thing myself in order to hide some Easter eggs in one of my tools to make it a little tougher to find.
There are however two problems I have with this implementation. First, I keep getting this error:
CPULED error PRJ0019: A tool returned an error code from "Performing Custom Build Step"
No matter what I do it won't work. (Yes, I've checked the command line arguments, yes I've changed it to $ProjectDir, and so on.) I can successfully run it from the command line but VS.NET always complains.
Second, and more importantly, it does not work for arrays, structs, and so on. It can (currently) only be used with standalone string variables like:
const char* pString1 = _CXR("Foo");
I tried to use it in an array:
const CString somestrings[]={
_CXR("Foo")
, _CXR("Bar")
, _CXR("Baz")
};
But that would not work because _CXR(Decrypt?) requires the terminating semi-colon. The resulting code does not compile.
I'm sure CXR is easy enough to make completely portable and even more useful than it is but for the time being (or until I can figure out how to get CXR working), I'll stick with mine.
Oh, and in reference to the proof of concept using the preprocessor to XOR encrypt strings, just today I was reading a text on computer security and not 10 minutes before I read that post, I read a chapter on encryption and how the old XOR against a fixed key method is just a bad idea (as mentioned in the post.)
My method is no more secure than either of these two presented here (besides, a resource-editor can still display the encrypted strings—or not! I just tried a couple with one of my encrypted apps and they did not show up in any of the strings tables. Weird!  ) but obviosly for our uses they work well enough. 
--
Synetech
-- modified at 11:16 Tuesday 23rd May, 2006
|
|
|
|
|
|
|
1.) In cxr_inc.h in order for CString to be declared, I added
#include "afx.h"
2.) In CXR project properties, changed /ZI to /Zi on the compiler command line (this is the same as changing "Program Database for Edit and Continue" to just "Program Database") since this setting is incompatible with having incremental linking OFF.
3.) Since the StdAfx.cpp was giving me this error: "WINVER not defined. Defaulting to 0x0501 (Windows XP and Windows .NET Server)". I looked up WINVER. Directions here say to do #define WINVER 0x0400 in StdAfx.h.
4.) Eliminated a "signed/unsigned" compiler warning in CmdLine.cpp by using static_cast on an int to change it to a "size_type". You'll know which line of code it is if you get this warning.
5.) Had to do static_cast on a bunch of stuff in CXR.cpp where an int needed to be a TCHAR.
-- modified at 16:48 Thursday 2nd March, 2006
6.) In the custom build step directions given by the author, I had to change $(ProjDir) to $(ProjectDir) (maybe this is a difference between VC6 and VC7.1).
-- modified at 17:55 Thursday 2nd March, 2006
Although the included "Test" app works, I can't get it to work in my code without some linker errors on AFX stuff. I am not trying to do MFC stuff in my code. I might have to rewrite CXR to use standard C++ <string> instead.
|
|
|
|
|
|
|
I rewrote all the source to use STL classes instead of MFC. I didn't want to use MFC, and it's not portable anyway. If anyone is interested, here is the source. I apologize in advance if the Code Project comment engine screws up any of the code as I try to post it.
CXR_standard.cpp:
// CXR_Standard.cpp
//
// BASED ON code from Smaller Animals Software. Their copyright notice
// follows. Usage: CXR -i [filename.cpp] -o [filename.cpp]
//
//********************************************************************
//
// Copyright (C) 2002 Smaller Animals Software, Inc.
//
// This software is provided 'as-is', without any express or implied
// warranty. In no event will the authors be held liable for any damages
// arising from the use of this software.
//
// Permission is granted to anyone to use this software for any purpose,
// including commercial applications, and to alter it and redistribute it
// freely, subject to the following restrictions:
//
// 1. The origin of this software must not be misrepresented; you must not
// claim that you wrote the original software. If you use this software
// in a product, an acknowledgment in the product documentation would be
// appreciated but is not required.
//
// 2. Altered source versions must be plainly marked as such, and must not be
// misrepresented as being the original software.
//
// 3. This notice may not be removed or altered from any source distribution.
//
// http://www.smalleranimals.com
// smallest@smalleranimals.com
//
//*********************************************************************
#include "stdafx.h"
#include <string>
#include <iostream>
#include <fstream>
#include <time.h>
#include "Tokenizer.h"
#include "Stream.h"
using namespace std;
static bool ProcessFile(ifstream &in, const string &strInFilename, ofstream &out, const string &strOutFilename);
static bool AddDecode(const string &strPassword, ofstream &out);
static string Encrypt(const string &strIn, const char* pPass);
static string Decrypt(const char* pIn, const char* pPass);
static bool ExpandOctal(const string &strIn, string &strOut, int &iConsumed);
static string TranslateString(const string &strIn);
static bool ExpandHex(const string &strIn, string &strOut, int &iConsumed);
static string EscapeString(const char* pIn);
// The basechar is added/subtracted with every character as part of the
// encrypt/decrypt process, but for what -- obfuscation?
// These can be adjusted in the range 1 to 239:
const int basechar1 = 128;
const int basechar2 = 128;
int _tmain(int argc, _TCHAR* argv[])
{
int nRetCode = 0;
srand((unsigned int)time(NULL));
cerr << _T("Starting CXR, the literal string encryptor. Copyright 2002, Smaller Animals Software Inc.") << endl;
if ((basechar1 == 0) || (basechar2 == 0) || (basechar1 > 239) || (basechar2 > 239))
{
cerr << _T("CXR basechar values out of acceptable range. Aborting") << endl;
nRetCode = 1;
return nRetCode;
}
if (argc >= 2)
{
//TODO: Smarter command line argument parsing:
string strInFile = argv[2];
string strOutFile = argv[4];
if (!strInFile.empty() && !strOutFile.empty())
{
// open the input file (always an ANSI file)
ifstream fileIn;
// open the output file (always an ANSI file)
ofstream fileOut;
fileIn.open(strInFile.c_str(), ios::in);
if(fileIn.is_open())
{
fileOut.open(strOutFile.c_str(), ios::trunc | ios::out);
if(fileOut.is_open())
{
if (!ProcessFile(fileIn, strInFile, fileOut, strOutFile))
{
cerr << _T("CXR failed") << endl;
nRetCode = 1;
}
}
else
{
cerr << _T("Unable to open output file: ") << strOutFile << endl;
nRetCode = 1;
}
}
else
{
cerr << _T("Unable to open input file: ") << strInFile << endl;
nRetCode = 1;
}
if (nRetCode==0)
{
cerr << _T("CXR created: ") << strOutFile << endl;
}
}
else
{
cerr << _T("Not enough parameters.") << endl;
cerr << _T("Usage: CXR -i [filename.cpp] -o [filename.cpp]") << endl;
nRetCode = 1;
}
}
else
{
cerr << _T("Not enough parameters.") << endl;
cerr << _T("Usage: CXR -i [filename.cpp] -o [filename.cpp]") << endl;
nRetCode = 1;
}
return nRetCode;
}
///////////////////////////////////////////////////////////////////////////////
// ProcessFile - Process a .CXR file (containing plaintext string literals)
// into C++ source files (containing the encrypted equivalent
// strings).
//
bool ProcessFile(ifstream &in, const string &strInFilename, ofstream &out, const string &strOutFilename)
{
// Note: do not use TCHAR or _T() here. Do this all with single-byte char
// and string only, because we are writing source code here and source code
// is ANSI text.
enum {eStateWantPassword, eStateHavePassword, };
int iState = eStateWantPassword;
string strPassword;
string strLine;
char* pMetachars = "/\\=();'";
char* pKeyWords[3] = {"//", "_CXR", "CXRP"};
CTokenizer tokenizer(pKeyWords, 3, pMetachars, (int)strlen(pMetachars));
int iErr = CTokenizer::eErrorNone;
bool ok = true;
out << "/////////////////////////////////////////////////////////////\n"
<< "// "
<< strOutFilename
<< "\n//\n"
<< "// This file was generated by CXR, the literal string encryptor.\n"
<< "// CXR, Copyright 2002, Smaller Animals Software, Inc., all rights reserved.\n"
<< "//\n"
<< "// Please do not edit this file. Any changes here will be overwritten on the next compile.\n// If you wish to make changes to a string, please edit:\n// "
<< strInFilename
<<"\n//\n"
<< "\n/////////////////////////////////////////////////////////////\n\n"
<< "#include \"stdafx.h\"\n"
<< "#include \"cxr_inc.h\"\n\n";
bool bFoundCXR = false;
do
{
if(in.eof())
break;
else
getline(in, strLine);
if (in.bad() || in.fail())
break;
switch (iState)
{
case eStateWantPassword:
iErr = tokenizer.Tokenize(strLine.c_str());
if (iErr == CTokenizer::eErrorNone)
{
if (tokenizer.GetTokenCount() >= 4)
{
// password declaration always looks like : // CXRP = "Password"
if ((tokenizer.GetToken(0).strToken == "//") &&
(tokenizer.GetToken(1).strToken == "CXRP") &&
(tokenizer.GetToken(2).strToken == "=") &&
(tokenizer.GetToken(3).bIsQuotedString))
{
// We'll use the password from the file, literally. it's not treated as
// a C string-literal, just as a section of a text file. when we
// go to write the decoder, we'll have to fix it up to make sure
// the compiler gets the same text by adding any necessary escapes.
strPassword = tokenizer.GetToken(3).strToken;
if (strPassword.empty())
{
cerr << _T("Invalid CXR password: \"") << strPassword.c_str() << _T("\"") << endl; //TODO: not gonna work in Unicode builds?
//ASSERT(0);
break;
}
iState = eStateHavePassword;
continue;
}
}
}
break;
case eStateHavePassword:
bFoundCXR = false;
iErr = tokenizer.Tokenize(strLine.c_str());
if (iErr == CTokenizer::eErrorNone)
{
if (tokenizer.GetTokenCount() > 4)
{
for (int i=0; i < tokenizer.GetTokenCount() - 4; i++)
{
// looking for _CXR ( "..." )
if ((tokenizer.GetToken(i).strToken == "_CXR") && !tokenizer.GetToken(i).bIsQuotedString &&
(tokenizer.GetToken(i + 1).strToken == "(") && !tokenizer.GetToken(i + 1).bIsQuotedString &&
(tokenizer.GetToken(i + 2).bIsQuotedString) &&
(tokenizer.GetToken(i + 3).strToken == ")") && !tokenizer.GetToken(i + 3).bIsQuotedString)
{
string strTrans = TranslateString(tokenizer.GetToken(i + 2).strToken);
string strEnc = Encrypt(strTrans, strPassword.c_str());
//string strDec = Decrypt(strEnc, strPassword.c_str()); //for debugging
out << "///////////////////////////\n#ifdef _USING_CXR\n";
//out << "//" << strDec << "\n";
// output up to _CXR
out << strLine.substr(0, tokenizer.GetToken(i).iStart);
// encrypted stuff
out << "\"" << strEnc << "\"";
// to the end of the line
out << strLine.substr(tokenizer.GetToken(i + 4).iStop)
<< "\n"
<< "#else\n"
<< strLine
<< "\n#endif\n\n";
bFoundCXR = true;
break;
} // found a good string ?
} // loop over tokens
} // > 4 tokens
} // tokenizer OK
if (bFoundCXR)
{
continue;
}
break;
} // switch
// done with it
out << strLine << "\n";
} while (1);
if (iState == eStateWantPassword)
{
cerr << _T("No password line found in input file") << endl;
return false;
}
//ASSERT(iState == eStateHavePassword);
// add the decoder functions
AddDecode(strPassword, out);
return true;
}
///////////////////////////////////////////////////////////////////////////////
// AddEncByte - Take BYTE c, obscure it by adding a base value (?), and
// append it (its value in hex characters) to string strOut
//
void AddEncByte(BYTE c, string &strOut)
{
char buf[4];
BYTE b1 = c >> 4;
BYTE b2 = c & 0x0f;
_snprintf(buf, 3, "%x", b1 + basechar1);
strOut += "\\x";
strOut += buf;
_snprintf(buf, 3, "%x", b2 + basechar1);
strOut += "\\x";
strOut += buf;
}
///////////////////////////////////////////////////////////////////////////////
// Encrypt - Given plaintext string strIn, encrypt it using password pPass
// and return it as a string of ciphertext.
//
string Encrypt(const string &strIn, const char* pPass)
{
string strOut;
// initialize out
CCXRIntEnc sap((const BYTE*)pPass, (int)strlen(pPass));
//start each string with a random char.
//because this is a stream cipher, the ciphertext of a
//string like "ABC" will be the same as the first 3 bytes
//of the ciphertext for "ABCDEFG".
//by starting with a random value, the cipher will be in a
//different state (255:1) when it starts the real text. the
//decoder will simply discard the first plaintext byte.
BYTE seed = rand() % 256;
BYTE c = sap.ProcessByte((BYTE)(seed));
AddEncByte(c, strOut);
// Ok, now encrypt and convert strIn to hex string:
for (int i=0; i < (int)strIn.length(); i++)
{
char temp = strIn.at(i);
BYTE c = sap.ProcessByte((BYTE)(temp));
AddEncByte(c, strOut);
}
return strOut;
}
///////////////////////////////////////////////////////////////////////////////
// Decrypt - Given ciphertext string pIn, decrypt using password pPass and
// return as a plaintext string.
//
string Decrypt(const TCHAR* pIn, const char* pPass)
{
string strOut;
CCXRIntDec sap((const BYTE*)pPass, (int)strlen(pPass));
int iLen = (int)strlen(pIn);
if (iLen > 2)
{
int iBufLen = (int)strlen(pIn);
if (iBufLen & 0x01)
{
cerr << _T("Illegal string length in Decrypt") << endl;
return pIn;
}
iBufLen /= 2;
for (int i=0; i < iBufLen; i++)
{
int b1 = pIn[i * 2] - basechar1;
int b2 = pIn[i * 2 + 1] - basechar2;
int c = (b1 << 4) | b2;
BYTE bc = sap.ProcessByte((BYTE)(c));
if (i>0)
strOut += (char)bc;
}
}
return strOut;
}
///////////////////////////////////////////////////////////////////////////////
// AddDecode - Write to the output source file, the decryption routines
// necessary to decrypt the strings we have encrypted.
//
bool AddDecode(const string &strPassword, ofstream &out)
{
out << "\n\n/////////////////////////////////////////////////////////////\n"
<< "// CXR-generated decoder follows\n\n"
<< "#include <algorithm>\n"
<< "const char * __pCXRPassword = \"";
// the password that encrypted the text used the literal text from the file (non-escaped \ chars).
// we need to make sure that compiler sees the same text when it gets the passowrd. so,
// we must double any "\" chars, to prevent them from becoming C-style escapes.
out << EscapeString(strPassword.c_str()) << "\";\n";
out << "const int __iCXRDecBase1 = " << basechar1 << ";\nconst int __iCXRDecBase2 = " << basechar2 << ";\n\n";
const char* szDecodingFunction =
"string __CXRDecrypt(const char* pIn)\n"\
"{\n"\
" string x; char b[3]; b[2]=0;\n"\
" CXRD sap((const BYTE*)__pCXRPassword, (int)strlen(__pCXRPassword));\n"\
" int iLen = (int)strlen(pIn);\n"\
" if (iLen > 2)\n"\
" {\n"\
" int ibl = (int)strlen(pIn);\n"\
" if (ibl & 0x01)\n"\
" {\n"\
/*" ASSERT(!\"Illegal string length in Decrypt\");\n"\*/
" return pIn;\n"\
" }\n"\
" ibl /= 2;\n"\
" for (int i=0; i < ibl; i++)\n"\
" {\n"\
" int b1 = pIn[i*2] - __iCXRDecBase1; int b2 = pIn[i*2+1] - __iCXRDecBase2;\n"\
" int c = (b1 << 4) | b2; char ch =(char)(sap.pb((BYTE)(c)));\n"\
" if (i>0)\n"\
" x += ch;\n"\
" }\n"\
" }\n"\
" return x;\n"\
"}\n";
const char* szStreamCipherFunction =
"class CCXR\n" \
"{\n" \
"protected:\n" \
" CCXR(const BYTE* key, unsigned int ks)\n" \
" {\n" \
" int i;BYTE rs;unsigned kp;\n" \
" for(i=0;i<256;i++)c[i]=i;kp=0;rs=0;for(i=255;i;i--)std::swap(c[i],c[kr(i,key,ks,&rs,&kp)]);r2=c[1];r1=c[3];av=c[5];lp=c[7];lc=c[rs];rs=0;kp=0;\n" \
" }\n" \
" inline void SC(){BYTE st=c[lc];r1+=c[r2++];c[lc]=c[r1];c[r1]=c[lp];c[lp]=c[r2];c[r2]=st;av+=c[st];}\n" \
" BYTE c[256],r2,r1,av,lp,lc; \n" \
"\n" \
" BYTE kr(unsigned int lm, const BYTE *uk, BYTE ks, BYTE *rs, unsigned *kp)\n" \
" {\n" \
" unsigned rl=0,mk=1,u;while(mk=ks){*kp=0;*rs+=ks;}u=mk&*rs;if(++rl>11)u%=lm;}while(u>lm);return u;\n" \
" }\n" \
"};\n" \
"struct CXRD:CCXR\n" \
"{\n" \
" CXRD(const BYTE *userKey, unsigned int keyLength=16) : CCXR(userKey, keyLength) {}\n" \
" inline BYTE pb(BYTE b){SC();lp=b^c[(c[r1]+c[r2])&0xFF]^c[c[(c[lp]+c[lc]+c[av])&0xFF]];lc=b;return lp;}\n" \
"};\n";
out << szStreamCipherFunction;
out << szDecodingFunction;
return true;
}
///////////////////////////////////////////////////////////////////////////////
// TranslateString - Translate C-style string escapes as documented in K&R
// 2nd, A2.5.2
//
string TranslateString(const string &strIn)
{
string strOut;
for (int i=0; i < (int)strIn.length(); i++)
{
int c = strIn.at(i); //TODO: Why even treat this as an int? Why not just char?
switch (c)
{
// normal text
default:
strOut += static_cast(c);
break;
// c-style escape
case '\\':
if (i < (int)strIn.length() - 1)
{
c = strIn.at(i + 1);
switch (c)
{
case 'n':
strOut += '\n';
break;
case 't':
strOut += '\t';
break;
case 'v':
strOut += '\v';
break;
case 'b':
strOut += '\b';
break;
case 'r':
strOut += '\r';
break;
case 'f':
strOut += '\f';
break;
case 'a':
strOut += '\a';
break;
case '\\':
strOut += '\\';
break;
case '?':
strOut += '?';
break;
case '\'':
strOut += '\'';
break;
case '\"':
strOut += '\"';
break;
case '0':
case '1':
case '2':
case '3':
case '4':
case '5':
case '6':
case '7':
{
// expand octal
int iConsumed = 0;
if (!ExpandOctal(strIn.substr(i), strOut, iConsumed))
{
cerr << _T("Invalid octal sequence: ") << _T('\"') << strIn.c_str() << _T('\"') << endl; //TODO: Not gonna work in Unicode builds?
strOut = strIn;
break;
}
i += iConsumed - 1;
}
break;
case 'x':
{
// expand hex
int iConsumed = 0;
if (!ExpandHex(strIn.substr(i), strOut, iConsumed))
{
cerr << _T("Invalid hex sequence: ") << _T('\"') << strIn.c_str() << _T('\"') << endl; //TODO: Not gonna work in Unicode builds?
strOut = strIn;
break;
}
i += iConsumed - 1;
}
break;
}
i++;
continue;
}
else
{
cerr << _T("Invalid escape sequence: ") << _T('\"') << strIn.c_str() << _T('\"') << endl; //TODO: Not gonna work in Unicode builds?
strOut = strIn;
break;
}
break;
}
}
return strOut;
}
///////////////////////////////////////////////////////////////////////////////
// ExpandOctal
//
bool ExpandOctal(const string &strIn, string &strOut, int &iConsumed)
{
// starting with the escape, we need at least one more char
if (strIn.length() < 2)
return false;
if (strIn.at(0) != '\\')
return false;
int iStart = 1;
int iCur = iStart;
string strDigits;
int c = strIn.at(iCur); //TODO: again, why represent it with an int?
while ((c >= '0') && (c <= '7'))
{
strDigits += static_cast(c);
// An escape can't hold more that 3 octal digits (K&R 2nd A2.5.2)
if (iCur == 3)
break;
iCur++;
c = strIn.at(iCur);
}
char* end;
int octval = (char)strtol(strDigits.c_str(), &end, 8);
iConsumed = (int)strDigits.length();
strOut += static_cast<char>(octval);
return true;
}
///////////////////////////////////////////////////////////////////////////////
// ExpandHex
//
bool ExpandHex(const string &strIn, string &strOut, int &iConsumed)
{
// Starting with the escape and the 'x', we need at least one more char
if (strIn.length() < 3)
return false;
if ((strIn.at(0) != _T('\\')) || (strIn.at(1) != _T('x')))
return false;
int iStart = 2;
int iCur = iStart;
string strDigits;
int c = strIn.at(iCur);
while (_istxdigit(c))
{
strDigits += static_cast<char>(c);
iCur++;
c = strIn.at(iCur);
}
char* end;
// "There is no limit on the number of digits, but the behavior is undefined
// if the resulting character value exceeds that of the largest character"
// (K&R 2nd A2.5.2)
int hex = (char)strtol(strDigits.c_str(), &end, 16);
iConsumed = (int)strDigits.length();
iConsumed++; // count the "x"
strOut += static_cast<char>(hex);
return true;
}
///////////////////////////////////////////////////////////////////////////////
// EscapeString
//
string EscapeString(const char* pIn)
{
string strOut;
int iLen = (int)strlen(pIn);
for (int i=0; i < iLen; i++)
{
strOut += pIn[i];
// Double all "\" chars
if (pIn[i] == '\\')
{
strOut += '\\';
}
}
return strOut;
}
Tokenizer.cpp:
/*********************************************************************
Copyright (C) 2002 Smaller Animals Software, Inc.
This software is provided 'as-is', without any express or implied
warranty. In no event will the authors be held liable for any damages
arising from the use of this software.
Permission is granted to anyone to use this software for any purpose,
including commercial applications, and to alter it and redistribute it
freely, subject to the following restrictions:
1. The origin of this software must not be misrepresented; you must not
claim that you wrote the original software. If you use this software
in a product, an acknowledgment in the product documentation would be
appreciated but is not required.
2. Altered source versions must be plainly marked as such, and must not be
misrepresented as being the original software.
3. This notice may not be removed or altered from any source distribution.
http://www.smalleranimals.com
smallest@smalleranimals.com
**********************************************************************/
// Tokenizer.cpp: implementation of the CTokenizer class.
//
//////////////////////////////////////////////////////////////////////
#include "stdafx.h"
#include "Tokenizer.h"
// CXR does not have comments
#undef ALLOW_COMMENTS
// strip quotes on strings, please
#undef RETURN_QUOTED_STRINGS
#ifdef ALLOW_COMMENTS
#define COMMENT_START "/*"
#define COMMENT_STOP "*/"
#endif
//////////////////////////////////////////////////////////////////////
// Construction/Destruction
//
CTokenizer::CTokenizer(char** pKeyWords, int iKeyWords, char* pMetaChars, int iMetaChars)
{
m_pKeyWords = pKeyWords;
m_iKeyWords = iKeyWords;
m_MetaChars = pMetaChars;
m_iMetaChars = iMetaChars;
}
CTokenizer::~CTokenizer()
{
}
//////////////////////////////////////////////////////////////////////
// CTokenizer::Clear() - Remove tokens
//
void CTokenizer::Clear()
{
m_tokens.clear();
}
void CTokenizer::Init()
{
Clear();
}
//////////////////////////////////////////////////////////////////////
// CTokenizer::Tokenize - Extract an array of tokens from input text
//
int CTokenizer::Tokenize(const char* pInputLine)
{
int err = eErrorNone;
Init();
int iLen = (int)strlen(pInputLine);
bool bInComment = false;
for (int i=0; i < iLen; i++)
{
string curTokenString;
bool bQuotedString = false;
int iConsumed = GetToken(pInputLine + i, curTokenString, bQuotedString);
if (iConsumed > 0)
{
//if (curTokenString.length() > 0)
{
#ifdef ALLOW_COMMENTS
if (curTokenString == COMMENT_START)
{
bInComment = true;
i+=iConsumed;
continue;
}
if (curTokenString == COMMENT_STOP)
{
if (!bInComment)
{
err = eErrorSyntax;
break;
}
bInComment = false;
i += iConsumed;
continue;
}
#endif
if (!bInComment)
{
int iStart = i;
int iStop = i + iConsumed - 1;
CSAToken curToken(curTokenString.c_str(), iStart, iStop, bQuotedString);
m_tokens.push_back(curToken);
}
}
i += iConsumed;
i--; // back up! the for iteration will increase i
continue;
}
else
{
if (IsMetaChar(*(pInputLine + i)))
{
if (!isspace(*(pInputLine + i)))
{
curTokenString.clear();
curTokenString += *(pInputLine + i);
CSAToken curToken(curTokenString.c_str(), i, (int)curTokenString.length() - 1, bQuotedString);
m_tokens.push_back(curToken);
}
}
}
}
return err;
}
//////////////////////////////////////////////////////////////////////
// CTokenizer::IsKeyWord - Asks: is this text a keyword?
//
bool CTokenizer::IsKeyWord(string &str)
{
return IsKeyWord((const char*)str.c_str());
}
//////////////////////////////////////////////////////////////////////
// CTokenizer::IsKeyWord
//
bool CTokenizer::IsKeyWord(const char* pInput)
{
if (m_pKeyWords==NULL)
{
return false;
}
int iLen = (int)strlen(pInput);
int iBestMatch = -1;
for (int i=0; i < m_iKeyWords; i++)
{
int iCurKWLen = (int)strlen(m_pKeyWords[i]);
if (iLen <= iCurKWLen)
{
if (strnicmp(m_pKeyWords[i], pInput, iCurKWLen)==0)
{
iBestMatch = i;
}
}
}
if (iBestMatch==-1)
{
#ifdef ALLOW_COMMENTS
if (CSAScrUtil::sa_strnicmp(COMMENT_START, pInput, strlen(COMMENT_START))==0)
{
iBestMatch = m_iKeyWords + 1;
}
if (CSAScrUtil::sa_strnicmp(COMMENT_STOP, pInput, strlen(COMMENT_STOP))==0)
{
iBestMatch = m_iKeyWords + 2;
}
#endif
}
return (iBestMatch != -1);
}
//////////////////////////////////////////////////////////////////////
// CTokenizer::GetToken - find the next token in the string
//
int CTokenizer::GetToken(const char* pInput, string &out, bool &bQuotedString)
{
int iLen = (int)strlen(pInput);
bool bFoundChars = false;
bool bScanningMetaKW = false;
bool bInQuotes = false;
bQuotedString = false;
char c;
for (int iWS = 0; iWS < iLen; iWS++)
{
c = *(pInput + iWS);
if (!isspace(c))
break;
if (!iscntrl(c))
break;
}
for (int i=iWS; i 1)
return false;
char c = str.at(0);
for (int i=0; i < m_iMetaChars; i++)
{
if (c == m_MetaChars[i])
return true;
}
return false;
}
//////////////////////////////////////////////////////////////////////
// CTokenizer::Dump
//
void CTokenizer::Dump()
{
CSATokenVector::iterator theIterator;
int i=0;
for (theIterator = m_tokens.begin(); theIterator < m_tokens.end(); theIterator++)
{
//If you're interested in debug output, re-implement this to suit you:
//TRACE("%d [%d-%d] : \"%s\"\n", i++, (*theIterator).iStart, (*theIterator).iStop, (const TCHAR *)((*theIterator).csToken));
}
}
//////////////////////////////////////////////////////////////////////
// Operator overloading
//
bool operator < (const CSAToken &a, const CSAToken &b)
{
return (a.iStart < b.iStart);
}
bool operator == (const CSAToken &a, const CSAToken &b)
{
return (a.iStart == b.iStart);
}
cxr_inc.h:
/*********************************************************************
Copyright (C) 2002 Smaller Animals Software, Inc.
This software is provided 'as-is', without any express or implied
warranty. In no event will the authors be held liable for any damages
arising from the use of this software.
Permission is granted to anyone to use this software for any purpose,
including commercial applications, and to alter it and redistribute it
freely, subject to the following restrictions:
1. The origin of this software must not be misrepresented; you must not
claim that you wrote the original software. If you use this software
in a product, an acknowledgment in the product documentation would be
appreciated but is not required.
2. Altered source versions must be plainly marked as such, and must not be
misrepresented as being the original software.
3. This notice may not be removed or altered from any source distribution.
http://www.smalleranimals.com
smallest@smalleranimals.com
**********************************************************************/
#pragma once
#include <string>
using namespace std;
#define _USING_CXR
#ifndef _USING_CXR
#define _CXR(x) x
#else
#define _CXR(x) __CXRDecrypt(x)
extern string __CXRDecrypt(const char* pIn);
#endif
stdafx.h:
// stdafx.h : include file for standard system include files,
// or project specific include files that are used frequently, but
// are changed infrequently
//
#pragma once
#include <iostream>
#include <tchar.h>
// TODO: reference additional headers your program requires here
Stream.h:
/*********************************************************************
Copyright (C) 2002 Smaller Animals Software, Inc.
This software is provided 'as-is', without any express or implied
warranty. In no event will the authors be held liable for any damages
arising from the use of this software.
Permission is granted to anyone to use this software for any purpose,
including commercial applications, and to alter it and redistribute it
freely, subject to the following restrictions:
1. The origin of this software must not be misrepresented; you must not
claim that you wrote the original software. If you use this software
in a product, an acknowledgment in the product documentation would be
appreciated but is not required.
2. Altered source versions must be plainly marked as such, and must not be
misrepresented as being the original software.
3. This notice may not be removed or altered from any source distribution.
http://www.smalleranimals.com
smallest@smalleranimals.com
**********************************************************************/
/*
modified by Chris Losinger for Smaller Animals Software, Inc.
*/
// Sapphire.cpp -- modified by Wei Dai from:
/* Sapphire.cpp -- the Saphire II stream cipher class.
Dedicated to the Public Domain the author and inventor:
(Michael Paul Johnson). This code comes with no warranty.
Use it at your own risk.
Ported from the Pascal implementation of the Sapphire Stream
Cipher 9 December 1994.
Added hash pre- and post-processing 27 December 1994.
Modified initialization to make index variables key dependent,
made the output function more resistant to cryptanalysis,
and renamed to CPASapphire II 2 January 1995
*/
#pragma once
typedef unsigned char BYTE;
class CCXRIntBase
{
protected:
CCXRIntBase(const BYTE* key, unsigned int ks)
{
int i;BYTE rs;unsigned kp;
for(i=0;i<256;i++)c[i]=i;kp=0;rs=0;for(i=255;i;i--)std::swap(c[i],c[kr(i,key,ks,&rs,&kp)]);r2=c[1];r1=c[3];av=c[5];lp=c[7];lc=c[rs];rs=0;kp=0;
}
inline void SC(){BYTE st=c[lc];r1+=c[r2++];c[lc]=c[r1];c[r1]=c[lp];c[lp]=c[r2];c[r2]=st;av+=c[st];}
BYTE c[256],r2,r1,av,lp,lc;
BYTE kr(unsigned int lm, const BYTE *uk, BYTE ks, BYTE *rs, unsigned *kp)
{
unsigned rl=0,mk=1,u;
while(mk=ks){*kp=0;*rs+=ks;}u=mk&*rs;
if(++rl>11)u%=lm;}while(u>lm);
return u;
}
};
struct CCXRIntDec:CCXRIntBase
{
CCXRIntDec(const BYTE *userKey, unsigned int keyLength=16) : CCXRIntBase(userKey, keyLength) {}
inline BYTE ProcessByte(BYTE b){SC();lp=b^c[(c[r1]+c[r2])&0xFF]^c[c[(c[lp]+c[lc]+c[av])&0xFF]];lc=b;return lp;}
};
struct CCXRIntEnc:CCXRIntBase
{
CCXRIntEnc(const BYTE *userKey, unsigned int keyLength=16) : CCXRIntBase(userKey, keyLength) {}
inline BYTE ProcessByte(BYTE b){SC();lc=b^c[(c[r1]+c[r2])&0xFF]^c[c[(c[lp]+c[lc]+c[av])&0xFF]];lp=b;return lc;}
};
Tokenizer.h:
/*********************************************************************
Copyright (C) 2002 Smaller Animals Software, Inc.
This software is provided 'as-is', without any express or implied
warranty. In no event will the authors be held liable for any damages
arising from the use of this software.
Permission is granted to anyone to use this software for any purpose,
including commercial applications, and to alter it and redistribute it
freely, subject to the following restrictions:
1. The origin of this software must not be misrepresented; you must not
claim that you wrote the original software. If you use this software
in a product, an acknowledgment in the product documentation would be
appreciated but is not required.
2. Altered source versions must be plainly marked as such, and must not be
misrepresented as being the original software.
3. This notice may not be removed or altered from any source distribution.
http://www.smalleranimals.com
smallest@smalleranimals.com
**********************************************************************/
#pragma once
#include <vector>
#include <iterator>
#pragma warning(disable:4786)
using namespace std ;
using namespace std::rel_ops ;
//////////////////////////////////////////////////////////////////////
class CSAToken
{
public:
CSAToken()
{
iStart = iStop = -1;
bIsQuotedString = false;
}
CSAToken(const char* p, int x, int y, bool q)
{
strToken = p;
iStart = x;
iStop = y;
//ASSERT(x <= y);
bIsQuotedString = q;
}
string strToken;
int iStart;
int iStop;
bool bIsQuotedString;
};
//////////////////////////////////////////////////////////////////////
typedef vector<CSAToken> CSATokenVector;
//////////////////////////////////////////////////////////////////////
class CTokenizer
{
public:
enum {eErrorNone, eErrorSyntax,}eError;
CTokenizer(char** pKeyWords, int iKeyWords, char* pMetaChars, int iMetaChars);
virtual ~CTokenizer();
void Clear();
void Init();
int Tokenize(const char* pInputLine);
bool IsKeyWord(string &str);
bool IsKeyWord(const char* pInput);
void Dump();
bool IsMetaChar(const char c);
bool IsMetaChar(string &str);
_inline int GetTokenCount() {return (int)m_tokens.size();}
_inline CSAToken GetToken(int i) {return m_tokens.at(i);}
protected:
int GetToken(const char* pInput, string &out, bool &bQuotedString);
char** m_pKeyWords;
int m_iKeyWords;
char* m_MetaChars;
int m_iMetaChars;
CSATokenVector m_tokens;
};
//////////////////////////////////////////////////////////////////////
extern bool operator < (const CSAToken &a, const CSAToken &b);
extern bool operator == (const CSAToken &a, const CSAToken &b);
|
|
|
|
|
|
|
stop posting errorcode, it's not fun to fix your ****.
|
|
|
|
|
|
|
Dear Sir,
Thanks for this utility, it did just what I wanted. I made a small improvements.
1. Added casts, because else VS.NET compiler complains.
2. I hate to write things twice, therefore I added generation of a header file with externs. I.e. for your demo project it generates
--strings.h---
extern const char* pString1 ;//blabal
extern const char* pString2 ;
Now one can just include this file into all project files.
3. I added
#define CXR_CPP
into the generated cpp file. So that one can customize cxr_inc.h, depending on whether it is now included in cxr generated cpp or other project files (sometimes usefull).
I share the changes with people in the hope, that it can be usefull for somebody else too.
----crx.cpp--
<code>
/*********************************************************************
Copyright (C) 2002 Smaller Animals Software, Inc.
This software is provided 'as-is', without any express or implied
warranty. In no event will the authors be held liable for any damages
arising from the use of this software.
Permission is granted to anyone to use this software for any purpose,
including commercial applications, and to alter it and redistribute it
freely, subject to the following restrictions:
1. The origin of this software must not be misrepresented; you must not
claim that you wrote the original software. If you use this software
in a product, an acknowledgment in the product documentation would be
appreciated but is not required.
2. Altered source versions must be plainly marked as such, and must not be
misrepresented as being the original software.
3. This notice may not be removed or altered from any source distribution.
http://www.smalleranimals.com
smallest@smalleranimals.com
**********************************************************************/
// CXR.cpp : Defines the entry point for the console application.
//
#include "stdafx.h"
#include "CXR.h"
#include "CmdLine.h"
#include "Tokenizer.h"
#include "Stream.h"
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif
/////////////////////////////////////////////////////////////////////////////
// The one and only application object
CWinApp theApp;
using namespace std;
/////////////////////////////////////////////////////////////////
static bool ProcessFile(CStdioFile &in, CStdioFile &out, CStdioFile &outh);
static bool AddDecode(const CString & csPassword, CStdioFile &out);
static CString Encrypt(const CString &csIn, const char *pPass);
static CString Decrypt(const char *pIn, const char *pPass);
static bool ExpandOctal(const CString &csIn, CString &csOut, int &iConsumed);
static CString TranslateCString(const CString &csIn);
static bool ExpandHex(const CString &csIn, CString &csOut, int &iConsumed);
static CString EscapeCString(const char *pIn);
// these can be adjusted in the range 1 to 239
const int basechar1 = 128;
const int basechar2 = 128;
/////////////////////////////////////////////////////////////////
int _tmain(int argc, char* argv[], char* envp[])
{
int nRetCode = 0;
srand(time(NULL));
// initialize MFC and print and error on failure
if (!AfxWinInit(::GetModuleHandle(NULL), NULL, ::GetCommandLine(), 0))
{
// TODO: change error code to suit your needs
cerr << _T("Fatal Error: MFC initialization failed") << endl;
nRetCode = 1;
}
else
{
cerr << "Starting CXR, the literal string encryptor. Copyright 2002, Smaller Animals Software Inc.\n";
if ((basechar1 == 0) || (basechar2 == 0) || (basechar1 > 239) || (basechar2 > 239))
{
cerr << "CXR basechar values out of acceptable range. Aborting\n";
nRetCode = 1;
return nRetCode;
}
CCmdLine cmd;
if (cmd.SplitLine(argc, argv) >= 2)
{
CString csInFile = cmd.GetSafeArgument("-i", 0, "");
CString csOutFile = cmd.GetSafeArgument("-o", 0, "");
if (!csInFile.IsEmpty() && !csOutFile.IsEmpty())
{
// open the input file
CStdioFile fileIn;
// open the output file
CStdioFile fileOut;
CStdioFile fileOuth;
string _HeaderName=csOutFile;
string::size_type _dot=_HeaderName.find_last_of(".");
if ((_dot!=string::npos)&&(_dot>1)){
_HeaderName=_HeaderName.substr(0,_dot);
};
_HeaderName+=".h";
if (fileIn.Open(csInFile, CFile::modeRead | CFile::typeText))
{
if (fileOut.Open(csOutFile, CFile::modeCreate | CFile::modeWrite | CFile::typeText ))
{
if (fileOuth.Open(_HeaderName.c_str(), CFile::modeCreate | CFile::modeWrite | CFile::typeText ))
if (!ProcessFile(fileIn, fileOut,fileOuth))
{
cerr << "CXR failed\n";
nRetCode = 1;
}
}
else
{
cerr << _T("Unable to open output file: ") << (LPCTSTR)csOutFile << endl;
nRetCode = 1;
}
}
else
{
cerr << _T("Unable to open input file: ") << (LPCTSTR)csInFile << endl;
nRetCode = 1;
}
if (nRetCode==0)
{
cerr << "CXR created: " << (LPCTSTR)csOutFile << "\n";
}
}
else
{
cerr << _T("Not enough parameters") << endl;
nRetCode = 1;
}
}
else
{
cerr << _T("Not enough parameters") << endl;
nRetCode = 1;
}
}
return nRetCode;
}
/////////////////////////////////////////////////////////////////
bool ProcessFile(CStdioFile &in, CStdioFile &out,CStdioFile &outh)
{
enum
{
eStateWantPassword,
eStateHavePassword,
};
int iState = eStateWantPassword;
CString csPassword;
CString line;
char *pMetachars = _T("/\\=();'");
char *pKeyWords[3] = {_T("//"), _T("_CXR"), _T("CXRP")};
CTokenizer tokenizer(pKeyWords, 3, pMetachars, strlen(pMetachars));
int iErr = CTokenizer::eErrorNone;
bool ok = true;
out.WriteString(_T("/////////////////////////////////////////////////////////////\n"));
out.WriteString(_T("// "));
out.WriteString(out.GetFileName());
out.WriteString(_T("\n//\n"));
out.WriteString(_T("// This file was generated by CXR, the literal string encryptor.\n"));
out.WriteString(_T("// CXR, Copyright 2002, Smaller Animals Software, Inc., all rights reserved.\n"));
out.WriteString(_T("//\n"));
out.WriteString(_T("// Please do not edit this file. Any changes here will be overwritten on the next compile.\n// If you wish to make changes to a string, please edit:\n// "));
out.WriteString(in.GetFilePath());
out.WriteString(_T("\n//\n"));
out.WriteString(_T("\n/////////////////////////////////////////////////////////////\n\n"));
out.WriteString(_T("\n#define CXR_CPP\n\n"));
out.WriteString(_T("#include \"stdafx.h\"\n"));
out.WriteString(_T("#include \"cxr_inc.h\"\n\n"));
outh.WriteString(_T("// Please do not edit this file. Any changes here will be overwritten on the next compile.\n// If you wish to make changes to a string, please edit:\n// "));
outh.WriteString(in.GetFilePath());
outh.WriteString(_T("\n//\n"));
outh.WriteString(_T("#ifndef "));
CString _fn=outh.GetFileName();
_fn.Replace(".","_");
_fn.MakeUpper();
outh.WriteString(_fn);
outh.WriteString(_T("\n#define "));
outh.WriteString(_fn);
outh.WriteString(_T("\n"));
outh.WriteString(_T("#include \"cxr_inc.h\"\n\n"));
bool bFoundCXR = false;
do
{
if (!in.ReadString(line))
{
break;
}
switch (iState)
{
case eStateWantPassword:
iErr = tokenizer.Tokenize(line);
if (iErr == CTokenizer::eErrorNone)
{
if (tokenizer.GetTokenCount() >= 4)
{
// password declaration always looks like : // CXRP = "Password"
if ((tokenizer.GetToken(0).csToken == _T("//")) &&
(tokenizer.GetToken(1).csToken == _T("CXRP")) &&
(tokenizer.GetToken(2).csToken == _T("=")) &&
(tokenizer.GetToken(3).bIsQuotedString))
{
// we'll use the password from the file, literally. it's not treated as
// a C string-literal, just as a section of a text file. when we
// go to write the decoder, we'll have to fix it up to make sure
// the compiler gets the same text by adding any necessary escapes.
csPassword = tokenizer.GetToken(3).csToken;
if (csPassword.IsEmpty())
{
cerr << _T("Invalid CXR password: \"") << (LPCTSTR)csPassword << _T("\"") << endl;
ASSERT(0);
break;
}
iState = eStateHavePassword;
continue;
}
}
}
break;
case eStateHavePassword:
bFoundCXR = false;
iErr = tokenizer.Tokenize(line);
if (iErr == CTokenizer::eErrorNone)
{
if (tokenizer.GetTokenCount() > 4)
{
for (int i=0;i<tokenizer.GetTokenCount() - 4; i++)
{
// looking for _CXR ( "..." )
if (
(tokenizer.GetToken(i).csToken == _T("_CXR")) && !tokenizer.GetToken(i).bIsQuotedString &&
(tokenizer.GetToken(i + 1).csToken == _T("(")) && !tokenizer.GetToken(i + 1).bIsQuotedString &&
(tokenizer.GetToken(i + 2).bIsQuotedString) &&
(tokenizer.GetToken(i + 3).csToken == _T(")")) && !tokenizer.GetToken(i + 3).bIsQuotedString
)
{
CString csTrans = TranslateCString(tokenizer.GetToken(i + 2).csToken);
CString csEnc = Encrypt(csTrans, csPassword);
//CString csDec = Decrypt(csEnc, csPassword);
out.WriteString(_T("///////////////////////////\n#ifdef _USING_CXR\n"));
/*
out.WriteString("//");
out.WriteString(csDec);
out.WriteString("\n");
*/
// output up to _CXR
out.WriteString(line.Left(tokenizer.GetToken(i).iStart));
CString _newline=line.Left(tokenizer.GetToken(i).iStart);
_newline.Replace("=","");
_newline=_newline.Trim(" ");
// extern const char* ltrUnknown; //Unknown.
//Find last token in the string before = (i.e. variable name)
//and make #define lThisName _CRX(ThisName)
CString resToken;
CString TypeName;
int curPos=0;
resToken= _newline.Tokenize("% #*",curPos);
while (resToken != ""){
TypeName=resToken;
resToken= _newline.Tokenize("% #*",curPos);
};
_newline=" extern "+_newline;
outh.WriteString(_newline);
outh.WriteString(_T("; //")+csTrans+_T("\n"));
outh.WriteString(_T("#define l")+TypeName+ _T(" _CXR(")+TypeName+_T(").c_str()\n\n"));
// encrypted stuff
out.WriteString(_T("\""));
out.WriteString(csEnc);
out.WriteString(_T("\""));
// to the end of the line
out.WriteString(line.Mid(tokenizer.GetToken(i + 4).iStop));
out.WriteString(_T("\n"));
out.WriteString(_T("#else\n"));
out.WriteString(line);
out.WriteString(_T("\n#endif\n\n"));
bFoundCXR = true;
break;
} // found a good string ?
} // loop over tokens
} // > 4 tokens
} // tokenizer OK
if (bFoundCXR)
{
continue;
}
break; // switch
}
// done with it
out.WriteString(line);
out.WriteString("\n");
} while (1);
outh.WriteString(_T("\n\n#endif"));
if (iState == eStateWantPassword)
{
cerr << "No password line found in input file\n";
return false;
}
ASSERT(iState==eStateHavePassword);
// add the decoder functions
AddDecode(csPassword, out);
return true;
}
/////////////////////////////////////////////////////////////////
void AddEncByte(BYTE c, CString &csOut)
{
char buf[4];
BYTE b1 = c >> 4;
BYTE b2 = c & 0x0f;
_snprintf(buf, 3, "%x", b1 + basechar1);
csOut+="\\x";
csOut+=buf;
_snprintf(buf, 3, "%x", b2 + basechar1);
csOut+="\\x";
csOut+=buf;
}
/////////////////////////////////////////////////////////////////
CString Encrypt(const CString &csIn, const char *pPass)
{
CString csOut;
// initialize out
CCXRIntEnc sap((const BYTE*)pPass, strlen(pPass));
/*
start each string with a random char.
because this is a stream cipher, the ciphertext of a
string like "ABC" will be the same as the first 3 bytes
of the ciphertext for "ABCDEFG".
by starting with a random value, the cipher will be in a
different state (255:1) when it starts the real text. the
decoder will simply discard the first plaintext byte.
*/
BYTE seed = rand() % 256;
BYTE c = sap.ProcessByte((BYTE)(seed));
AddEncByte(c, csOut);
// encrypt and convert to hex string
for (int i=0; i < csIn.GetLength(); i++)
{
char t = csIn.GetAt(i);
BYTE c = sap.ProcessByte((BYTE)(t));
AddEncByte(c, csOut);
}
return csOut;
}
/////////////////////////////////////////////////////////////////
CString Decrypt(const char *pIn, const char *pPass)
{
CString csOut;
CCXRIntDec sap((const BYTE *)pPass, strlen(pPass));
int iLen = _tcslen(pIn);
if (iLen > 2)
{
int iBufLen = strlen(pIn);
if (iBufLen & 0x01)
{
cerr << "Illegal string length in Decrypt\n";
return pIn;
}
iBufLen/=2;
for (int i=0;i<iBufLen;i++)
{
int b1 = pIn[i * 2] - basechar1;
int b2 = pIn[i * 2 + 1] - basechar2;
int c = (b1 << 4) | b2;
BYTE bc = sap.ProcessByte((BYTE)(c));
if (i>0) csOut+=(char)bc;
}
}
return csOut;
}
/////////////////////////////////////////////////////////////////
bool AddDecode(const CString & csPassword, CStdioFile &out)
{
out.WriteString(_T("\n\n/////////////////////////////////////////////////////////////\n"));
out.WriteString(_T("// CXR-generated decoder follows\n\n"));
out.WriteString(_T("#include <algorithm>\n"));
out.WriteString(_T("const char * __pCXRPassword = \""));
// the password that encrypted the text used the literal text from the file (non-escaped \ chars).
// we need to make sure that compiler sees the same text when it gets the passowrd. so,
// we must double any "\" chars, to prevent them from becoming C-style escapes.
out.WriteString(EscapeCString(csPassword));
out.WriteString(_T("\";\n"));
CString t;
t.Format("const int __iCXRDecBase1 = %d;\nconst int __iCXRDecBase2 = %d;\n\n", basechar1, basechar2);
out.WriteString(t);
// the high-level decoding function
const char *pDec1 =
"CString __CXRDecrypt(const char *pIn)\n"\
"{\n"\
" CString x;char b[3];b[2]=0;\n"\
" CXRD sap((const BYTE*)__pCXRPassword, strlen(__pCXRPassword));\n"\
" int iLen = strlen(pIn);\n"\
" if (iLen > 2)\n"\
" {\n"\
" int ibl=strlen(pIn);\n"\
" if (ibl&0x01)\n"\
" {\n"\
" ASSERT(!\"Illegal string length in Decrypt\");\n"\
" return pIn;\n"\
" }\n"\
" ibl/=2;\n"\
" for (int i=0;i<ibl;i++)\n"\
" {\n"\
" int b1 =pIn[i*2]-__iCXRDecBase1;int b2=pIn[i*2+1]-__iCXRDecBase2;\n"\
" int c = (b1 << 4) | b2; char ch =(char)(sap.pb((BYTE)(c)));\n"\
" if (i>0) x+=ch;\n"\
" }\n"\
" }\n"\
" return x;\n"\
"}\n";
// the stream cipher
const char *pStr1 =
"class CCXR\n" \
"{\n" \
"protected:\n" \
" CCXR(const BYTE *key, unsigned int ks)\n" \
" {\n" \
" int i;BYTE rs;unsigned kp;\n" \
" for(i=0;i<256;i++)c[i]=i;kp=0;rs=0;for(i=255;i;i--)std::swap(c[i],c[kr(i,key,ks,&rs,&kp)]);r2=c[1];r1=c[3];av=c[5];lp=c[7];lc=c[rs];rs=0;kp=0;\n" \
" }\n" \
" inline void SC(){BYTE st=c[lc];r1+=c[r2++];c[lc]=c[r1];c[r1]=c[lp];c[lp]=c[r2];c[r2]=st;av+=c[st];}\n" \
" BYTE c[256],r2,r1,av,lp,lc; \n" \
"\n" \
" BYTE kr(unsigned int lm, const BYTE *uk, BYTE ks, BYTE *rs, unsigned *kp)\n" \
" {\n" \
" unsigned rl=0,mk=1,u;while(mk<lm)mk=(mk<<1)+1;do{*rs=c[*rs]+uk[(*kp)++];if(*kp>=ks){*kp=0;*rs+=ks;}u=mk&*rs;if(++rl>11)u%=lm;}while(u>lm);return u;\n" \
" }\n" \
"};\n" \
"struct CXRD:CCXR\n" \
"{\n" \
" CXRD(const BYTE *userKey, unsigned int keyLength=16) : CCXR(userKey, keyLength) {}\n" \
" inline BYTE pb(BYTE b){SC();lp=b^c[(c[r1]+c[r2])&0xFF]^c[c[(c[lp]+c[lc]+c[av])&0xFF]];lc=b;return lp;}\n" \
"};\n";
out.WriteString(pStr1);
out.WriteString(pDec1);
return true;
}
/////////////////////////////////////////////////////////////////
CString TranslateCString(const CString &csIn)
{
// translate C-style string escapes as documented in K&R 2nd, A2.5.2
CString csOut;
for (int i=0;i<csIn.GetLength(); i++)
{
int c = csIn.GetAt(i);
switch (c)
{
default:
// normal text
csOut+=static_cast<char>(c);
break;
// c-style escape
case _T('\\'):
if (i < csIn.GetLength() - 1)
{
c = csIn.GetAt(i + 1);
switch (c)
{
case _T('n'):
csOut+=_T('\n');
break;
case _T('t'):
csOut+=_T('\t');
break;
case _T('v'):
csOut+=_T('\v');
break;
case _T('b'):
csOut+=_T('\b');
break;
case _T('r'):
csOut+=_T('\r');
break;
case _T('f'):
csOut+=_T('\f');
break;
case _T('a'):
csOut+=_T('\a');
break;
case _T('\\'):
csOut+=_T('\\');
break;
case _T('?'):
csOut+=_T('?');
break;
case _T('\''):
csOut+=_T('\'');
break;
case _T('\"'):
csOut+=_T('\"');
break;
case _T('0'):
case _T('1'):
case _T('2'):
case _T('3'):
case _T('4'):
case _T('5'):
case _T('6'):
case _T('7'):
{
// expand octal
int iConsumed = 0;
if (!ExpandOctal(csIn.Mid(i), csOut, iConsumed))
{
cerr << _T("Invalid octal sequence: ") << _T('\"') << (LPCTSTR)csIn << _T('\"') << endl;
csOut = csIn;
break;
}
i+=iConsumed - 1;
}
break;
case _T('x'):
{
// expand hex
int iConsumed = 0;
if (!ExpandHex(csIn.Mid(i), csOut, iConsumed))
{
cerr << _T("Invalid hex sequence: ") << _T('\"') << (LPCTSTR)csIn << _T('\"') << endl;
csOut = csIn;
break;
}
i+=iConsumed - 1;
}
break;
}
i++;
continue;
}
else
{
cerr << _T("Invalid escape sequence: ") << _T('\"') << (LPCTSTR)csIn << _T('\"') << endl;
csOut = csIn;
break;
}
break;
}
}
return csOut;
}
/////////////////////////////////////////////////////////////////
bool ExpandOctal(const CString &csIn, CString &csOut, int &iConsumed)
{
// staring with the escape, we need at least one more char
if (csIn.GetLength() < 2)
{
return false;
}
if (csIn.GetAt(0) != _T('\\'))
{
return false;
}
int iStart = 1;
int iCur = iStart;
CString digits;
int c = csIn.GetAt(iCur);
while ((c >= _T('0')) && (c <= _T('7')))
{
digits+=static_cast<char>(c);
// an escape can't hold more that 3 octal digits (K&R 2nd A2.5.2)
if (iCur == 3)
{
break;
}
iCur++;
c = csIn.GetAt(iCur);
}
char *end;
int octval = (char)_tcstol(digits, &end, 8);
iConsumed = digits.GetLength();
csOut+=static_cast<char>(octval);
return true;
}
/////////////////////////////////////////////////////////////////
bool ExpandHex(const CString &csIn, CString &csOut, int &iConsumed)
{
// staring with the escape and the 'x', we need at least one more char
if (csIn.GetLength() < 3)
{
return false;
}
if ((csIn.GetAt(0) != _T('\\')) || (csIn.GetAt(1) != _T('x')))
{
return false;
}
int iStart = 2;
int iCur = iStart;
CString digits;
int c = csIn.GetAt(iCur);
while (_istxdigit(c))
{
digits+=static_cast<char>(c);
iCur++;
c = csIn.GetAt(iCur);
}
char *end;
// "There is no limit on the number of digits, but the behavior is undefined
// if the resulting character value exceeds that of the largest character"
// (K&R 2nd A2.5.2)
int hex = (char)_tcstol(digits, &end, 16);
iConsumed = digits.GetLength();
iConsumed++; // count the "x"
csOut+=static_cast<char>(hex);
return true;
}
/////////////////////////////////////////////////////////////////
CString EscapeCString(const char *pIn)
{
CString csOut;
int iLen = _tcslen(pIn);
for (int i=0;i<iLen;i++)
{
csOut+=pIn[i];
// double all "\" chars
if (pIn[i] == _T('\\'))
{
csOut+=_T('\\');
}
}
return csOut;
}
/////////////////////////////////////////////////////////////////
</code>
-- modified at 16:57 Thursday 2nd March, 2006
|
|
|
|
|
|
|
On many lines: 257, 466, 514, 713, ... your code got cut off or something.
for (int i=0;i
And on line 437, I think there is something missing after "#include":
out.WriteString(_T("#include \n"));
-- modified at 15:31 Thursday 2nd March, 2006
Update: Oh and also your static_cast statements lost their bracketed data type. I can guess what you meant though. You probably meant to cast the int to a TCHAR, right?
|
|
|
|
|
|
|
Hi,
Thanks for the tip.
all bracketed stuff went away I updated the code.Now it seems to be ok.
|
|
|
|
|
|
|
Thank you for the excellent tool.
We have CXR running in Visual C++ using MFC, but we ordinarily develop and build on Linux.
Does anyone have experience or suggestions on the best approach to get CXR to compile and run on Linux without MFC?
|
|
|
|
|
|
|
Yes. I made a comment post above -- in it I posted code that references STL classes in place of MFC. So now it's not dependent on any MFC code. It's still not 100% ready to compile under Linux, but it will probably require very little changing to make it work now.
|
|
|
|
|
|
|
fyi, I've posted a cross-platform branch of CXR on Google Code here.
|
|
|
|
|
|
|
|
|
|
Here's a proof of concept.
This will "encrypt" (scramble, rather) the strings at compile time and decrypt at runtime.
#ifndef SCRAMBLEH
#define SCRAMBLEH
/**
* Here's an example of use
*
* in the foo.H:
*
* STRING_DECL(secrectString);
* #define secrectString STRING_UNSCRAMBLE(secrectString)
*
* and in the foo.cpp:
* STRING_DEF(secrectString, ('v', 'e', 'r', 'y', 's', 'e', 'c', 'r', 'e', 't', '\0', 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0))
*
* NOTE NOTE: The string must be 32 characters long. The unused part can be filled
* with anything (I used 0.)
*
* This will define strings whose contents are
* scrambled (a lame xor-encryption) and checksummed.
*
* When you do use the strings in your application, the
* strings will be decrypted and checksummed at run-time.
* If the checksum does not match, we will call exit(0) straight (gross, I know,
* but then again, if someone tampers the executable...).
*
* This should make it somewhat harder to find the strings from the binary and
* alter them. But only somewhat. Any competent hacker *will* find the strings.
*
* The string must be 32 characters long, and macro takes 32 arguments.
* This is because I couldn't device a macro that would cleanly take
* any string and yet encrypt it compile time WITHOUT LEAVING THE
* CLEAR TEXT STRING LITERAL IN THE BINARY. If you know how to do this,
* drop me a note...
*
*/
#define STRING_SCRAMBLE(s00, s01, s02, s03, s04, s05, s06, s07, s08, s09, \
s10, s11, s12, s13, s14, s15, s16, s17, s18, s19, \
s20, s21, s22, s23, s24, s25, s26, s27, s28, s29, \
s30, s31) \
{ \
char(s00 ^ 0xa3), \
char(s01 ^ 0x54), \
char(s02 ^ 0xff), \
char(s03 ^ 0x75), \
char(s04 ^ 0xe7), \
char(s05 ^ 0x44), \
char(s06 ^ 0x4b), \
char(s07 ^ 0x23), \
char(s08 ^ 0xbf), \
char(s09 ^ 0x45), \
char(s10 ^ 0x3b), \
char(s11 ^ 0x56), \
char(s12 ^ 0xf8), \
char(s13 ^ 0x98), \
char(s14 ^ 0x5b), \
char(s15 ^ 0xf4), \
char(s16 ^ 0xb5), \
char(s17 ^ 0x87), \
char(s18 ^ 0x7b), \
char(s19 ^ 0x0f), \
char(s20 ^ 0xf4), \
char(s21 ^ 0x76), \
char(s22 ^ 0xb9), \
char(s23 ^ 0x34), \
char(s24 ^ 0xbf), \
char(s25 ^ 0x1e), \
char(s26 ^ 0xe7), \
char(s27 ^ 0x78), \
char(s28 ^ 0x98), \
char(s29 ^ 0xe9), \
char(s30 ^ 0x6f), \
char(s31 ^ 0xb4), \
'\0' \
}
#define LICENSE_STRING_CHECKSUM(s) \
(s[ 0] << 0) ^ \
(s[ 1] << 8) ^ \
(s[ 2] << 16) ^ \
(s[ 3] << 0) ^ \
(s[ 4] << 8) ^ \
(s[ 5] << 16) ^ \
(s[ 6] << 24) ^ \
(s[ 7] << 8) ^ \
(s[ 8] << 0) ^ \
(s[ 9] << 8) ^ \
(s[10] << 16) ^ \
(s[11] << 24) ^ \
(s[12] << 0) ^ \
(s[13] << 8) ^ \
(s[14] << 16) ^ \
(s[15] << 24) ^ \
(s[16] << 0) ^ \
(s[17] << 8) ^ \
(s[18] << 16) ^ \
(s[19] << 24) ^ \
(s[20] << 0) ^ \
(s[21] << 8) ^ \
(s[22] << 16) ^ \
(s[23] << 24) ^ \
(s[24] << 0) ^ \
(s[25] << 8) ^ \
(s[26] << 16) ^ \
(s[27] << 24) ^ \
(s[28] << 0) ^ \
(s[29] << 8) ^ \
(s[30] << 16) ^ \
(s[31] << 24)
extern "C" void __cdecl exit(int);
inline char* __STRING_UNSCRAMBLE(const char s[], char clear[32],
unsigned compileTimeChksum)
{
unsigned curChksum = STRING_CHECKSUM(s);
if (compileTimeChksum != curChksum)
exit(0);
char temp[] =
STRING_SCRAMBLE(s[0], s[1], s[2], s[3], s[4], s[5], s[6], s[7], s[8], s[9],
s[10], s[11], s[12], s[13], s[14], s[15], s[16], s[17], s[18], s[19],
s[20], s[21], s[22], s[23], s[24], s[25], s[26], s[27], s[28], s[29],
s[30], s[31]);
for (unsigned i = 0; i < 32; i++)
clear[i] = temp[i];
return (char*)clear;
};
#define STRING_DECL(NAME) \
extern const char NAME ## _Scrambled[]; \
extern char NAME ## _Clear[32]; \
extern const unsigned NAME ## _CheckSum;
#define STRING_UNSCRAMBLE(NAME) \
__STRING_UNSCRAMBLE(NAME ## _Scrambled, NAME ## _Clear, NAME ## _CheckSum)
#define STRING_DEF(NAME, VALUE) \
const char NAME ## _Scrambled[] = STRING_SCRAMBLE VALUE; \
char NAME ## _Clear[32]; \
const unsigned NAME ## _CheckSum = STRING_CHECKSUM(NAME ## _Scrambled);
#endif
(Obviously, change the encryption key...)
Downside: hardcoded 32-character length for strings (could perhaps be expanded), and all the downsides CXR has. Benefits: does not require extra build step.
|
|
|
|
|
|
|
This could be probably expanded into something more general using the for example the template capabilities of the C++ preprocessor. And I hear even the C preprocessor is Turing complete...
So, who makes the most elegant solution?
Bonus point for arbitrary length strings (not hard-coded to 32 chars), unicode support,
public key encryption (no secret key in the binary), compression...
|
|
|
|
|
|
|
Chris:
First of all thanks for sharing your code.
When I try to crypt the string "\\LocalMachine\\SOFTWARE\\Classes\\CLSID\\{8F99C758-2F07-495d-8533-D1F2C4522108}\\" it just doesn't work.
I took out the final \\ and presto!
Is this a bug or a feature?
Sheers
Martin Jimenez
|
|
|
|
|
|
|
mjimenez wrote:
Is this a bug or a feature?
bug
easy enough to fix, though.
in CTokenizer::GetToken, in the switch statement in the middle, make the following change:
switch (*(pInput + i + 1))
{
case _T('"'):
out+= _T("\\\""); i++; continue;
break;
default:
---> ---> out+=c;
---> ---> out+=*(pInput + i + 1);
---> ---> i++;
continue;
break;
}
Image Toolkits | Image Processing | Cleek
|
|
|
|
|
|
|
I see now that the strings contain characters above 0x7F. To be safe, I'd suggest generating \x escapes, instead of putting the characters directly in the CPP file. For example instead of "|||", generate "\x8a\x8f\x86".
--Mike--
Just released - 1ClickPicGrabber - Grab & organize pictures from your favorite web pages, with 1 click!
My really out-of-date homepage
Sonork-100.19012 Acid_Helm
|
|
|
|
|
|
|
Michael Dunn wrote:
To be safe
how does that make it any more safe?
-c
No matter how fast light travels it finds the darkness has always got there first, and is waiting for it.
-- Terry Pratchett,
|
|
|
|
|
|
|
I can recall one time that I had a Chinese font name in a string literal, and it compiled fine on a Chinese language system, but generated a compiler error on an English system. When the name was encoded with \x sequences, it compiled fine.
In general, all characters over 0x7F are better being encoded with \x since the meanings of the characters 0x80-0xFF change depending on the ANSI code page in use. Using \x removes the possibility of a breakage.
--Mike--
Just released - 1ClickPicGrabber - Grab & organize pictures from your favorite web pages, with 1 click!
My really out-of-date homepage
Sonork-100.19012 Acid_Helm
|
|
|
|
|
|
|
makes sense.
the latest source package (as soon as CP updates it, that is) will output \x-style characters. it will also fix some parsing issues.
thanks for the tip.
-c
No matter how fast light travels it finds the darkness has always got there first, and is waiting for it.
-- Terry Pratchett,
|
|
|
|
|
|
|
Well, OK, maybe my situation wasn't that grave, but I did need to obfuscate some strings for a project at work and I had no clue how to do it so the code was maintainable. CXR works perfectly! 
--Mike--
Just released - RightClick-Encrypt v1.3 - Adds fast & easy file encryption to Explorer
My really out-of-date homepage
Sonork-100.19012 Acid_Helm
|
|
|
|
|
|
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Rant 
Admin