(old)Puppy Linux Discussion Forum

Once upon a time I've seen an interesting text encryption tool under Windoze.
That tool had ability to put the encrypted text in the application itself, and then to save it.
Thanks to it, it was possible to have encrypted text and the tool in one file.

I still feel weak in Bash and Gtkdialog, but I wrote something similar.
The code is a bit overbloated - I'm sure it's possible to optimize/improve it (and it is welcomed).
Also, it would be more secure to use variables instead files to keep temporary data,
but I couldn't find a way to do it in Gtkdialog...

SelfCrypText can be used in two ways:
1. As standard text encryption tool, eg.: input_some_text -> encrypt/decrypt -> copy_somewhere_else;
2. As portable, executable container for encrypted text, eg.: input_some_text -> encrypt/decrypt -> save_as;

The second option creates a new copy of application, but the file contains encrypted text also.
When it's launched, the text is displayed instantly and can be decrypted, and the application itself can be reused.

SelfCrypText uses 'openssl' and AES-256 + base64 encryption.
Written on Lupu-528.004.

EDIT:
The latest single-note version (v1.4) is attached HERE.
The latest multi-note version (v2.2) is attached HERE.

Greetings!

ipsa scientia potestas est

Well done.
I may use this to encrypt the location of my time machine. At the moment it is stashed in the future and to the right a bit.
For some this will be invaluable

The Growl program in Puppy 5.3.1 (Menu/network)
has the option to encrypt and decrypt a file
using click and drag by and calling the program
/usr/sbin/bcrypt_gui

I believe micko wrote that for Slacko
. . . might be of interest

Nice one SFR.
Don't be concerned with it being bloated, it's not.
I have no doubt that it can be minimized but what advantage would be
gained from it?
It's not like a short GTKdialog is going to bring your CPU to it's knees
and by optimizing it, you may make it less unreadable and more difficult for others
to adapt and modify to their specific needs.

The only change I would make is like you say try and use variables instead
of files for your temp storage.
I don't know enough about GTKdialog to help but try posting here:
http://www.murga-linux.com/puppy/viewtopic.php?t=38608
There will be more then a few users that might be able to help out.

Quo semel est imbuta recens, servabit odorem testa diu.
Optimalization...it's my old habit inherited from the c64, to be concerned about every single bit of free mem and every single cycle of CPU.
And yes, it was a challenge to analyze such code later.

I'll post this problem at Gtkdialog Tips thread and meanwhile I'll try to find a way to encrypt/decrypt string instead file using openssl - had problem with this too.

Thanks & Greetings!

I did a small security upgrade:

- the temporary file is wiped out instantly after every use in code;
- the temporary file is wiped out using 'shred' instead simple 'rm'.

Greetings!

Update: SelfCrypText_v1.2

Another small improvements:
- prevention of encrypting an empty message (such message couldn't be decrypted);
- added file-selector to 'Save As' dialog;
- added opportunity to overwrite an existing file;
- few aesthetic corrections in code.

I think it's the goal I had wish to achieve...
...for now.

Greetings!

I haven't taken a look at the code but I often use
I wrote a little poor man's steganography tool a while back that would embed any file onto any file... it used a temp file too, but now that I think about it if I used a VAR, I could probably? use ${#VAR} and some integer math instead of stat -c %s to get the size

its here:
http://www.murga-linux.com/puppy/viewtopic.php?t=72807

The main problem is the <edit><default> widget in my case.
It doesn't allow to be refreshed if I use a variable or command, the only way is to use <edit><input file> and temporary file.
http://www.murga-linux.com/puppy/viewto ... 937#598937
Such temp file is converted into a variable and shredded immediatly and then everything is done with that variable...until the next refresh (which is encrypt/decrypt action).
It's ok with eg. <entry><input>$VAR... (and the password is stored in that way), but this won't allow to use multiple lines...

technosaurus wrote:http://www.murga-linux.com/puppy/viewtopic.php?t=72807

Nice idea. It has a big advantage over the classic steganography = any kind of files allowed.
I just tried cat some_random_stuff_file >> abiword and dillo binaries, and they still work.
Tried with *.tar.gz also - after decompressing Xarchive shows "Wrapper exited with a error", but unpacked data is untouched!

Thanks & Greetings!

How can i install this?
I just know how to install a .pet, but this is not a .pet
If i click on it, it just shows the code.
Thanks

I'm using dpup exprimo 3.2.14.2

Hey Bruno.

This app is designed to be portable; doesn't need to be installed.

I assume that you unpacked the downloaded file first..?
If so and still nothing I guess that permissions of the file aren't set properly...
In Rox-Filer right-click on the file -> File 'SelfCrypt...' -> Properties and select all boxes under "Exec".

If this won't help, open terminal window in a folder where the file resides, type: see if there are any errors and let me know how's it going.

HTH
Greetings!

Thanks SFR,
Now I see how it works.
Very nice little fast app!

Doh, I just found out that "shred" program isn't included in Slacko.

So, to preserve secure deletion of temporary file, I used this, instead of shred:
I hope dd behaves as I think it does: overwrites exactly the same sectors of a file on the disk..?

Additionaly I did few fixes, the most important was wrong handling of filenames with spaces.

Greetings!

Using Pizzasgood's idea I've applied ramdisk as a storage for temp file.
I believe it's more reasonable way than dabbling with dd and shred.

Dynamic ramdisk has been set to max. 1 MB, but I think it's more than enough.
Additionally since now all data is being gzip'ed before encryption.

Greetings!

The second option creates a new copy of application, but the file contains encrypted text also.
When it's launched, the text is displayed instantly and can be decrypted, and the application itself can be reused.

Cool, a stand-alone secret diary

There are other uses for this method. Ever heard of upx or sqeeze?
http://source.netsurf-browser.org/?p=sq ... ;a=summary
http://upx.sourceforge.net/
the only difference is that their "encryption" method is just compression.

Rather than a small frontend decompressor, you can have any program frontend and embed any data. Unfortunately criminal entities have given steganography a bad name, so we don't see much of this.

I'll leave you with that thought to ponder the possibilities.

btw, I think my coolest idea yet, was to embed packages onto the end of its own screenshot - it even worked extremely well with thumb-nailer page generator programs for browsing, but then I figured we had enough different package systems already.

technosaurus wrote:btw, I think my coolest idea yet, was to embed packages onto the end of its own screenshot - it even worked extremely well with thumb-nailer page generator programs for browsing, but then I figured we had enough different package systems already.

Agreed, that was cool. (at least, it's the coolest one I understand)

@Techno:
I heard about UPX. Heard also about tools like PESpin (for Win), which provides encryption too (or is it just password protection??).

Once, I was started to code something, somehow related, but for regular files.
The idea was to embed files chosen by the user, pack & encrypt them into one, self-extracting container that can be reused later, like SelfCrypText.
In fact it was just a bit extended idea of self-extracting .exe archives under Windoze or those shell installers, like "amd-driver-installer.run".
But my vision was too fuzzy - I didn't know what I want to achieve actually, so current project status: abandoned.

I appreciate your tips, maybe something will grow out of them someday...

disciple wrote:Cool, a stand-alone secret diary

I'm glad you like it.
Unfortunately there's some kind of size limit of <edit> in Gtkdialog and when that limit (~128K in my tests) is exceeded strange things happen.
The workaround could be multiple, separate notes in a list; perhaps I'll try do to something like this in the future.

Thanks & Greetings!

SFR wrote:[...]multiple, separate notes in a list[...]

Initially I thought it'll be easier to implement, but finally here it is.

SelfCrypText-v2.2

The general idea remained unchanged, the only (visible) change is handling of multiple notes.

Requirements:
Gtkdialog >= 0.7.21, Xdialog, openssl + usual set of tools like: cut, grep, tr, sed, awk and so on...

Additional info:
1. Each note can be encrypted with its own unique passphrase.
2. Maximum size of single note: ~128K (in my tests).
3. Maximum size of all notes: ~64M (theoretically).
4. Maximum amount of notes: unknown.

Known issues:
- In "Notes List" if you click empty space (and not specific note), all disabled buttons and fields will become enabled, but even if you write some text, such non-assigned note won't be saved anywhere.
- Special characters like: * : | / \ $ ^ & as well as leading and trailing spaces are not allowed in titles; if used anyway - they will be trimmed out and replaced with _.

_________________

Written on Slacko-5.3.3

Have fun & Greetings!

Update, version 2.1:

- Added progressbar during data extracting and saving (it's useful when there's a lot of notes)
- Program window is now a bit more flexible (better look when maximized/resized)
- One trivial modification and SelfCrypText is compatible with Gtkdialog 0.7.21 again, so there's also a big chance that it'll be more compatible with some other distros (tried in PCLinuxOS - seems to work fine); the only issue is that buttons aren't expanded to fill all available space (in 0.7.21 only).
- Lots of minor, internal improvements

New version has been attached to my previous post (see above).
___________

Update, version 2.2 (2013-06-25):
- bugfix: crashing in FatDog due to use of "\xa0" as a "hidden" character; changed to "\xe2\x81\xa3".

See previous post...

Greetings!