8.1 Generating Encrypted Data
8.1.2 Command Line Generation of Encrypted Data
It is possible to generate encrypted data from the command line via command options. For the syntax of WKCRYPT see chapter 7.2, page 86.
Chapter 8 Encrypting Data
3
Example: Generating Encrypted Data FilesWKCRYPT /F10 /U13 /S10 /CG0 /CR0:32 TEST.BIN
The Firm Code 10, User Code 13 and Selection Code 10 are specified as the first parameters. At the end of the command line the file name TEST.BIN is entered. Existing files will be overwritten. Be careful with wildcard characters in file names as all matching files are overwritten.
Should the option /CG be used in conjunction with the option /CO, the
object file type will only be renamed (for example to ASM or PAS)
when the specified file does not incorporate a type specification. The /O
option can additionally be used in the same manner as with the encryption of files. For the data generation, the specified file will be taken as the “source file” for the re-naming.
Specific commands options for the generation of encrypted data:
/CGByteSystemNumber[Delta][:Length] /CG{Aggregate}
With this option data is generated and encrypted. No source file is drawn on for the encryption. The /CG option defines a value for each generated byte
before the encryption. It can be any number between 0 and 255. The specification can be followed by a delta expression, i.e. /CG10+=5 has a delta value of +5. The specified byte value will automatically be incremented or decremented by the specified delta value with each use. Reaching a value of 255 the procedure automatically restarts at 0. The overflow correction is calculated into the restart value. This option remains valid until a different encryption variant is specified via the /C option
When the optional length value is specified with a leading colon, the length of the generated data is set. Otherwise it is determined by the length of the
specified encryption range option /CR.
The second variant specifies the encryption by an aggregate. Such a specification has always a fixed length. The maximum length is limited to 32,768 bytes.
/CR:Address[+OffsetSystemNumber]:LengthSystemNumber
/CR:StartAddress[+OffsetSystemNumber],EndAddress[+OffsetSystemNumber] For a detailed decryption of this parameter see chapter 7.2.4.2, page 99. Non-
encrypted ranges can be generated as a gap between two consecutive /CR
specifications. The /CR specification with the highest address defines the
overall length of the created file. Open ranges - /CR specifications without
end address or length - are invalid.
/
Should the created file contain non-encrypted bytes at its end, then thelength in the /CR option with the highest address is to be set to 0.
3
Example: Generating Encrypted Data FilesWKCRYPT /F10 /U13 /S10 /CG0 /CR:0:32 TEST.BIN
creates a binary file TEST.BIN in which 32 encrypted bytes have been placed. This example generates and encrypts 32 0-Bytes for the WkNet implementation at the client site.
WKCRYPT /F10 /U13 /CG10++ /CR:50:10 TEST.BIN
creates the same file, but only 60 bytes have been generated. The first 50 bytes remain non-encrypted. At the address 0, the value 10 is entered; at 1, 11; at 2, a byte with 12 etc. At the address 50, the value 60 is entered in an encrypted form. At the address 59 (last byte), the value 69 is encrypted.
WKCRYPT /F10 /U13 /CG10+=5 /CR:5,26 /CR:50:0 TEST.BIN functions similar to the third example, with the exception that only 50 bytes are generated, and only those bytes at the addresses 5 to 25 inclusively are encrypted; the bytes are increased by 5 and not by 1. WKCRYPT /F10 /U13 /CG0x55 /COC /CR:0:120 TEST.H creates the C file TEST.H, which consists of 120 encrypted hex-values 55H, and which can be used to initialize field variables in C programs.
Chapter 8 Encrypting Data /COA /COB /COC /COD /COL /CON /COP
These options define the format of the object file after the encryption. The option allows the conversion of encrypted and non-encrypted binary data to text. This may be used in various programming languages (Assembler, Microsoft Basic, ANSI C and Borland Pascal) for the initialization of field variables. The brackets for C and Borland Pascal are automatically generated by WKCRYPT, as well as comments which specify the relative position of the data bytes within the initialization list. The option remains valid until a
different format is chosen via the /CO option.
The following list offers a survey of the text forms which can be generated:
Option File Type Object Form / Applicable Compilers
/COD (source) Binary data 1:1 from source (default setting)
/COA ASM Assembler-DB-instructions (MASM, TASM etc.)
/COB BAS BASIC-DATA-instructions (Microsoft Basic)
/COC C ANSI-C-field initialization
/COL Text Numeric data (1 value per line)
/CON Text Numeric data (more than one value per line)
/COP PAS Borland Pascal field initialization
All generated data is encrypted byte by byte with decimal numbers. The created files may either be copied to a program source code manually, or
tied-in during translation via include commands: include with Assembler;
#include with C; {$I} with Borland Pascal. The data is normally used after the definition of a field variable (array) for its initialization.
combined with /CD, /CG and /CX.
The option /CON describes a text number-sequence data format based on
decimal numbers. It is stored in one or more lines. The numbers must consist of the digits 0 to 9 without blanks, and are set up in the range between 0 and
255. When read by WKCRYPT, they are separated by a tab or comma.
During the generation, WKCRYPT files the numbers with separating
commas. Here, no text lines which incorporate more than 78 printable characters are generated. The file is terminated with the SUB-character (0x1A).
The option /COL almost corresponds to the option /CON. The difference is
that only one numerical value is read or generated per text line. The rest of the line is ignored.
With the options /COD, /COL and /CON, the format of the object file is
identical to that of the source file. With other options, the type specification is used as listed in the above table. This setting can be changed at any time
through a type specification in the /O option. When the option /COD is used
in conjunction with the option /CG, the type specification (postfix) from the
above list is only drawn on when the subsequent file specification does not incorporate any type extension. In other cases, the type specification for this file will be used for the object file without any changes.
3
Example: Choosing a File FormatWKCRYPT /F10 /U13 /CX /CR:_Demo:20 /COA TEST.EXE encrypts 20 bytes in the program TEST.EXE at the address _Demo, and files this partially encrypted program as an Assembler initialization in the file TEST.ASM.
WKCRYPT /F10 /U129 /CD /CR:0 /COP /O*.INC TEST.DAT completely encrypts the file TEST.DAT from the address 0 and files it as a Borland Pascal initialization in the file TEST.INC.
WKCRYPT /F10 /U12 /CG0 /CR:0:100 /COC XYZ.H generates 100 encrypted bytes from a series of 0 bytes, which are transferred as an ANSI-C-initialization to the file XYZ.H.
Chapter 8 Encrypting Data
/COM
A special variant of the /CO option is /COM. With this option no new file is
created but text sequences in an existing file are replaced by newly create
(data) text sequences. The signatures to be replaced are specified by the /FM
option.
The /COM option is useful for programming languages like Visual Basic or
Clipper. In contrast to C these language are not able to include a text file
generated by the /COx option.
/FM [I|R]:Pattern[,SourceFile]
This option sets the parameters which are required for the /COM and /POM
options. It is important that the /FM option must be specified before these options. The pattern is the text signature to search within the text file. This pattern must be specified exactly in the right way, because the search is case sensitive. If the pattern contains spaces and the optional source file is specified, the pattern must be enclosed by quotes.
The modify command supports the replacing of patterns by numbers (sub- option "R") or the insertion/replacing of numbers before patterns (default or sub-option "I"). The first mode replaces the patterns in the file which is then no longer available for another pattern scan operation.
/
Be sure, that you have a backup copy of the file with the pattern beforeyou use the /FMR option!
A solution for this problem is to specify a source file containing the
patterns in the /FMR option. This file is scanned for patterns which are
replaced by numbers and is stored line by line to an object file, but is not changed itself.
The insertion mode is more flexible because it removes the last number before the pattern (if any) and sets the new number before the pattern. The signature still exists in the text file. This may result in problems for programming languages like Fortran.
Between the removed number and the pattern, no characters except spaces are permitted. For a programming language, the patterns for the insertion mode must include a comment description. For example for Visual Basic:
Some programming languages, for example FORTRAN do not support a number specification and a comment in the same line. Then the replacing mode cannot be used.
3
Example: Pattern Replacing by Values via /FMR optionWKCRYPT /F10 /U13 /2 /CON /CG0:4 /S1234 /CR:0 M.DAT
produces the file M.DAT with the contents: 37,250,231,82
Now we have a pattern file M.ORG with the contents REM before here any text
A[1] = -WK- A[2] = -WK- A[3] = -WK- A[4] = -WK-
REM any text can follow
WKCRYPT /F10 /U13 /2 /FMR:"-WK-",M.ORG /COM /CG0:4 /S1234 /CR:0 M.DAT
produces a file M.DAT with the contents: REM before here any text A[1] = 37
A[2] = 250 A[3] = 231 A[4] = 82
Chapter 8 Encrypting Data
3
Example: Value Inserting before Patterns via /FM optionThe file M.ORG is the one from the last example. Now we create another file M2.DAT:
REM before here any text A[1] = : REM -WK-
A[2] = : REM -WK- A[3] = : REM -WK- A[4] = : REM -WK- REM any text can follow The command line
WKCRYPT /F10 /U13 /2 /FM:": REM -WK-" /COM /CG0:4 /S1234 /CR:0 M2.DAT
inserts the created numbers in this file M2.DAT before the patterns: REM before here any text
A[1] =37 : REM -WK- A[2] =250 : REM -WK- A[3] =231 : REM -WK- A[4] =82 : REM -WK- REM any text can follow
3
Example: Value Replacing by New Values via /FMI optionNow we vary the encryption by setting another Selection Code (1235 instead of 1234) and insert the created numbers again in the modified M2.DAT file:
WKCRYPT /F10 /U13 /2 /FMI:": REM -WK-" /COM /CG0:4 /S1235 /CR:0 MOD2.DAT
As result, the numbers 37, 250, 231 and 82 are removed and replaced by the numbers 131, 174, 217 and 183:
REM before here any text A[1] =131 : REM -WK- A[2] =174 : REM -WK- A[3] =217 : REM -WK- A[4] =183 : REM -WK- REM any text can follow
independent of the syntax of a specific programming language and replaces any location of the specified pattern. For example, a silly specification would be the line:
: REM -WK- means a pattern for WKCRYPT It would be replaced by
37 means a pattern for WKCRYPT Specify instead a line as:
REM All lines containing the -WK- are modified by WKCRYPT
/
Note: This line does not work with the /FMR option specified in thefirst example (/FMR:"-WK-). Here you must specify:
REM A line with the character sequence -, W, K, - is modified by WKCRYPT
The /FM option must always be specified before the /COM or /POM option.
Multiple /FM specifications may occur on the command line: the /COM or
/POM options uses only the last /FM specification before its own location on
the command line.
/
Note: The maximum length of the data to be inserted is 4096 bytes. Ifmore patterns are specified than bytes are available or not all bytes of the data set can be stored at pattern locations, WKCRYPT prints a warning. The maximum length of line is 500 characters, the length of the text in number of lines is not limited.
Chapter 8 Encrypting Data