From: Damian Yerrick Newsgroups: comp.os.msdos.djgpp Subject: Re: Some dodgy FILE hackery Organization: Pin Eight Software http://pineight.8m.com/ Message-ID: References: <8amfqu$ue5$1 AT newsg2 DOT svr DOT pol DOT co DOT uk> <8arkma$m3h$2 AT newsg2 DOT svr DOT pol DOT co DOT uk> X-Newsreader: Forte Agent 1.7/32.534 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Lines: 72 X-Trace: +Sdx8a2JPsZzXzhCIPOcsIojjA0ZK2yhUQ2QOCiXTtOc7MdrG6IY5gCoz9kseRSHFro7zNSQJa75!Cx47AotsBUFNUOTzwvVWr9RVXmzaMCdPhjRmFzfu8t1Fez+d4Z37pbM37Cqnhv5wOcE8aq6Tr/ce!T198tYI= X-Complaints-To: abuse AT gte DOT net X-Abuse-Info: Please be sure to forward a copy of ALL headers X-Abuse-Info: Otherwise we will be unable to process your complaint properly NNTP-Posting-Date: Fri, 17 Mar 2000 00:17:19 GMT Distribution: world Date: Fri, 17 Mar 2000 00:17:19 GMT To: djgpp AT delorie DOT com DJ-Gateway: from newsgroup comp.os.msdos.djgpp Reply-To: djgpp AT delorie DOT com On Thu, 16 Mar 2000 18:03:08 -0000, "Ben Davis" wrote: >Damian Yerrick wrote in message ... >>On Tue, 14 Mar 2000 22:48:21 -0000, "Ben Davis" >> wrote: >> >>>I use DJGPP and Allegro. Most of my files (eg. levels) are saved >>>using the packfile functions of Allegro. I need to encrypt some >>>of these files without making them bigger. >> >>Why? > >Do I detect a note of resent for the secretive? Yes. Not encrypting your data files is the "mistake" Nullsoft (now a division of AOL) made that gave Winamp the killer feature (i.e. skins) that made it so popular. Not encrypting files gives users the ability to extend the game by adding levels. And if you're worried about being able to change _your_ levels, there's always MD5 hashing and PGP/GnuPG signing. >>>built-in password function isn't secure enough. >> >>I know; it's xor. > >And it contains an error in that most of the data are not encrypted! >Obviously fixing it would mess up all the encrypted data everywhere that had >already been saved by Allegro. Of course I could correct it myself, but XOR >encryption is "subject to analysis" (as was discussed once on the Allegro >mailing list). Actually, it has been fixed. What are you using? RC5? CSC? DES? All have been 0wn3d by distributed.net. >>>I want to intercept all the low-level file inputs/outputs (where DOS >>>takes over from Allegro) so that I can modify the bytes at this stage. >>>But I don't want to modify the Allegro source. Or you could encrypt the data inside the datafile, i.e. scramble the map before saving it and descramble after loading it from the datafile. >>Why not? Allegro for DJGPP is static linked. > >But the source isn't. I consider Allegro to be a general-purpose library for >use in all programs. I'm not going to tailor it to any one program. You're missing the whole point of free software: being able to adapt it to your needs. You could even publish your crypto add-on so other Allegro users can benefit from it. >>The Allegro source code is stored in /.../allegro/src so you can >>access it readily. > >Yes, but I don't have to modify the PACKFILE structure; just read it. >There's no point in writing when I know how to read :-) Care to write up a crypto API for Allegro that can be extended with user-supplied crypto? The developers would love it. And crypto is legal to distribute (at least from the United States) as long as it's free software. -- Damian Yerrick http://yerricde.tripod.com/ Comment on story ideas: http://home1.gte.net/frodo/quickjot.html AOL is sucks! Find out why: http://anti-aol.org/faqs/aas/ View full sig: http://www.rose-hulman.edu/~yerricde/sig.html This is McAfee VirusScan. Add these two lines to your .sig to prevent the spread of .sig viruses. http://www.mcafee.com/