05-02-2019 05:29 AM
Bonjour ,
Je développe une application pour une machine de test sous labwindows CVI ,
J'aimerais savoir comment crypter un fichier .ini le rendre accessible juste en lecture non en écriture.
Solved! Go to Solution.
05-02-2019 05:54 AM
As far as I can understand, you want to have some configuration file stored on your disk and crypted so that it cannot be modified out of your program.
Long time ago I posted this example that demonstrate how to leverage system resources to crypt/decrypt texts:
Encryption / Decryption in LabWindows/CVI
Despite its age it still works on Win10 systems and you may want to consider it as the basis of your system.
I really don't know however how you can apply it to a .ini file: I suppose you don't want to create a plain text file with Ini_WriteToFile first to be crypted and deleted afterwards, to avoid the risk that the file is not securely deleted; you may try experimenting with Ini_WriteGeneric and Ini_ReadGeneric to see if the in-memory IniText object can be passed to crypt functions without need to actually create a physical file. An alternative is to use another format for the config file without relying on IniText objects (since you obviously don't want to edit it manually, the overhead of .ini format is useless).
05-02-2019 06:08 AM - edited 05-02-2019 06:16 AM
It just came to my mind that if you don't need a strong and secure cryptography but you simply want to discourage manual editing of the configuration file you can use simpler methods like for example a raw dump of the memory content to a formatted string: this post of mine shows this method to dump a simple structure to a text file and read it back. Resulting output is also shown so you may verify whether this method is enough for your goal or not.
05-02-2019 07:42 AM
Thank you very much Roberto for your help , and I'm sorry because I didn't give enough data for my problem :
My application calcul the offset and gain of instruments , and generate Ini_File that contains value of gain and offset Like :
[Calibration_Gain_AI]
Gain_AI_0 = 1.02
Gain_AI_1 = 1.05
Gain_AI_2 = 1.03
Gain_AI_3 = 1.5
Gain_AI_4 = 1.4
Gain_AI_5 = 1.3
Gain_AI_6 = 1.2
Gain_AI_7 = 1.6
[Calibration_Gain_AO]
Gain_AO_0 = 1.25
Gain_AO_1 = 1.6
....................
[Calibration_Gain_EL]
Gain_EL_0 = 2.5
Gain_EL_1 = 1.26
....................
[Calibration_Offset_AO]
Offset_AO_0 = 0.02
Offset_AO_1 = 0.3
Offset_AO_2 = 0.4
Offset_AO_3 = 0.5
....................
I use :
Ini_PutDouble (Ini_HandleCalibration,SectionName,ItemName,pCalibration[Index_Instrument].Offset[IndexTest]);
Ini_PutDouble (Ini_HandleCalibration,SectionName,ItemName,pCalibration[Index_Instrument].Offset[IndexTest]);
As you said in your last email I want to discourage the people that use the test bench to change values of calibration because is calculated automatically with my application, it means they can see and know calibration of instruments but they can't modified.
Thank very much roberto for your feedback
05-03-2019 02:20 AM - edited 05-03-2019 02:23 AM
Well, in this situation this is what I'd do:
A direct encryption of the .ini file would make it unreadable for the user, while reading data back from the text file would make it possible to modify its content out of your program even if the file is made read-only.
10-07-2019 09:28 AM
Thank you very much,
10-09-2019 06:23 AM
Actually you do not want encryption of those values in any way (and being able to review them in the INI file might be actually an advantage), but you want to secure them to make sure they can't be tampered with. In those cases rather than using encryption you could use hashing. Basically you use some hash function (MD5 is the most commonly used but not cryptographically safe anymore, although you might wonder if something like this needs to be cryptographically safe or rather just safe enough to prevent accidental tampering) and then calculate a hash from all the values and store it as an extra entry in the INI file. On loading you verify that the hash is still valid and if not you refuse to startup or use some safe default values and warn the user about tampered values.
Every time you update the values in the INI file you also update the hash value.
10-09-2019 12:34 PM
Dear all ,
Thank you for your help and ideas , in fact all your ideas is good for my need , the solution that I took is to use :
Encryption / Decryption in LabWindows/CVI : Like that for exemple
[¯žŒŒˆ›]
¾›’–‘ ¯žŒŒˆ› = "½ž‘œš˜ŠÍÏÎÆÒ¬š‹ÒÆ"
[ªŒš ±ž’š]
‹ž–Ž = "‹ž–ŽÑ–›ž¿‰ž“šÑœ’"
•š‘‘–™š = "•š‘‘–™šÑž–Œ‹¿‰ž“šÑœ’"
˜Š–““žŠ’š = "˜Š–““žŠ’šÑ“–ž˜š¿‰ž“šÑœ’"
™ž–œš = "™ž–œšÑŒž‘˜–‰ž‘‘–¿‰ž“šÑœ’"
œš = "™ž–œšÑŒž
[ªŒš ¯žŒŒˆ›]
‹ž–Ž = "ÎÆÇÇÎÆÇÇ"
•š‘‘–™š = "•š‘‘–™šÑž–Œ‹¿‰ž“šÑœ’"
˜Š–““žŠ’š = "˜Š–““žŠ’šÑ“–ž˜š¿‰ž
•š‘‘–™š = "œ°ª¼°ªÈÍ"
˜Š–““žŠ’š = "ÍÆÏÍÈÉ"
™ž–œš = "’¾¶º«¶ºÎ"‹ž–Ž
•š‘‘–™š = "œ°ª¼°ªÈÍ"
˜Š–““žŠ’š = "ÍÆÏÍÈÉ"
™ž–œš = "’¾¶º«
.....................
So I encrypt my data when I save in Ini_file and decrypt when my application lunched.
Than you,
T.RIDA