Just encrypt the string in C

I am trying to encrypt a query string in a game that I create when I open a URL. This should not be difficult, because since I work with the game engine, it should be as simple as possible. This tends to fuss if I get too low.

I already created a query string, I just need to take each char and subtract 15 from char in order to slightly encrypt it. I just want to make simple encryption that will hold most users.

I would like to give a code example, but I'm not too experienced in C, and I'm not even sure where to start. Ani games usually makes everything simple for me.

+6
source share
6 answers

None of these answers really constitute reasonable encryption.

What you really want to do is use a certain form of authenticated encryption and some form of secure key decryption algorithm. My personal recommendation is libsodium . It provides very good default settings and an API that is relatively difficult to make mistakes.

There are several ways to do this:

All these features are integrated into libsodium and are implemented with relative ease.

The following code examples are taken directly from the libsodium documentation .

For 1:

#define MESSAGE ((const unsigned char *) "test") #define MESSAGE_LEN 4 #define CIPHERTEXT_LEN (crypto_secretbox_MACBYTES + MESSAGE_LEN) unsigned char nonce[crypto_secretbox_NONCEBYTES]; unsigned char key[crypto_secretbox_KEYBYTES]; unsigned char ciphertext[CIPHERTEXT_LEN]; /* Generate a secure random key and nonce */ randombytes_buf(nonce, sizeof nonce); randombytes_buf(key, sizeof key); /* Encrypt the message with the given nonce and key, putting the result in ciphertext */ crypto_secretbox_easy(ciphertext, MESSAGE, MESSAGE_LEN, nonce, key); unsigned char decrypted[MESSAGE_LEN]; if (crypto_secretbox_open_easy(decrypted, ciphertext, CIPHERTEXT_LEN, nonce, key) != 0) { /* If we get here, the Message was a forgery. This means someone (or the network) somehow tried to tamper with the message*/ } 

For 2: (Getting the key from the password)

 #define PASSWORD "Correct Horse Battery Staple" #define KEY_LEN crypto_secretbox_KEYBYTES unsigned char salt[crypto_pwhash_SALTBYTES]; unsigned char key[KEY_LEN]; /* Choose a random salt */ randombytes_buf(salt, sizeof salt); if (crypto_pwhash (key, sizeof key, PASSWORD, strlen(PASSWORD), salt, crypto_pwhash_OPSLIMIT_INTERACTIVE, crypto_pwhash_MEMLIMIT_INTERACTIVE, crypto_pwhash_ALG_DEFAULT) != 0) { /* out of memory */ } 

The array key now contains a key that is suitable for use in the code example above. Instead of randombytes_buf(key, sizeof key) to generate a random key, we generated the key obtained from the user password and used it for encryption.

3 is the "most difficult" of the 3 types. This is what you use if you have two sides to communication. Each side creates a “key pair” that contains the public and private key. With these key pairs, they can jointly agree on a “shared key" that they can use to encrypt (and sign) the data for each other:

 #define MESSAGE (const unsigned char *) "test" #define MESSAGE_LEN 4 #define CIPHERTEXT_LEN (crypto_box_MACBYTES + MESSAGE_LEN) unsigned char alice_publickey[crypto_box_PUBLICKEYBYTES]; unsigned char alice_secretkey[crypto_box_SECRETKEYBYTES]; crypto_box_keypair(alice_publickey, alice_secretkey); unsigned char bob_publickey[crypto_box_PUBLICKEYBYTES]; unsigned char bob_secretkey[crypto_box_SECRETKEYBYTES]; crypto_box_keypair(bob_publickey, bob_secretkey); unsigned char nonce[crypto_box_NONCEBYTES]; unsigned char ciphertext[CIPHERTEXT_LEN]; randombytes_buf(nonce, sizeof nonce); if (crypto_box_easy(ciphertext, MESSAGE, MESSAGE_LEN, nonce, bob_publickey, alice_secretkey) != 0) { /* error */ } unsigned char decrypted[MESSAGE_LEN]; if (crypto_box_open_easy(decrypted, ciphertext, CIPHERTEXT_LEN, nonce, alice_publickey, bob_secretkey) != 0) { /* message for Bob pretending to be from Alice has been forged! */ } 

This code first generates both keys (this usually happens on the bob and alice machines separately, and they will send each other their public key, keeping the secret key, well, secret).

Then a random exception is thrown, and a call to crypto_box_easy(...) encrypts the message from alice to bob (using the bob public key for encryption and the alice private key to create the signature).

Then (after potential sending the message over the network), the crypto_box_open_easy(...) ) call is used by bob to decrypt the message (using its own private key to decrypt and the alice public key to verify the signature). If, for any reason, the message check failed (someone tried to intervene in it), this is indicated by a non-zero return code.

+14
source

Your "encryption" will not fool anyone.

There are good opportunities on the Internet to use well-known and secure encryption algorithms.

For example: Twofish

Edit:

XOR implementation example:

 void encrypt(char *array, int array_size) { int i; char secret[8] = { 22, 53, 44, 71, 66, 177, 253, 122 }; for(i = 0; i < array_size; i++) array[i] ^= secret[i]; } 

An array containing a query string is assumed to have a length of 8 or less bytes. Increase the length of the secret to suit your needs.

+9
source

You can do this with a very simple function:

 void encrypt(char *s) { int i, l = strlen(s); for(i = 0; i < l; i++) s[i] -= 15; } 

A simple encryption algorithm called an XOR cipher may also be of interest there.

+5
source
 void doTerribleEncryptionMethod(char * arr, int arrSize) { int i; for(i = 0; i < arrSize; i++) { arr[i] -= 15; } } 

Pay attention to the name of the function. What you want to do is stupid and pretty useless.

+5
source

SonOfRa has already suggested the correct answer .

But if you intend to use something scary to obscure the string without actually encrypting it, the GNU C library provides memfrob(3) , which is already written and is easily reversible.

+1
source

You can use the base64 variant with a custom alphabet or just a shuffled alphabet. This is not very safe, but in your case it is probably enough. The algorithm is widely used, so it will be easy for you to find an implementation where you can provide your own alphabet.

The bonus point is that no matter what you enter in the query string, the encoded form will consist of valid URL characters if you chose the alphabet correctly.

-1
source

Source: https://habr.com/ru/post/898459/


All Articles