# Trying to Understand Encrypting INI data

## Recommended Posts

So to use the _StringEncrypt function I have to have the value I'm encrypting in the function. Then once I want to decrypt I have to have that value in the function too? That is what I do not understand. For example I used the following code to add two encrypted values to an INI file:

#include <String.au3>
#include <file.au3>
#include <INet.au3>

$iniFile = "dir"$s_EncryptText1 = "username"
$s_EncryptText2 = "password"$s_EncryptPassword = "random characters"

IniWrite ( $iniFile, "Settings", 6, _StringEncrypt ( 1,$s_EncryptText1, $s_EncryptPassword, 1 ) ) IniWrite ($iniFile, "Settings", 7, _StringEncrypt ( 1, $s_EncryptText2,$s_EncryptPassword, 1 ) )

So those two variables, $s_EncryptText1 and 2, would they be necessary to be able to decrypt the values in the INI files? That to me doesn't make much sense and would seem to defeat the purpose of encrypting in the first place. Or am I missing something? If not, is there a way I could safely encrypt the strings without having to type the username and password in the script in clear text. BTW, this is part of an automated script so it would not help me to have a popup box or something that asks for input. #### Share this post ##### Link to post ##### Share on other sites It doesn't work the way you think, hopefully. Here is how it really works: Local$plaintext = "Assume that you can read this sentence."
Local $password = "s0Me 95% SékiuRe p@ß_wörd" ;; encryption Local$cyphertext = _StringEncrypt(1, $plaintext,$password)

ConsoleWrite($cyphertext & @LF) ; .../... ;; in some other part of code or another program Local$recoveredPlaintext = _StringEncrypt(0, $cyphertext,$password)

I guess what I'm trying to explain is that I'm okay with having a clear text password for encryption in the script. But I just do not understand what the value "$s_EncryptText" is used for? Would this be my username, and then I would need a whole new line for the password with a second value? Edited by Webs #### Share this post ##### Link to post ##### Share on other sites This should make sense to you I hope. You're waaaay overcomplicating this: #NoTrayIcon #include <String.au3> #cs Ini File: [Settings] user=50980AD72A6D1F0F997015124C4B3583 pass=509D0DD52B6B1F0E980015674D443582 Generate those values: ConsoleWrite(_StringEncrypt(1, "username",$sEncPass) & @CRLF)
ConsoleWrite(_StringEncrypt(1, "password", $sEncPass) & @CRLF) #ce$iniFile = "C:\some\path\to\inifile.ini"
$sEncPass = "secret"$sUser = _StringEncrypt(0, IniRead($iniFile, "Settings", "user", ""),$sEncPass)
$sPass = _StringEncrypt(0, IniRead($iniFile, "Settings", "pass", ""), $sEncPass) ConsoleWrite($sUser & "  :  " & \$sPass & @CRLF)

##### Share on other sites

Put simply: the same function call that encrypted your plain text can also be used to decrypt the encrypted version. So you pass the plain text and password in the first time, then you call the same functon but this time you pass in the encrypted text and the password, and you get back the unencrypted text.

The simplest form of symmetric encryption is "ROT13", which means "Rotate 13 characters". If you write down the 26-character alphabet on the outside of a circle, and rotate by 13 characters on the circle for each character of your input, a user name of "phibbs" would become "cuvoof". If you then take "cuvoof" and pass it through the same encryption process, you get "phibbs" back again. _StringEncrypt() is like that, but uses a password to make it a bit less obvious than ROT13.

Edited by PhilHibbs

##### Share on other sites

Thanks wraithdu, I wasn't think about it correctly. Having the INIRead function inside the stringencrypt is what I was missing. For someone my brain didn't latch onto that concept.

Thanks for the explanation of the encryption Phil, that makes sense. I think it should be secure enough for what I'm doing.

## Create an account

Register a new account