Sign in to follow this  
Followers 0
ghetek

Secure Variable Storage

7 posts in this topic

#1 ·  Posted (edited)

I needed a way to easily push out updates to old scripts without having to deal with files, so I decided to make a backdoor for editing my script variables via the registry.

#include <String.au3>

Global $message = _eQc_SecVarGet("MyVariableIdentifier", "Hows it Going?")

msgbox(0,"Hi there!",$message)
_eQc_SecVarSet("MyVariableIdentifier", InputBox("App Title","Response")) 
msgbox(0,"App Title","Now run me again.")

Func _eQc_SecVarGet($svName, $svEpoch);sv identifier, epoch
    Dim $i = 1, $svoroot = "HKEY_CURRENT_USER\Software\My Company\My App\sv", $svsec = "SecretPassword"
    $svStructRes = StringInStr($svName, "\", 2, -1)
    If $svStructRes > 0 Then
        $svoRootMod = $svoroot & "\" & StringLeft($svName, $svStructRes - 1)
        $svName = StringTrimLeft($svName, $svStructRes)
        $svoroot = $svoRootMod
    EndIf
    $svo = _StringEncrypt(0, RegRead($svoroot, $svName), $svsec, 2)
    If @error <> 0 Then
        RegWrite($svoroot, $svName, "REG_SZ", _StringEncrypt(1, $svEpoch, $svsec, 2)); comment this to disable "healing"
    Else
        Return $svo
    EndIf
    Return $svEpoch
EndFunc ;==>_eQc_SecVarGet

Func _eQc_SecVarSet($svName, $svEpoch)
    Dim $svoroot = "HKEY_CURRENT_USER\Software\My Company\My App\sv", $svsec = "SecretPassword"
    $svStructRes = StringInStr($svName, "\", 2, -1)
    If $svStructRes > 0 Then
        $svoRootMod = $svoroot & "\" & StringLeft($svName, $svStructRes - 1)
        $svName = StringTrimLeft($svName, $svStructRes)
        $svoroot = $svoRootMod
    EndIf
    RegWrite($svoroot, $svName, "REG_SZ", _StringEncrypt(1, $svEpoch, $svsec, 2))
    If @error Then
        Return $svEpoch
    EndIf
EndFunc ;==>_eQc_SecVarSet

all stored variables are encrypted and easily updated via the set command. Try playing around with multiple computers and remote registries!

Edited by ghetek

Share this post


Link to post
Share on other sites



one more thing.. the string trimming nonsense is in there in case you want to specify sub containers within your variable identifier

Share this post


Link to post
Share on other sites

The problem with this is that people really don't like writing to the registry. It's a good idea though.

Agreed. Good idea but I'm not sure it's for everyone.

If you store variables and settings in the registry then you have a non-portable application.

If you store variables and settings in an ini file then you have a portable application.

AutoIt is a superb environment for developing portable applications so I'm happy to stay with ini files for now. Of course, you could provide methods for reading and writing secure variables from and to ini files :P

Share this post


Link to post
Share on other sites

#5 ·  Posted (edited)

If you store variables and settings in the registry then you have a non-portable application.

If you store variables and settings in an ini file then you have a portable application.

I don't agree with that 100%. You can store information in INI files but they are not theoretically always portable. Some applications store information in temporary areas which can be a bugger to find.

However, registry over INI... INI.

Edit: I missed an important word in my "argument".

Edited by JamesBrooks

Share this post


Link to post
Share on other sites

I don't agree with that 100%. You can store information in INI files but they are not theoretically always portable. Some applications store information in temporary areas which can be a bugger to find.

However, registry over INI... INI.

Edit: I missed an important word in my "argument".

almost done integrating INI. just need to clean this up a bit.

; ===================================================================
; _eQc_SecVar($svName, $svEpoch[, $svMode, $svHeal])
;
; Stores an encrypted variable in the registry or INI file.
; Parameters:
;   $svName - Name of the variable. This is a personal identifier and can be any text string
;   $svEpoch - Statically assigned value for the variable
;   $svMode - OPTIONAL - Used to change between Registry =0 and INI = 1. Registry is default
;   $svHeal - OPTIONAL - On by default, this will write the secure variable if it does not exist.
; Returns:
;   Will return the secured variable instorage, if found. If the variable could not be found, epoch is returned
; Remarks:
; Calling the function with an empty svName string will delete the svroot
; Calling the function with an empty epoch string will delete the variable
; ===================================================================
Func _eQc_SecVar($svName, $svEpoch, $svMode = 0, $svHeal = 1);sv identifier, epoch, heal
    Dim $svSec = "SecretPassword", _
            $sveEpoch = _StringEncrypt(1, $svEpoch, $svSec, 2), _
            $svoRoot = "HKEY_CURRENT_USER\Software\My Company\My App\sv", _
            $svINI = @ScriptDir & "\sv.ini" 
    
    $svStructRes = StringInStr($svName, "\", 2, -1)
    If $svStructRes > 0 Then
        $svoRootMod = $svoRoot & "\" & StringLeft($svName, $svStructRes - 1)
        $svName = StringTrimLeft($svName, $svStructRes)
        $svoRoot = $svoRootMod
    EndIf
    
    If $svEpoch = "" Then
        IniDelete($svINI, "sv", $svName)
        RegDelete($svoRoot, $svName)
    EndIf
    
    If $svName = "" Then
        RegDelete($svoRoot)
        FileDelete($svINI)
    EndIf
    
    Switch $svMode
        Case 0
            $sveRegEpoch = RegRead($svoRoot, $svName)
            If $sveRegEpoch = "" And $svHeal = 1 Then
                RegWrite($svoRoot, $svName, "REG_SZ", $sveEpoch)
            Else
                Return _StringEncrypt(0, $sveRegEpoch, $svSec, 2)
            EndIf
        Case 1
            $sveINIEpoch = IniRead($svINI, "sv", $svName, "svna_")
            If $sveINIEpoch = "svna_"  And $svHeal = 1 Then
                If Not FileExists($svINI) Then
                    _FileCreate($svINI)
                    IniWrite($svINI, "sv", $svName, $sveEpoch)
                EndIf
            Else
                Return _StringEncrypt(0, $sveINIEpoch, $svSec, 2)
            EndIf
    EndSwitch
    Return $svEpoch
EndFunc  ;==>_eQc_SecVar

Share this post


Link to post
Share on other sites

#7 ·  Posted (edited)

Great code, thank you very much.

Edited by kor

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0