Search this site
Arbed - String Obfuscation
(Available in Arbed 1.6 and later)
What it does
Here's an example of how the code modification works, where the obfuscation is done by converting the string into its Base64 representation:
dim md as new MessageDialog md.ActionButton.Caption = "Quit"
static s_Quit as String = DecodeBase64("UXVpdA==").DefineEncoding(Encodings.UTF8) ' "Quit" dim md as new MessageDialog md.ActionButton.Caption = s_Quit
While this example uses only the rather easy-to-decypher Base64 encoding, you are free to choose your own encoding and decoding methods, thanks to RbScript.
The following strings can not be obfuscated because the program would not compile:
Furthermore, these types of strings won't be offered for obfuscation out of technical reasons:
Therefore, all these types of strings won't be offered for obfuscation.
How To Use
To use this feature, open a project in its Project Editor, then choose Obfuscatable Strings from the Project menu.
A new floating window will appear that shows all strings that can be obfuscated:
Select the strings from the list that you like obfuscated (for a quick test, simply select all), then click the Obfuscate... button, which will get you to the following modal dialog:
The upper edit field lets you enter a RbScript program that performs the encryption of a string, while the lower edit field provides a function call to perform the opposite.
The upper encryption code has to be written entirely in RbScript (you may invoke external shell commands and other tools, though, see below) because it will be executed when pressing the Start button of this dialog.
The lower decryption code, though, allows you only to invoke a function. That function you have to add to your project separately. That'll be the decryption function that reserves the upper script's operation.
In the above example we're using Base64 "encryption", for which RB already provides a built-in function.
You should also remember setting the Encoding of the string back to UTF-8 if the decryption process loses the encoding, because all string constants in Real Studio projects get the UTF-8 encoding by default, and other functions in your project may rely on that fact.
Arbed does not manage (save, load) multiple encryption schemes for you. All it does is to remember your last input into these fields. Therefore, you should maintain a separate text file that contains your used encryption script, decryption function call and decryption code to add to your project so that you won't lose it.
Also note that because the encryption script and decryption calls are added to the selected strings once you press the Start button, you can even use different encryption techniques in your program for different strings.
Developing your own encryption algorithm
Due to the fact that the encrypted strings still need to appear in the source code, they need to be valid UTF-8 strings. That means that you cannot return strings that contain an arbitrary set of bytes, because byte combinations are not valid in Unicode strings. Therefore, if your encryption code generates strings that consist no only of readable Unicode characters, you should encode them in a text-only format such as Base64, before assigning it to Output.
Obfuscation script reference
The script you write for generating your encrypted strings runs as RbScript code.
The basic functionality of RbScript is described in the Real Studio documentation.
Note that RbScript's language has a few unexpected limitations. For instance, you cannot write:
but you need to write:
dim d as Dictionary d = new Dictionary
Similarly you cannot use:
dim i as integer ->for i = 0 to 5
However, these restrictions only apply to lines you write at the topmost code level. If you instead place all your code into a "sub" method and call that from a line past the subroutine, the code inside that method does not fall under the above restrictions.
Arbed provides a Context class to the RbScript and thereby adds the following additional functions and properties you can use in the script:
Encryption operations using the |MBS "Utils" plugin:
You can use the following Encode... functions to return encrypted binary data.
The de/encryption operations do not set the string's encodings. You can control this yourself with the follow functions:
You also get two classes:
If you require other operations for the script, contact me and I'll see that I add them quickly for you.