Abstract
The file security (fs) utility implements the CCrypto and CDir classes I presented earlier on this site. The purpose of this article is to demonstrate how these classes can be used along with managed extensions for C++, to create a usable command line utility.
Before I go behind the scenes, let me go over some of the code features this utility demonstrates. The utility implements parameter processing, file filtering & directory recursion, file wiping, encryption, decryption, and MD5 & SHA-1 hashing. The encryption and decryption is done through the Rijndael algorithm with a 256 bit key space.
Although the user interface may not be exactly user friendly, I believe there is still a place for command line utilities.
The syntax of the command:
fs [-?] [-r] [-q]
{ [-w #] | [-e] | [-d] | [-l] | [-sha] | [-md5] [-KEY drv:\file] }
{ [-p password] | [-k drv:\file] }
[-x .ext] [-o drv:\folder] [[drv:\file]...]
The parameter definition:
-w # Wipe file with # passes (default is 7 wipes)
-e Encrypts file(s) (requires parameters {-p | -f})
-d Decrypts file(s) (requires parameters {-p | -f})
-sha SHA-1 signature
-md5 MD5 signature
-l Lists file(s) only
-q quiet mode
-KEY Make key file
-p Sets the password for encryption or decryption
-k Sets key file for encryption or decryption
-r Recursive on sub directories and files
-x Set file extension for encrypted file(s) (default is .crypt)
-o Set directory location for encrypted files
-? This help screen
Example usage
To wipe all the *.txt files in the current directory:
fs -w 10 *.txt
To encrypt all the *.msg and *.txt files on the drive to the folder c:\encrypted using the key file c:\key.zzz.
fs -r -e -o c:\encrypted -k c:\key.zzz c:\*.msg c:\*.txt
Behind the scenes
The _tmain() function is the entry point for the executable. The _main() function instantiates the CFileSecurity and the CDir classes into objects and then processes the parameters taken through (argc, *argv[]). The parameter switches set the attributes of the objects which determine the utility's characteristics.
There are actually three classes that make up the utility: CCrypto, CFileSecurity, and CDir. The CDir class processes the files and folders. The CCrypto class contains the methods to wipe, encrypt, decrypt, create file keys and hash files. The CFileSecurity is the middle man that sits between the two objects.
The CFileSecurity class creates an abstraction layer between the file processing of the CDir class and the CCrypto class. In the abstraction layer, attributes are set according to the command line switches. Before file processing begins, the CFileSecurity::SettingsOK() method does some validity checking on the switches. An example of a check would be to ensure that we have a key when encrypting or decrypting.
After the validity checking the CCrypto class is instantiated into an object by the CFileSecurity::InitializeCrypto() method. The method calls on the appropriate CCrypto constructor and sets some attributes. The CFileSecurity::ProcessFile(FilePath) method determines which of the CCrypto methods to call to process the file.
The CDir::dir method processes the files that meets the user defined filter in the current directory. Each file that matches the filter, is passed on to the CFileSecurity::ProcessFile for processing. If recursion is enabled, folder paths are also processed by passing each path back into the dir method.
Issues
There are no issues that come to mind, using the utility. There could be a list made of improvements that could be made though. One example that I could think of would be to prevent encrypting the keys you use to encrypt.
I do not really like the way I handled the command line parameters. If some one knows of a more elegant way I would like to know.
