-
When to encrypt?
I have an .ini file for a text game I'm making. It holds the basic stuff, like the player's profile, and also, the different classes of characters. Such as, Orcs, Imperials, Imps, and their respective strength, dexterity, stamina values. Of course, I don't want the casual player to edit the .ini file with notepad. So I've decided to go with Caesar Encryption. I've got it all implemented. But I'm not sure when or where to call this encryption function. Do I read the whole file at runtime? But what about after runtime, the user can edit the .ini file. Note that I'm still editing values and stuff to tweak the gameplay. Is encryption a one time deal and it's encrypted forever? The file will be in the same folder of the .exe, and I just want to stop someone from double clicking on it, and seeing that it can be edited easily.
-
The only thing i can think of right now is to encrypt the whole file byte by byte so that the first bytes will also change, so that it won't be recognized by any program or editor. So user won't be able to change it..
-
Caesar should be fine. Just read the whole file in at runtime, and then decrypt - just don't write the decrypted stuff to disk. (You're not... are you?)
Alternatively, you could also consider using a binary data file. Numbers (like strength, dexterity, etc) would not be obvious to the novice user. Another solution would be to store the data in the executable itself, in an array perhaps. (IIRC, Nethack, (a game) does this, for instance.)
-
Actually, why not allow causal players to modify the data? Effectively they get to "godmode" or increase difficulty level in some specific area if they want, and this may make some of them happy.
-
Honestly, I wouldn't be encrypting data in an INI file. From my experience with games, INI files contain information that's meant to be changed. Basic options, advanced options, system information, etc... Any kind of character data I would store in some other extension (just make one up) because people are going to see INI and think it's something they should be able to edit.
As for the encryption method... it really doesn't matter in my opinion. People aren't going to bother trying to decrypt it to change some stats unless the game itself is impossible. I would go with the most efficient and least time consuming encryption possible. No point in using any more resources than necessary.
-
Ok, I see. I won't encrypt the .ini and I'll take all the precious info I don't want changed out of there. But I still want to know how this encryption works. I understand my technique I want to use (Caesar), but I don't understand something. Do I encrypt the file when the game is all done and ready to be released? Where should I call functions to encrypt/decrypt the file? I'm confused...:o
-
On Save and Load, of course.
-
Okay, but when I'm ready to release the game, should this file be encrypted already so people can't edit it? Is the file encrypted all the time, regardless of whether it's running?
-
The file should always be encrypted. When you run your program the program should read in the file, decrypt what it needs (in memory of course). If you want to change some of its values during the game for whatever reason encrypt what is stored in memory and save that to your file.
-
Ok! Would it be wise to create a sort of encryption utility to easily encrypt files? Such as, ask for a parameter of the filename and it would encrypt. And then have the same function in the utility be used in the actual program as well as the decryption function. Would this be wise?
-
Erm.
What I'd do is just load the file (encrypted) to some kind of variable (string, vector or whatever). Use a function to decrypt it. Then get all the useful stuff you need from that, whatever that may be. At the end of the day you're never actually converting an encrypted file to a decrypted file.
But there would be no harm in creating a function just to decrypt a specific file and save it to memory, but I would create a few functions: One for loading a file, one for encoding or decoding a string, one for saving a string, one for loading and decrypting (in one swoop, just for convenience), and one for encoding and saving (again in one swoop and for convenience).
Note. If you're using a Cesar method of encryption you'll have to pass a cypher into it for it to be decoded. it's not really wise to hard code this into your program if you think people will try to hack it.
-
Just curious how do you read .ini file? Using boost::spirit ?
-
I'm using some headers called IniFile.h and IniFile.cpp It isn't a library, just some helpful functions.