What encryption does Xojo use?

Hello

I’m making a class generator andere I would love to encrypt them before exporting.

How does Xojo encryptie classes when you encrypt them?

Thanks!

In a way we’re unlikely to ever document in any fashion

Understand that telling you how you could do it would require revealing everything that we do
If we used public / private key paris we’d have to tell you those
We’d have to tell you exactly which encryption mechanisms are used
And so on

very well actually

maybe you can use IDE Scripting to load project, encrypt classes and save?

[quote=357574:@Norman Palardy]In a way we’re unlikely to ever document in any fashion

Understand that telling you how you could do it would require revealing everything that we do
If we used public / private key paris we’d have to tell you those
We’d have to tell you exactly which encryption mechanisms are used
And so on[/quote]

Good point, I totally missed the point that Xojo has to decrypt it for compilation.
The Xojo encryption is actually security by obscurity, but there is no other way I guess.
Thanks for you answer!

This will be the way to go indeed!

You may want to know that the encryption may not be safe in all cases as there may be people out there who can decrypt it.

and some clients will only buy source code unencrypted!

[quote=358048:@Mathias Maes]Good point, I totally missed the point that Xojo has to decrypt it for compilation.
The Xojo encryption is actually security by obscurity, but there is no other way I guess.[/quote]
No
But we’d have to tell you the various keys used & what algorithms are used so you could encrypt using the exact same method
And there’s no chance we’re going to tell you the keys :slight_smile:

What if he asked nicely and said “please?” :wink:

What I’d like to see is a view for public interface of encrypted classes!

uh … Not a snowballs chance in hell :stuck_out_tongue:

It’s “password”

I guess it’s “secret”

it’s “1234” just like on my luggage. :slight_smile:

[quote=358079:@Norman Palardy]No
But we’d have to tell you the various keys used & what algorithms are used so you could encrypt using the exact same method
And there’s no chance we’re going to tell you the keys :)[/quote]

I totally understand!

But an honest question, aren’t you guys afraid that just someone decompiles Xojo and grabs the keys?

I am pretty sure they have obfuscated the keys so it wouldn’t be easy to do that. Nothing is impossible.

[quote=358144:@Mathias Maes]
But an honest question, aren’t you guys afraid that just someone decompiles Xojo and grabs the keys?[/quote]
hiding in plain sight is the best way to hide stuff :slight_smile:

That’s what I meant with my previous comment, it boils down to security by obscurity.

BUT! This problem will fix itself the moment Xojo coded plugins will be introduced.

Scott, you’re the best for making that reference. I am so glad someone did.

Mathias, Xojo warns you, “Warning: This is a lightweight protection scheme designed to deter casual browsing, not a secure cryptography system.” So I mean, they’re very up front about the possibility of reverse engineering the “encrypted” code.

If you’re worried about someone stealing your code when you offer third party addons, then don’t offer a demo.