coopfish
A C++ implementation of the
blowfish encryption algorithm
&
A simple file encryption utility that integrates with
Code Co-op
Purpose
coopfish is a command-line utility for file encryption. It implements Bruce Schneier's blowfish algorithm and is written in standard C++.
This utility is a first throw at designing an add-on to a distributed version control system, the excellent Code Co-op (version 3.x or higher) developed by Reliable Software. Coopfish provides a straightforward way to encrypt the source code change scripts that are automatically transmitted to remote project members.
If you don't use Code Co-op, you may still find this utility or the provided code helpful.
Usage
To encrypt a file:
coopfish.exe [key] [EncryptedOutputFile] [InputFile]
And to decrypt a file:
coopfish.exe [key] [EncryptedInputFile]
Notes:
- The name of the original file is stored in the encrypted file: when decrypting a file, the unencrypted file is restored within the current directory with its original file name.
- [key] is the pass phrase. It shall have from 8 to 56 characters, and be provided between double quotes when it contains spaces and other special characters.
Download
Click here to download a zipped file
of version 1.1 (January 2003, plus comment and license updates since).
The archive includes a Win32 executable, and the 4 source files
that can easily be compiled to build the application on any platform.
The Blowfish implementation is encapsulated in a single pair of files, and can be re-used independently.
I am hereby putting this implementation in the public domain. This said, please let me know if you use this software, or have any feedback or comments; being given credit in derivative works is something I would of course appreciate.
Implementation Notes
- The original file name and file size are stored unencrypted in the encrypted file.
- A checksum is stored within the encrypted file -- the integrity of the encrypted file is checked during decryption.
- Blowfish is simple but popular symmetric encryption algorithm, which has extensively been reviewed. The block cipher implementation of coopfish complies with test vectors available on the internet. Note, however, that the way the block cipher is used in this application is not optimum in terms of security. It is not trivial to break and find the encryption key, but stronger encryption encryption algorithms exist, and safer, professionally developed tools are available.
-
This utility is designed for simplicity and convenience, not for strong
encryption safety.
The application seeks to provide a simple encryption facility
for a small group of developers using Code Co-op.
This encryption (plus the fact that individual Co-op scripts contain
only fragments of source code) should provide sufficient safety for most purposes.
For large networked teams working on multiple development projects, consider using a PGP or GnuPG plug-in for your email software, which can provide strong authentication and encryption. See Co-op's FAQ for details.
Setting-up the Co-op Dispatcher
Here's an example configuration for the script dispatching:
Some things you should pay attention to:
- The full path of the coopfish.exe file on your hard disk should be specified.
- The pass phrase shall be between 8 and 56 characters long. Spaces and most special characters are allowed between a single pair of double quotes.
- It can be a good idea to change your pass phrase from time to time -- but ensure that the pass phrase is common to all team members during script exchanges.
- The name of the encrypted file (second text field in the image) can be specific to each team member.
Acknowledgements
Many thanks to Xavier for helping me test the initial version of coopfish.
For those interested, Xavier developed CoopFishFE, a graphical front-end for encrypting individual files with coopfish.
Most of what I know about security and encryption comes from books and other resources made available by Bruce Schneier. I recommend his excellent Crypto-gram newsletter or his weblog to anyone interested in security and encryption.