This is the EnScrypt(tm) Cryptography Package for Macintosh

  EnScrypt

by Highwinds Trading Company
http://www.highwinds.com

 

EnScrypt(tm) is cryptography for Macintosh based scripting environments; to build digital signatures, secure passwords, and other sophisticated security tools. EnScrypt can be an indispensable tool for software developers, script writers and anyone needing to provide encryption security on the Macintosh platform.

It is part of a series of software products for both the developer and the consumer. Encryption is provided for EnScrypt by the "Blowfish" algorithm. " Blowfish" is one of several very secure and well-known symmetric encryption algorithims. References, "white papers" and sourcecode for "Blowfish" can be obtained at http://www.counterpane.com. Hashing is provided by the "SHA-1" algorithm, information for which can be found in many places.

Installation Instructions: To use EnScrypt, put the file "EnScrypt (40)" inside the "Scripting Additions" folder which is inside your System Folder and/or Extensions folder (depending on your version of MacOS). EnScrypt is implemented as suites of "Osaxen" inside Scripting Additions. Osaxen are fast sub-routines that can be called by AppleScript (and other OSA languages) on MacOS systems.

EnScrypt comes in several standard configurations.

EnScrypt (40). This version of EnScrypt is restricted in the power of its encryption (40 bit keys) that makes it satisfactory for many general purposes. Pass any text or file to EnScrypt together with a key, and it will pass back the encrypted text. Pass it an encrypted text, and it passes back the original.

Stronger Versions of EnScrypt. Other strengths can be built on a custom basis. Also, we can customize EnScrypt to work as a helper for any other Macintosh application.

SourceCode for EnScrypt is freely available to anyone wishing to validate the security features or the implementation of underlying algorithms. Source code may not be used for any other purpose.

Version History

June 3, 1999. Version 1.0 is released

June 18, 1999. Version 1.01. Adds documentation and example scripts for doing encryption, digital signatures, and password authentication. Also includes the FreeBees osaxen.

June 22, 1999. Version 1.02. Fixes a bug. Different versions EnScrypt are now compatible with each other and with other implementations of "Blowfish."

August 24, 1999. Version 1.5. Padding improvements, another bug fix, a time limitation in EnScrypt Lite, more flexibility with implementation, improved sample scripts.

November 15, 1999. Version 2.0. Combined EnScrypt with FreeBees into a single suite of utilities for Macintosh cryptographers. Increased the key strength of the freeware version from 24 bits to 40 bits and removed all the demo timeout limitations.

EnScrypt Syntax and Samples

Following is the Applescript syntax and samples for (EnScrypt 40). There are more samples in the folder "Demos and Samples."

HW40 Make Subkeys:
use the key supplied by the user to create subkeys. Creates the subkeys which do the actual encryption.
Result: 'HW!!' -- the result (passed back to the script)

HW40 Encrypt String: use the keys generated in HW Make Keys to encrypt the data. EnScrypt will encrypt any string
subkeys 'HW!!' -- this is the keylist created by ‘make subkeys’
Result: string -- Encrypted text.

HW40 Decrypt String:
use the keys generated in make keys to decrypt the data. This is the encrypted text.
subkeys 'HW!!' -- this is the keylist created by ‘make subkeys’
Result: string -- Decrypted text.


SAMPLE:
set plaintext to "The rain in Spain stays mainly on the plain"
set pskey to "ThisIsMyPasskey"
set keylist to HW40 Make subkeys pskey
set cryptstring to HW40 Encrypt String plaintext subkeys keylist
set decryptstring to HW40 Decrypt String cryptstring subkeys keylist

 

Technical Note for Macintosh developers:
Padding specification. Texts encrypted by EnScrypt are compatible with other implentations of "Blowfish" with the following caveat: The standard version of EnScrypt handles padding in a way that pads with random bits in the encrypted data, and then strips them from decrypted data to produce an exact original (further details below**). Other implementations of Blowfish handle padding differently (or not at all). In order to make EnScrypt compatible with another version of Blowfish (so that you can transmit data between them), padding specifications must be made compatible. EnScrypt can be customized for this purpose.

**Padding Details. The Blowfish encryption algorithm encrypts text in 64-bit (8-character) blocks. This means that from 1 to 7 characters must be added to the end of a message. In order to ensure that the extra characters are truncated from the decrypted text, EnScrypt pads all plaintext before encrypting it, the last extra byte receiving the number of extra bytes, including itself. So a message that ends on an 8-character boundary receives 7 randomly chosen characters plus the value 7. Upon decryption, the last byte is read and its value indicates the number of bytes that must be truncated from the plaintext to recreate the original message.

What Are the Other Suites in EnScrypt?

In earlier versions, the Hexing and Hashing suites were in a separate scripting addition called "FreeBees". In version 2.0 they have been combined. "Hashing" is creating a one-way hash of any text, and "hexing" is translating text to and from its hexadecimal equivalent. Use the hashing routine, based on the algorithm "SHA1", to create and/or verify secure passwords. Use the hexing routine to facilitate communication and bypass complicated encodings.

 

Hexing/Hashing Syntax and Samples

Following is the syntax and samples for hexing and hashing. There are more samples in the folder "Demos and Samples."

HW Hex String: Turn a string of characters into the equivalent hexadecimal string - character string
Result: string -- resulting hex string

HW Unhex String: Turn a string of hex digits into a character string - Hex string
Result: string -- Character String


set STR to "•˙•hipª∫ublyf7co87ªb09;on∫"’©87f8ƒ®67d76dfdsr§∞ß6u"
set hexString to HW Hex String STR
set unhexString to HW Unhex String hexString


HW Hashvalue String: Make a hash of some text - Plain text
Result: string -- hash result -- 20 character text array


set STR to "•˙•hipª∫ublyf7co87ªb09;on∫"’©87f8ƒ®67d76dfdsr§∞ß6u"
set DoHash to HW Hashvalue String STR

 

Product Support

We intend to provide vigorous support for EnScrypt, and to upgrade the package as necessary. Send email to mailto://Highwinds.News-on@lists.highwinds.com. This will put you on the Highwinds Announcement List.

If you have questions or comments, we recommend you subscribe to the support discussion list by sending email to mailto://Highwinds.Support@lists.highwinds.com.

Individual questions should be directed to Support@Highwinds.com.

Highwinds Trading Company
205 Winsor Lane
Haverford, Pa. 19041
Tel. 610-645-9208

 

Copyright, Warranty, and Licence Information

EnScrypt©1999 by Highwinds Trading Company, LLC. This software is provided "as is", and without any warranty, express or implied, including without limitation, the implied warranties of merchantability or fitness for any purpose. You may NOT redistribute EnScrypt in any form, or incorporate it into any other program that is distributed to the public, unless by our specific written permission.

 

Credits

EnScrypt is written by Robert Meigs in ‘C’.
Macintosh and MacOS are trademarks of Apple Computer.

 

Other Highwinds Products and Services

1. SecurePass(tm): an archiving utility for passwords
and other security keys; similarities to the "Keychain" in MacOS 9,
but for use with any Macintosh back to version 7.6. Designed for
the user who accesses secure network services or who deals with
multiple passkeys that are difficult to secure, memorize,
use, change, and keep track of.
Available: Now.  

2. TradingPost(tm): a superior way of finding online
information, doing remote backups, and going e-shopping.
Available: November 1999.

3. "The Intelligent Autoresponder" is the answer for
distributing software, brochures, and other digital material.
It supports email attachments, follow-up messages.
Developers should take particular note of the unique
opportunities for cheap and easy delivery of software.
Available: Most Features Available Now. Program in beta testing.  

4. Mailing List and Ezine Hosting. We've been hosting free and
not-quite-free mailing lists for years. Lots of
options. Fast delivery. Great service. Think of
Highwinds not only for mailing lists, but also for
EZines, and broad distribution of announcements, news
letters, brochures, and catalogs (as email attachments).
Available: Now.