Encrypting strings




Instructions for use of lists–entries:

Ctrl + Enter insertion of a new line
Strg + A selection of all entries
Ctrl + Tab activates or deactivates a single list item

[On/Off] enables/disables all currently selected list entries

Deactivated entries are shown indented
and will be ignored in subsequent program flow.


The camouflaging of strings happens by the cryptographically encoding and storage
in constants. For decoding CrunchCode integrates in the source–code a particular function.

Example:
Original: strTxt = "Please wait..."

CrunchCode: Const xxx = "*M5JyrI–&19}!"
...
strTxt = decode(xxx) 'decode() = decoding function

Note: Labels of UserForm elements (property "Caption") are NOT encrypted, because they
can be easily determined from their location within the UserForm.

If such elements do need to be encrypted, this needs to be implemented using other
techniques (e.g. by generating them during run time).

Alternatively CrunchCode offers the option of hiding the content of UserForms in the VBA editor
(see "Camouflaging names/project" –> "Options" –> "Masking of UserForms in VBA editor").

Hint:

If your project contains a large number of identical strings,
then the effort increases while the processing by CrunchCode.

You can reduce the processing time considerably with storing
multiple occurrences of strings in ONE global constant.

Thus only one string must be analyzed and processed.

You get a detailed overview of all the strings when you run first
only the processing level "Analysis".


Important note to text constants!

CrunchCode replaces every call of a text constants by the appropriate string.

Example:

Before: Const XXX = "-----"
...
strLine1 = XXX
...
strLine2 = XXX & strLine1


After: strLine1 = "-----"
...
strLine2 = "-----" & strLine1

Should the character strings be camouflaged, then CrunchCode
creates therefor encoded texts and inserts at the corresponding positions
a decoding function:

Result: Const xyfSBYMU = ",aiBN*42pm}H`–Y08o{"
...
strLine1 = decode(xyfSBYMU) 'decode() = decoding function
...
strLine2 = decode(xyfSBYMU) & strLine1 'decode() = decoding function

However, the as a consequence thereof frequent calls of the decoding function
can lead to a noticeably reduction of the program performance.

In this case, you should examine, whether you can replace text constants
by variables, that are initialized once at program start.

Thus the application of the decoding function is necessary only once:

Change: Public strXXX As String
...
strXXX = "-----"
...
strLine1 = strXXX
...
strLine2 = strXXX & strLine1


Result: Public qQWdVGQNdI As String
Const xyfSBYMU = ",aiBN*42pm}H`–Y08o{"
...
qQWdVGQNdI = decode(xyfSBYMU) 'decode() = decoding function
...
strLine1 = qQWdVGQNdI
...
strLine2 = qQWdVGQNdI & strLine1


Strings to be encrypted

All
These encrypt ALL strings – except perhaps blank text (see below).

Note: For each string a new constant has to be generated
(if the option "NO runtime decoding" is activated,
additionally also a string variable)!

If ALL strings have to be encrypted, then the number of
constants and string variables may increase very fast.
This may cause the following messages when compiling the VBA project:

  Out of memory (Error 7)

There are too many identifiers (thus also constants and string–variables).
It is therefore not possible to compile the source–code
(exceeds the 64K segment limit of the internal identifier table).

  Module is too large

The total code of the module has become too large
and will have to be split into two (or more) modules.
CrunchCode tries to avoid this problem but is unable to determine
when this point will be reached.

In this case, you have several ways to react:

– choose "only selected" and use the option "min. length" (see below)
  A program usually includes a lot of short strings (e.g. "\" for path names).

About 25%...33% of all strings are shorter than 3 characters,
about 20% have only one character!

  These strings contain mostly non–critical content that does not necessarily
  need encryption. This option can significantly reduce the memory required.

– Eventually the option "Include blank strings" is activated (see below)
  Check if it is really necessary to encrypt blank strings.
  The constants and variables generated for these also need memory!

– If possible, deactivate the option "NO runtime decoding" (see below)
  because this only creates one constant per string
  (a string variable is not required), thus saving half of the additional declarations!
  You may also activate only the option
  "NO runtime decoding –> use a global array" (see below).
  Thus is generates only ONE global array–variable which contains all character strings.
  But this decreases the camouflage effect because every encoded character string
  is called with the same variable name.

– Maybe the processing level "Additional procedures" is activated,
  which generates further identifiers (in this case procedures).
  Also refer to the comments for this processing level.


None
Strings are not encrypted.

When the processing level "Additional procedures" is executed (see start menu),
the encryption of strings is automatically initially embedded in it.
With this option you can independently from the level explicitly disable the encryption.


only selected

Specific strings can be included or exluded from the encryption.

Two groups of options are available that determine,
whether a string will be encrypted or NOT.

---------------------------------------------------------------------------------------------------------------
Note:
CrunchCode considers first the options of the group "Encryption if..." (left),
and AFTER that the group "NO ENCRYPTION IF..." (right).
In some cases it is possible that requirements for encryption
of strings from the left group are cancelled by settings in the right group.
---------------------------------------------------------------------------------------------------------------


Include blank strings

Usually, CrunchCode ignores all strings that consist only of spaces,
because they have no information content.
Under certain circumstances it may be necessary to encrypt these strings also
in order to increase the difficulty of finding characteristic features.

The additional variables and constants generated
may lead to memory problems during the compilation of the VBA project.
Please refer to the instructions for option All.


NO runtime decoding

Two methods of decoding are possible:

1. Runtime decoding

    The decoding takes place when the string is needed.

    This method increases the encryption, but can lead to a
    significant reduction in speed because of the decoding.

2. Decoding all strings when the program starts

    CrunchCode generates a constant with the encoded text
    plus a string variable for each string.

    In an initialization procedure that runs when the program starts, all constants are completely
    decoded and transferred to the string variables.
    They are now permanently available as clear text.
    No decoding is necessary when the program runs
    so that the original speed of the program flow is unchanged.

    But the encryption effect decreases because the initialization procedure
    (and with it the respective variables) is relatively easy to locate.
    Some program items (such as the prompt for a password)
    could be found easier.

    All declarations for camouflaging must declared global ("Public")
    which can also cause storage space problems if a large number
    of character strings have to be encrypted.

Recommendations:

– If the program does not use strings in time–critical activities or in loops (For..., Do..., etc.)
  with a large number of iterations, then DEACTIVATE this option to increase the encryption.
  Refer comments "in Do–/For–/While–loop" (see below).

– If the program is slowed down by too many runtime decoding calls, then,
  before you activate this option, try to select ONLY CERTAIN strings
  for encryption. Use the options
  in section "Encryption if..." and "NO ENCRYPTION IF..." (see below).

– The partitioning of long character strings into several short ones is also possible
  ("abcdef" ––> "abc" & "def"). By the option "min. length" (see below)
  these short strings are not encrypted and the performance is preserved.

Attention!

When the runtime decoding is DISABLED, then it may be necessary,
in addition to the program–start to perform an initialization in other procedures.

This concerns in particular procedures that are triggered by buttons (e.g. calls from the Ribbon).

Read hereto the help for "Changing code structure".


NO runtime decoding –> Additional initialization in...

CrunchCode generates an initialization procedure for decoding of all strings,
which must be called at the start of the program.

To guarantee this, CrunchCode lays the call of the initialization procedure into the
event handler "Workbook_Open" because this starts before all other events.

If your project was aborted, (e.g., by the instruction "End"), then, however
all contents of these variables get also lost.
The project would have to be reopened now to perform the initialization.

However, many programs start also with other events
(like e.g. with the click on a Ribbon–Button), because they do not require a special initialization.

In this case the by CrunchCode generated variables would be without contents,
because "Workbook_Open" is not executed, what leads to runtime errors.

If you need additional calls of the initialization in other event handlers etc.,
then specify here these procedures.


NO runtime decoding –> use a global array

This option greatly reduces the memory requirements!
All decoded strings are stored together in ONE global array–variable.
The generation of numerous individual string variables for each string is omitted.

However, this reduces the camouflaging effect, because now the access takes place
only through ONE single variable name (distinguished merely by a serial number).

Therefore, only use this option if there are memory problems
when compiling the project (see above).

Example:

Option deactivated |     Option activated
|
= various camouflaged |     = ONE camouflaged string array
   string–variables |        that contains all strings
|
    AAAAA = "Text1" |     ZZZZZ(123) = "Text1"
    BBBBBB = "Text2" |     ZZZZZ(456) = "Text2"
|
    MsgBox AAAAA & BBBBBB |     MsgBox ZZZZZ(123) & ZZZZZ(456)
|
+ better camouflaging |     + significantly reduced memory requirements
intensive memory requirements |     less camouflaging


Each occurrence = new masked name

With this option identical strings which within a module appear several times
in different source–code locations would be encrypted with their own constants.
They have different masked names and encodings.
This increases the encryption–effect.

If the option is DEACTIVATED, identical strings are stored only in ONE constant
and therefore also always called with the same camouflaged constant name.

For handling of identical strings: See also Tip above.


Alias–names for decoding–function

If a camouflaged string is required, CrunchCode calls a special decoding–function.
Because the function–name is always the same, the purpose of this function
would be quickly recognised.

For this reason CrunchCode can generate further functions with different alias names
that call the actual decoding function.
Thus, the optical camouflage effect is greatly enhanced. This hinders quick recognition
of the source–code positions at which character strings play a role.

This option should normally be activated.
Deactivation is only necessary if the number of
additional procedures generated leads to compilation errors or memory problems.

You can adjust on the right, how many alias names should be generated maximally.
But a reduction of the value is only required, if problems with the memory space occur.


"Encryption if..."

Here you define the properties of strings that are to be ENCRYPTED:

– min. length

CrunchCode encrypt only strings that have a certain minimum length.
The others remain in plain text.

For calculating the length, choose either:

– characters (gen.)
  EACH text character will be counted, including spaces, punctuation, etc.

– letters/digits only
  Only strings with a specified minimum number of LETTERS or DIGITS will be
  encrypted. In the case of camouflage, but all the characters are then encrypted.

– contains following text pattern

In the list, enter keywords and text patterns line by line
(see notes below).

A string will be encrypted if it contains a keyword or matches one of the text patterns.
If not it remains unchanged.

Examples:

Passw all strings with the text "Passw"
*\*\* all strings with minimum two backslashes ("\")
Part## all strings that contain "Part00" ... "Part99"


"NO ENCRYPTION IF..."

Define which strings should NOT be camouflaged:

– in Do–/For–/While–loop

This option is available only when
"NO runtime decoding" is deactivated.

It prevents the encryption of strings that are located within loops
(Do...Loop, For...Next, While...Wend).

This will prevent runtime decoding in loops
that can significantly reduce program speed.

Warning!
CrunchCode prevents encryption only if the string
is EXPLICITLY included in the corresponding loop!
Strings in procedures that are called from within the loop
will still be encrypted!

Example 1: For lngCnt = 1 to 10
    ...
    strRegKey = "HKCU\" & strX(lngCnt)
    ...
Next lngCnt

If the option "in Do–/For–/While–loop" is activated,
the string "HKCU\" is NOT encrypted.

Example 2: For lngCnt = 1 to 10
    ...
    prcABC
    ...
Next lngCnt

...

Sub prcABC()
    ...
    strRegKey = "HKCU\" & strX
    ...
End Sub

Even if the option "in Do–/For–/While–loop" is activated,
the string "HKCU\" will be ENCRYPTED, because it is
only in the procedure ABC, but not explicitly mentioned in the loop.


– contains following text pattern

In the list, you can also enter keywords and text patterns line by line
(see notes below).

Contains a string one of these keywords or does it match to a
text pattern, it remains UNCHANGED and will not be ENCRYPTED.

Examples:

Passw all strings with the text "Passw"
*\*\* all strings with minimum two backslashes ("\")
Part## all strings that contain "Part00" ... "Part99"


– within the following procedures

Suppresses the encryption of strings
if they are within a particular procedure.

This is useful if

– a procedure contains computationally intensive algorithms
  and the permanent decoding of strings
  causes the program flow to slow noticeably

– the strings in the procedure contained
  do not need to be encrypted,
  because they contain not sensitive text

Use "Change selection..." select the names of procedures
in which strings should NOT be encrypted.




Notes for the lists with keywords and text patterns:

– if a single word or text pattern is to be effective,
  it has to be in a row by itself.

– if MULTIPLE keywords or text patterns are in a row, they
  act in exactly the manner and order as specified.

– the keywords and text patterns are not case sensitive

– text patterns can be generated with the following wildcards:

* any number of characters (or no character)
? only one character
# only one digit

Examples:

m??er all strings that contain "meier", "meyer", "maier" etc.

b*e all strings that contain "base", "battle", "bottle" etc., but also "be"

pos.# all strings that contain "pos.1", "pos.2" etc.,
but NOT those, that contain ONLY "pos." (without digits)

-----------------------------------------------------------------------------------------------
Warning:
If the source–code contains strings with references to IDENTIFIERS,
then DO NOT use parts of names of identifiers (variables, procedures, etc.)
as keywords and in text patterns. When these are replaced with a
camouflaged name, they can no longer be found in the string!

See also "Identifiers WITHIN Strings"
in the help for "Camouflaging names/project".
-----------------------------------------------------------------------------------------------



as Standard

Selecting "OK" will save the current settings as your default for future projects.
Then they can be also reactivated with "Preset" –> "user–defined".

Preset

Optimisation of the settings or reset to defaults.
(inter alia to those values which were saved "as Standard").