Automatic Doc/View File Encryption/Decryption

Environment: VC6 SP5, W2K SP3


I've been using this site for some time now to help me with my projects. I just want to say thank you to the sponsors! This site is a great resource!

I'm presently working on a project that needs to save files from a document/view application in an encrypted format. I didn't have any tricks in my bag, so I looked around here for some examples, but was unable to find any. (Looks like it's my turn to contribute.) So I banged out some code, and here is what I came up with.

The project requirements were fairly simple. Here's what I needed the program to do:

  1. Always encrypt the file during write cycles.
  2. Ability to read in previous unencrypted file versions or encrypted versions automatically without user intervention or conversion programs (backward compatibility).
  3. Relatively quick read and write times. For this I choose the BlowFish algorithm.

Design/Implementation Goals

  1. Provide a mechanism that could be used to trigger different behaviors during the read cycle of the file, such as:
    • Use/Change encryption codecs
    • Use/Change compression/decompression engines
  2. I didn't want to have to change one or more object serialization methods (which meant to accomplish requirement #2, I'd have to use schema numbers, and that can get way too messy/confusing), so as a result, it must work in a generic fashion for the document file that could accomplish requirement #2 easily.

The implementation is a CDocument derivative called CDocumentBlowFish; it uses a CFile derivative called CFileBlowFish.

I only partially implemented Design goal #1, in that during the read cycle of a file, it automatically determines whether the file was previously encrypted. So the goal of "Use/Change encryptions codecs" was met. However, I have not yet taken the time to accomplish the goal of "Use/Change compression/decompression engines."

Warning: This code should be considered 0.1 Alpha. I've done some very light testing, but that is all. That being said, I believe the code to be in working order. YMMV!

How to Use the Program

  1. Drop the following files into your project directory, and then add them to the IDE project:
    • blowfish.cpp
    • blowfish.h
    • blowfish.h2
    • DocumentBlowFish.cpp
    • DocumentBlowFish.h
    • FileBlowFish.cpp
    • FileBlowFish.h
  2. Replace all occurences of the CDocument base class in your doc/view document class .h and .cpp files with CDocumentBlowFish.
  3. Add an #include "DocumentBlowFish.h" to your doc/view document class .h file.
  4. Change the encryption seed in CFileBlowFish::MemberInit() to be unique to your project.
  5. Compile and test. (Make sure that you keep backup copies of your original document files!)

Comments, suggestions, bug fixes, flames (for coding style), and so forth should be posted here. Please do not send me e-mail asking questions or for help; I get way too much spam as it is...

Neal Horman


Download demo exe - 17 Kb
Download demo project - 52 Kb
Download source - 18 Kb


  • Ummmm.....not very secure!

    Posted by Legacy on 10/02/2002 12:00am

    Originally posted by: Ben Curley


    Just thought I would point out some of the problems with your code and make some suggestions for some changes you could make.

    1. I notice that you are using blowfish in ECB (Electronic Code Book) Mode. Are you aware that this is the most insecure method of any block cipher and is no more secure than XOR Encryption really. I would suggest using blowfish in a chaining mode, for example CBC (Cipher Block Chaining) this uses the previous block as input into the cipher.

    2. Hard coding the key into the executable is a really silly idea. I would suggest a password based system. The password can ben hashed using SHA-1 to provide the key for the encryption/decryption.

    Hope this helps.


  • Text Length MOD 8!

    Posted by Legacy on 09/30/2002 12:00am

    Originally posted by: Dave


    Nice article . . .

    But, if you want this to work,
    you've got to make sure your
    text length is 'Mod 8'.

    In other words, if the length
    of text in your document is 15
    it won't work. If you pad the
    same text to 16, it will.

  • I can not make it in my computer.

    Posted by Legacy on 09/28/2002 12:00am

    Originally posted by: Leon Storm

    As title.

    My working environment is WIN98,VC6 SP?,

Leave a Comment
  • Your email address will not be published. All fields are required.

Top White Papers and Webcasts

  • As virtualization becomes the norm throughout organizations of nearly all sizes, and as more organizations look to private cloud solutions, IT decision makers are increasingly in need of ways to keep storage costs and complexity under control in the face of often-runaway virtual machine (VM) sprawl. Application-aware storage is designed to help achieve these important goals. Read this white paper to learn how application-aware storage allows you to gain VM-level visibility into application performance and …

  • Today, users, applications, and data exist in more places than ever before, creating an unprecedented challenge for IT. How can IT achieve the flexibility and agility it needs to offer multiple types of applications in multiple locations? To better serve business demands for information everywhere, enterprises must develop new strategies for optimizing multiple kinds of networks. Read this white paper to learn how hybrid networks provide an unprecedented level of network dynamism, enterprise agility, and the …

Most Popular Programming Stories

More for Developers

RSS Feeds

Thanks for your registration, follow us on our social networks to keep up-to-date