#binary #crypt #embed #safely #file #encryption #folder

include-crypt

Safely embed files into your binary

2 releases

0.1.1 May 18, 2021
0.1.0 Feb 7, 2021

#1284 in Cryptography

Download history 759/week @ 2024-07-20 568/week @ 2024-07-27 572/week @ 2024-08-03 408/week @ 2024-08-10 215/week @ 2024-08-17 246/week @ 2024-08-24 535/week @ 2024-08-31 301/week @ 2024-09-07 475/week @ 2024-09-14 335/week @ 2024-09-21 528/week @ 2024-09-28 487/week @ 2024-10-05 529/week @ 2024-10-12 402/week @ 2024-10-19 326/week @ 2024-10-26 424/week @ 2024-11-02

1,751 downloads per month

Custom license

13KB
123 lines

Rust crates.io docs.rs

include_crypt

Safely embed files into your binary.

Example

use include_crypt::{include_crypt, EncryptedFile};

static FILE: EncryptedFile = include_crypt!("assets/file.txt");

fn main() {
    let decrypted = FILE.decrypt();
    let decrypted_str = FILE.decrypt_str();
}

You can also select an encryption algorithm and specify your custom key. In this example, the key will be randomly generated. For more information see the include-crypt/examples/ folder.

Why?

When you use include_str or include_bytes the file content will be placed in the .data section of the binary. You can then use tools like binwalk to automatically extract these files. If you included a text file, you could also use strings to find the contents.

By encrypting the file, you can essentially hide all the signatures and magic numbers that are used to identify files in the binary. Of course the bytes are still in the .data section, but now they are encrypted. If another person wanted to extract the file, they would need to manually find the code which decrypts the bytes.

Extracting the file without the tool is certainly doable for a somewhat experienced reverse engineer, but you can only do it by hand. It's essentially just security through obscurity. If you are interested, you can check out this article on how to reverse-engineer (proprietary) file formats or the Wikipedia page with a decent List of file signatures.

Features

  • compression: Compresses the file before encrypting it.
  • force-build: Always runs the proc macro. This should be used for testing, because the procedural macro doesn't detect file changes.

Dependencies

~2.5MB
~58K SLoC