 Hey everybody, this is Brian and welcome to part two of our user feedback how to use a third-party DLL and encrypt a file Okay, what you're looking at is the remnants of our last tutorial if you didn't watch it You need to go back and watch that Because we discussed how you grab the bottom library out of the Qt Creator source and we have compiled and replaced the bottom DLL With the a files that so you actually use the Ming W compiler on these not the visual studio compiler All right. Let's jump into Qt Creator. Go to new project console and we're just gonna say Button test one Put this in the usual location Next next finish finish All right now the absolute first thing you need to do is you need to link To that library now. How do we do that? Well, you need to modify your project file and to do that you just go If I can spell include include path and you want to say plus equals and then you want the path To bottom where you install it. So we're gonna say oops button slash include And what that'll do let's jump back into the bottom libraries here See this includes subfolder. There's bottom and then here's all the header files that we need in order to work with those DLLs So that's our include path that tells Qt Creator where to find those header files and then we want to actually have the library. So you're gonna say libs plus equal and then of course we're going to give it the Location of those a files that we created and what that does is that tells Qt Creator? Hey, these are the library locations. We're going to use you're going to link to this dot a file All right at this point. Let's save your project and Then let's just go include button and button H Let's just try to link to this library and see if we actually have a successful build here And sure enough it built now at this point you should stop if you get a bunch of errors And it says unresolved reference to undefined symbol blah blah blah You need to go back and follow the previous tutorial where we actually compile the bottom library and copied and replaced the DLLs in C C drive button Now if you try running this application It's not going to work The reason why is we need that bottom library in the same location as our executable So let's go out to see button copy that And then we need to go to our location where we Compiled this what do we call this button test? So there's button test build and we're in debug See if we try to run this it's going to give me a bunch of you know missing libraries Let's paste that in there Now when we run our application it runs just fine because we've compiled and linked to the library and it's also in the same directory So that your operating system can find it Now you should note that there are more than one way to skin a cat as it's called And i'm sure i'm going to get a couple of you experts out there. They're going to tell me brian Live's plus equal is wrong. You should do Um one for the path and one for the library name. That's the correct cross-platform way of doing it So um do check the acute creator documentation on the way to do this for your operating system But if you're following me on windows, it should work just fine Uh without further ado Let's start working on how to encrypt a file and this is going to be a fairly lengthy tutorial And you'll have to forgive me. I may have to actually pause it a few times, but we'll get there So all right, let's include and we're going to add a cued bug And botan is not made with cute That's why this is a fairly advanced tutorial. We're working with the c++ standard library So we need to include some things from the standard library So we'll say uh, we want fstream fstream, I believe allows you to work with files Then you want io stream That's your c++ standard type library input output. And then we want of course the Include string from the standard library include And we want vectors If you don't know what a vector is a vector is a lot like an array in the sense that it's a collection You can add things to it. It's kind of like a q-list if you're used to cute include And of course we want c string Because it uses the c library And then include And we just want memory if you're wondering where I'm getting all this information from go out to the botan website And read their reference manual. Let me actually go back to the main page here Reference manual and you can actually go and download the source code Let me see here. It's in here somewhere Current development. Yeah source right here download the source code and they've got a very very nice, uh, api tutorial Allows you to really get to know the nuts and bolts of this library Okay, now that you've added all these includes it's probably a good idea to save it And build just to make sure you get a successful build And if you have any linker issues, you're going to have to resolve those before we continue So quick review you're going to need to link to the botan libraries and use botan.h And then you're going to need to use the cute q to bug and along with the standard library fstream iostream string vector c string and memory Now if you're wondering why we need all those it's because botan is written in C++ using the standard type library. It does not use cute cute uses botan Which is why you have the source code for it All right now Let's get cooking on this thing and let's just say cute bug We just want to know what's going on with our codes. We'll say starting botan And then we're going to have to actually Make a file that we're going to encrypt So choose a file that you don't really care about I'm going to pause the video. I'm going to go find a file I don't care about and put in a location that I'll be able to find Okay, I have my test file set up. I put mine in etest slash zzz just For the sake of argument and I call it plaintext.txt and the contents of this is just the botan bigant.h written by jack loy the guy who created botan Really, you just need a file to play around with. Don't use an important file. Don't use a critical file Just some random file. It'd be actually a good idea to create a file specifically for this test Because you don't want to lose information All right now let's jump back here So we need to say string And we're going to call this file plaintext plaintext means it has not been encrypted yet And we're going to go back to our director here Rename this That way we can just do a little copy and paste magic here And remember you have to do double slashes or it treats it as an escape character So now we have our file set up for plaintext And now we want two more files one for encrypted And one for decrypted and these don't exist yet So we're going to name these appropriately Now that you've got these files set up ready to go We can actually start working on the encryption code Now the first thing you're going to need to do with botan is actually initialize it If you've read the documentation, which I hope you've kind of browsed through it You know that you need the library initializer And you need that because botan has some things that need to be in memory when we're working with it Otherwise you're going to get all sorts of weird issues And then we need to set a passphrase we'll say string passphrase And this is the password we're going to use to encrypt this with And in a real world application, you would obviously use something a little stronger than that And what we want now is auto seeded Telescence doesn't want to work here. Let me just copy and paste this here Auto seeded and what we're going to do is we're going to initialize a random number using the botan library Go ahead and give it a quick bill. Just make sure. Yeah. See as I thought we have some issues here String is not declared in the current scope Yes, we forgot a step, didn't we? We forgot something very simple here We need to use the namespaces Silly me. All right. So what we need to do is go up here Use the standard type library namespace and we're going to use the botan namespace to And what this will do Is keep us from having to use The namespaces in our code, so we technically don't need to go botan, you know namespace initializer We just do library initializer Now give it a good build just to make sure everything's set up. So we don't have to troubleshoot any of that later on All right Now let me look through my notes real quick here Yes, the next thing we need to do Is we need to set up the string to key function and that's part of the botan library So we'll say s2k pointer And we want git underscore String to key now. What is a key? A key is used to encrypt with If you know absolutely nothing about encryption what you're going to need is a key and an initialization vector And we are going to use this Sha 256 for the key And what that is is that's a hashing algorithm If a lot of this seems way over your head, don't worry. You don't need to really know the details You just need to know what sort of code you're going to have to put in here in order to make this work So s2k or string to key basically turns this password into our key Now what we're going to do Is we're going to take that and we need to set a few iterations And this is just for randomizing the data And part of the documentation for botan just says use a number like 4096 if you're wondering where I got this information. I'm pulling it almost directly out of the botan manual So there's you know very very little voodoo magic going on here We want to create a secure vector And that uses a byte And like I said, if you're just kind of sitting there scratching your head going what in the hell are you typing buddy? You have no idea what i'm doing Don't worry. You don't really need to know You just need to follow along whoops I'm going to call this key and ivy just need to follow along and basically Understand that we're using code in another library So what we're going to set up now is the key and initialization vector And i'm going to just copy and paste this out of the manual here for botan I can't explain this as we go So what we're saying is we want a secure vector or similar to an array of bytes And we're using the string to key out of botan to de-drive the key Or we're going to actually create the key from the passphrase And that's going to essentially just turn our string My password Into a secure vector of bytes Now the reason why this is an advanced tutorial is because you have to kind of step into somebody else's mind for a little bit Jack Lloyd is a very smart man and he is studying encryption for a very long time That being said, I don't understand a lot of what he's done and why he's done it I just know that uh Whoops, I just know that his library is very very efficient So now we need to make a symmetric key because we're using symmetric cryptography We're going to use um aes 256, which is an Extremely strong algorithm of encryption. It will take hundreds and hundreds of years to break it So we're going to make the key And we want to use the Key and initialization vector we just sat up And we want to say 32 bytes or i'm sorry 32 bit Now we need to make what is called the initialization vector And we're going to just call this iv And we're going to say Key and iv plus 32 16 if you're wondering what all of this is what are these magic numbers? Well 32 that's the key space or the size of the key It doesn't actually use my password It converts it into this vector and this vector is filled with information And from that we derive a key and think of a door with a lock You need this key to open that door or to encrypt or decrypt the file The initialization vector Basically says okay Initialize it in a manner that the key is slightly different every time you use it And that's not a million percent true not even a hundred percent true because you would need to use what's called a salt Yes If you're used to you next you know what a salt is and what a salt says is If you use the same password twice It randomizes the initialization vector to the point that the secure vector is different So if you use my password twice Those two vectors should be identical, but a salt actually randomizes it so it's not Makes it incredibly incredibly strong. I'm not going to cover that for this tutorial. It's all in the bottom documentation fairly easy fairly straightforward What we're going to do now is just do a simple build make sure we get a good build going on here So now we are ready to actually encrypt our file. So we need to make a function for encryption So let's just jump back up here And we're just going to say void encrypt And we're going to need some information here. We're going to need the The symmetric key the initialization vector Um, the name of the file we're going to encrypt and the name of the file to be encrypted So what we're going to do here is we're just going to say Symmetric key and we're going to call it key initialization vector We'll call it iv and then we need a string and we'll call it in file And let me check my notes just to make sure Oops now I called it in file name if you're wondering. Yes, I did write this tutorial out once before just to make sure it actually worked That way i'm not you know wasting precious time here So that is our encryption function in all of its beauty But it doesn't really do anything yet We're gonna just jump back down here. We're gonna Encrypt And we're going to use our key Use our initialization vector. I'm going to say file plain text Because that's the file we want to encrypt and the output file should be file encrypted So we're just going to encrypt a file there give it a good build make sure nothing's really changed in the background good Now what we need to do is we need to create some file streams because we're going to need to read from those files And then we need to set up what's called a pipe bottom uses a series of pipes And what does that mean? Well bottom is extremely powerful in the sense that you can do multiple actions and chain them together all at once So we're just going to make a if stream and i'm just using the standard type library namespace just for clarity So you see where i'm getting that from And we're going to say in file And we want c string because we have to convert that to ac style string In ios input output system and we want binary And what we are doing is we're telling it that the file format should be read in binary We do that because if the file has certain characters in it They'll actually be treated as escape characters like a tab or a hard return or something like that And that'll mess up the information in there So we can just take this copy and paste And instead of an in stream we want an out stream And we want to give it the You guessed it out file name here And once again, we're telling it's a binary file that way You know, we don't get any nasty escape characters I actually ran into that problem when I was making this tutorial And it was pretty tricky for me to figure out what was going on Now we want to make a pipe Remember a pipe and bottom is just something that we're chaining together And we're going to get Whoops We're going to get a cipher A cipher is an encryption method. Basically all we're doing here And then we have to tell it what type of cipher we're using and we're going to use aes 256 And then that is the rindel block cipher We're going to use cipher block chaining mode If you don't have no idea what any of that is don't panic Aes stands for advanced encryption standard. We're using 256 bits. Whoops not 65 256 bit encryption, which is incredibly strong Cipher block chaining means it encrypts a block of it And then uses portions of that block to encrypt the next block of it It is an incredibly strong algorithm very very potent. The military uses it Among other things I should mention And we're just going to set this to encryption mode And now what we need to do is create a data sync In bot and what you can do is you can say instead of sending it to another stream or a portion of memory Just flush it directly down to the desk So we're going to say new data sync Oops data sync stream And we want Out It's not happy with that. Let's figure out what we did wrong here Yes, I have just Simply won too many of those There we go So in short, let's review very quickly because I understand this is the heart of the tutorial and you need to understand this part We're making an in stream using the standard c Names c++ namespace. Yes, you could grab this using qt But for simplicity sake rather than converting the data back and forth We're just going to grab it using the standard type library We need an output stream Notice we got our input file and our output file. We're creating a pipe. That's a button convention And what a pipe does if you flip through the documentation is you tell it Okay, perform this action and we're getting a cipher And we're going to use advanced encryption standard 256 bit cipher block chaining mode We're giving it the key and the initialization vector Remember the key is your password and the initialization vector says randomize it a little bit We're encrypting the data And we're giving it a data sync Stream and what that is that's a button convention that says okay flush this out to disk. Where do you want it? And we're saying out Remember whoops. That's why it doesn't make any sense to you out is the name of our output stream Now the neat thing about pipes is you can do multiple things with them. So we're going to say pipe Start message And then we are going to say in pipe So we're just going to shove the information from that pipe into the input stream And then we're going to say pipe in message And that will you know, of course finalize the encryption now we want to Flush the stream And close it And then we're going to just add a little marker here saying q debug We want to know where we're at in the code. So we're going to say Encrypted all right. Go ahead and give it a good build make sure you Don't have any issues if you do go ahead and resolve those before we continue and You see we have one file called plain text when I open it up. It is the big int h from jackloid The guy who invented bot and we're just going to run this and see what happens You're going to see it says starting bot encrypted And when we go back out to our directory, we now have a new file called cryptid And when you open that up, it's a whole bunch of gobbly gook Because that's encrypted using aes 256 bit, which is an Extremely, I cannot stress to you how strong that algorithm is Okay, it's probably you know brutal overkill for what we're doing But now we want to be able to decrypt that file Don't worry very simple take your encryption Function copy paste rename it to decrypt And then instead of encryption You guessed it Decrypt. Whoops. It's all right decryption Hmm. See I told you it was going to be simple and then I lied to you. So let's Copy and paste this code There we go decryption So we're just doing the inverse and you could do all this through one function and add an extra parameter But I'm just showing you that it's literally the same thing. You're just changing the encryption to decryption And then you can quite literally just do this We're going to copy encrypt Call it decrypt And we want to take the input file is our file encrypted And then you guessed it Or I'm sorry. Yes I got a little out of myself there And our output file is going to be file decrypted So first thing we're going to do is we're going to encrypt the plain text into file encrypted then we're going to decrypt file encrypted into File decrypted File encrypted to decrypted. Do you understand what I'm saying? Get a little tongue tied here. Give it a good build make sure it works and It says encrypted twice because we never changed that let's jump back up here Into our decrypted I need to learn to slow down in these videos. I get a little excited when I'm trying to show you guys stuff okay now Starting by an encrypted decrypted and when you go out to your Directory here you now have Your plain text you're encrypted and you're decrypted and you're decrypted of course is Exactly like your plain text. Just to prove that this works. Let's just delete these two files. Keep your plain text Let's run this again Encrypted decrypted Here's encrypted looks just like random junk And here's decrypted backed plain text So that's how you use a third-party library and we're using the botan library And that's how also another user feedback item. I've been meaning to get to how to encrypt and decrypt a file That is a cross-platform way of doing it. Um, you will note That the Libs plus equal. This is not the cross-platform way of doing it. I'm going to get some some fan mail about that. I'm sure Um, so let's review real quick before we end this tutorial First thing you've done from part one is you've compiled the botan libraries Copy the dlls and a files into the directory And then we set up our include path. These are where the headers are and you set up the lib path and then We set up our includes which botan.h is really all you need to include to use the botan framework I should say the botan library using qt bug and then we're using some standard type library includes using the namespaces And then let's jump down here and let's explain this a little bit better We've got our q-core application. That's nothing new. We've got debug nothing new We're setting up some strings here and we're saying these are the locations of the files We're using the botan library initializer. This is how botan runs. It needs this before you can do anything with botan Otherwise, it just simply won't work You really need to read the botan documentation and under to understand all that Setting up a passphrase. We're setting up an auto seed random number generator. That's what r and g stands for And we're setting the string to key and we're driving the key from our password Um iterations. That's part of the salting Um, let's see here secure vector We are creating A combination and just you know, we're taking our password jumbling it around a little bit making a little more secure And then we're making a symmetric key. Remember a key is like sticking a key in a lock. You need that to encrypt and decrypt The initialization vector. We're driving from the key and the iv And then we're just simply encrypting and decrypting and when we go into these You need an input stream Remember to set it to binary mode. Otherwise, it's going to use the escape characters And then we are creating a pipe a pipe is a botan standard Or a botan convention and we're saying okay encrypt using aes 256 and there's our encryption flag There's our key. There's our initialization vector And we're saying new data's new data sync stream and we're sending it to the output file And then in our pipe, we're starting the message. We're reading the data in And then we're ending the message that actually does the encryption That's where the botan library does the encryption right there Then we're flushing the output file and closing it and closing the input file Poof What a tutorial pretty complex pretty advanced tutorial, but uh, I think you understand it And if you're really wondering, um How to do the seed Let me actually just Create a new one void Main two Um, I actually did create the initial Program using the seed and let me show you what that looks like really quick here And you see I've got some other file setup and this is the pretty much the same source code, but you would um quite literally just uh Set the new random salt using the string to key And that's where you take your random number generator and you're using, you know, eight octets And then you're saying secure vector byte and you're saying this salt right here String to key current salt. So what you're doing is you're creating a salt that way if you have a password of password And you use that password twice. It'll never be the same because you're salting it. You're changing it um Like I said encryption is a science in itself using A string essentially what you're doing is you're using Sha 256 you're creating a hash And what a hash is is a numerical representation of data The problem with hashes is there's something called a birthday attack Meaning you'll have a collision Two hashes for two different passwords can collide and be the same It's called the birthday attack because you'd walk into a bar and there's a certain percentage chance that somebody else in that bar Will have the same birthday as you And there's a greater chance that two people in that bar have the same birthdays And it's actually called a rainbow table or birthday attack We create a huge list of hashes and you start throwing hashes at this until you break it So somebody could actually decrypt your data Now that goes back to the strength of the algorithm that we're using We are using the aes 256 block cipher And we're using it in cipher block chaining mode now aes Is the rindel block cipher advanced encryption standard is what that stands for 256 bit that's stronger than most of the applications you're using um Let me just put it this way it would take a very very long time for somebody to break that encryption But you have to use the encryption correctly And that's where we go back down into these keys initialization vectors and salts If you don't use a salt your encryption isn't inherently weaker And the bot documentation, which I encourage you to read explains all of this in very very simple details And he actually says, you know do this because of this do this because of that So um really running out of time this tutorial is kind of mushroom clouded into something much bigger than I wanted it to but Killing two birds with one stone this answer is the user feedback of how to use a third party dll and how do you Encrypt a file and if you've sent me user feedback asking question. I'm sorry. I have Much more user feedback than I have time. So uh bear with me. I'll try to get to it eventually This is brian. Thank you for watching. I hope you found this educational and entertaining