cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Check out the JMP® Marketplace featured Capability Explorer add-in
Choose Language Hide Translation Bar
pauldeen
Level VI

Use JSL to encrypt scripts for add-in development

I maintain a couple of add-ins and for some of those I would like update a couple of variables in the contained scripts at built time. So I would like to write a script that opens a script file, does some concatenations or substitutions and then encrypts the whole file and saves it to a certain location (for a list of script files). Then I can use the brilliant add-in builder by @Justin_Chilton to build the add-ins. I cannot find a JSL function to encrypt a script, does it exist or can it be done with another utility?

1 ACCEPTED SOLUTION

Accepted Solutions
Craige_Hales
Super User

Re: Use JSL to encrypt scripts for add-in development

something like this?

mySecretKey = "The quick brown fox";

aa = [=> ];
aa["expiredate"] = "1jan2022";
aa["checkcode"] = Hex( Blob MD5( Char To Blob( mySecretKey || expiredate ) ) );
Save Text File( "$temp/license.txt", As JSON Expr( aa ) );
///////////////////
bb = Parse JSON( Load Text File( "$temp/license.txt" ) );
If( Hex( Blob MD5( Char To Blob( mySecretKey || bb["expiredate"] ) ) ) == bb["checkcode"],
	Print( "ok: " || bb["expiredate"] ),
	Print( "bad" )
);

embed the secret key in the encrypted script so you can check it.

 

the file looks like

{"checkcode":"B7611676E821AA1ECC4CB5D6F02C6BA9","expiredate":"1jan2022"}

Craige

View solution in original post

6 REPLIES 6
txnelson
Super User

Re: Use JSL to encrypt scripts for add-in development

The Encrypt Script command can be passed through JSL using the Main Menu() function.

Main Menu( "encrypt script","Script 10" );

where "Script 10" is the name of the script window to be encrypted.  

However, what happens next, is the dialog window asking for the passwords pops up, and I don't think that is what you want

Jim
Craige_Hales
Super User

Re: Use JSL to encrypt scripts for add-in development

Maybe use a jsl/jmp/plaintext file with just the values, and include() or open() or loadtextfile() from the encrypted script.

A small data table could be a good choice for a set of named parameters. Or a snippet of JSL that is included to set some variables. A file named X.jsl with just the text 42 can be loaded as parm = include("x.jsl"); and you could do more complicated sets with a list if X contains {42,"Fred"}, something like {parm,name} = include("x.jsl");

Craige
pauldeen
Level VI

Re: Use JSL to encrypt scripts for add-in development

Thanks for the suggestions!

 

The idea is to create self destructing add-in that works for a while and after some date stops working (protect IP). So everytime I build the add-in I want a new expiry date hardcoded in the script so that this cannot be defeated by editing a date field somewhere. If I put the expiry date in a external script file I have to manualy encrypt that every time. For the same reason a data table is not an option.

Craige_Hales
Super User

Re: Use JSL to encrypt scripts for add-in development

something like this?

mySecretKey = "The quick brown fox";

aa = [=> ];
aa["expiredate"] = "1jan2022";
aa["checkcode"] = Hex( Blob MD5( Char To Blob( mySecretKey || expiredate ) ) );
Save Text File( "$temp/license.txt", As JSON Expr( aa ) );
///////////////////
bb = Parse JSON( Load Text File( "$temp/license.txt" ) );
If( Hex( Blob MD5( Char To Blob( mySecretKey || bb["expiredate"] ) ) ) == bb["checkcode"],
	Print( "ok: " || bb["expiredate"] ),
	Print( "bad" )
);

embed the secret key in the encrypted script so you can check it.

 

the file looks like

{"checkcode":"B7611676E821AA1ECC4CB5D6F02C6BA9","expiredate":"1jan2022"}

Craige
pauldeen
Level VI

Re: Use JSL to encrypt scripts for add-in development

Thanks @Craige_Hales that is an interesting solution embedding the expiry date and a checksum.

 

Small fix for a coding error in line 5:

mySecretKey = "The quick brown fox";

aa = [=> ];
aa["expiredate"] = "1jan2022";
aa["checkcode"] = Hex( Blob MD5( Char To Blob( mySecretKey || aa["expiredate"] ) ) );
Save Text File( "$temp/license.txt", As JSON Expr( aa ) );
///////////////////
bb = Parse JSON( Load Text File( "$temp/license.txt" ) );
If( Hex( Blob MD5( Char To Blob( mySecretKey || bb["expiredate"] ) ) ) == bb["checkcode"],
	Print( "ok: " || bb["expiredate"] ),
	Print( "bad" )
);
Craige_Hales
Super User

Re: Use JSL to encrypt scripts for add-in development

Thanks. That variable was left over from a first version, before I realized it wanted to be a JSON solution.

This is similar to what JMP does with a PER file (not JSON); you can lock in other variables too, like a user or site name, by adding them to the concatenation.

You should use ShowGlobals() after running your app to make sure your secret isn't too easy to discover.

Craige