Requirements:
- text output
- no password
- hash checking the content
- able to be decrypted even if splitted in multiple lines
I was surprised that it was so easy to do it:
http://aluigi.org/bms/bmscrypt.bms
The format is very simple:
- 32bit flags
- 32 bytes random key
- 16 bytes random ivec
- NUL-delimited hmac sha1 hash of the original content
- encrypted data of the compressed file
The hmac hash is based on the key and the content of the file, since the key is ever random also the hash will ever change
For the encryption I opted for AES 256 CTR, where the CTR mode avoids the annoyances of handling the padded blocks: encrypted length == decrypted length.
For the compression I opted for zlib.
The flags field is currently unused, I just left the first bit set to zero for future usages.
The script works with ANY file, not just bms scripts, therefore you can use it with any content.
Just remember that the script automatically decrypts the files with the TXT extension, while the files with any other extensions will be encrypted... better to have one script doing the job instead of two separate scripts for encryption and decryption.
And remember to not use it with big files.
The goal is not protecting the content (there is no password) but just eluding any check on the file hosters in case your scripts are blocked or their format is not accepted and you need a 100% textual content.
I attached 3 examples of generated files plus the original one (the current script for Cyberpunk 2077, no particular reason).
Looking for your feedback!