From Version 4 onwards, the SKDS script files are protected by a RSA encryption algorithm against unauthorized usage. That gives a probability of 1:21024, that nobody else can ever use that script.
The used algorithm is a so called „public key encryption“. This means there are two so called key files, the so called public key and the so called secret key.
The public key is named yourchoosenusername.pubkey and is stored in the pubkeys
- subdirectory, the secret key is named yourchoosenusername.seckey and is stored in the seckeys
- subdirectory.
The secret key is protected by your chosen password and is needed to decrypt all script files, which where encrypted „for you“, means by using your public key. The public key instead can be given to anybody else, as the others would need this file to encrypt a script for you, which only you can read.
This so called key pair is generated by the SKDS Key Manager.
The usage is simple:
Type in your chosen username and password (at least 6 characters long), press „Generate a new key“ and take a cup of coffee… Because of the mass of mathematics behind this key calculation takes a long time. If it takes longer than five minutes, than you either need a faster PC or something went wrong..
As the key system is the key point of the whole script handling, it's strongly recommended to follow a few rules:
The way how the storage location of the key files is determined works as follow:
To use your keys during the normal SKDS usage, they need to be loaded and „unlocked“ at startup. For this a key dialog appears at each program start
where you type in your username & password to load your keys.
As we've learned above, script files are protected by encryption. But how to generate these files to work with them?
For this the already known command line compiler skdsc
has been slightly modified.
First of all the -r option (who is able to read the scripts) has been removed, because it's not distinguished anymore between reading and executing a script 1)
The -x option (who is allowed to execute a script) is modified in two ways:
In practice that means that you start skdsc
as follow
skdsc -x yourusername test.pas
to compile (and encrypt) a script for yourself and
skdsc -x theotherusername test.pas
to compile (and encrypt) a script for somebody else.
Please remind that you always need to have the public key file of „username“ in your public key directory, as this file is needed for the encryption process.
This process is quite simple: Everybody, who wants to generate a script for you, needs to have your public key file (stored as yourusername.SKDSpubkey in your pubkey directory) and has to store it in his pubkey directory - so the easiest way is to just exchange these file and collect as much as possible keys of other users in your own public key folder.