!FileCrypt 0.04 29th Jul 2007
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FileCrypt is a simple file encryption program. It uses GnuPG to provide a good level of strong
encryption on files.


Requirements
~~~~~~~~~~~~
GnuPG installed - available from http://www.sbellon.de/gnupg.html
A RAM disc big enough to store the file you're processing.


Use
~~~
N.B. FileCrypt assumes that you already have GnuPG installed and working on your computer.
FileCrypt does NOT include its own encryption, but uses GPG to ensure the maximum level of
security is provided.

Double-click !FileCrypt to load onto the icon bar.
To process a file, drag its icon from a filer window either to FileCrypt's iconbar icon or to
its main window.

FileCrypt will automatically detect if the file is already encrypted or not. If so, it will ask
you if you wish to decrypt the file, otherwise it will ask you to encrypt the file.

Follow the onscreen instructions in order to encrypt or decrypt your file.


How it works
~~~~~~~~~~~~
FileCrypt does all its processing in a RAM disc, to avoid storing residual unencrypted data on
any local hard drives.

When encrypting the process is as follows:-

 - Make a temporary copy of the file you want encrypted on a RAM disc.
 - Encrypt the temporary copy using the original file as the destination for the encrypted
   version. Thus the final (encrypted) file will replace the original and should overwrite the
   data in the original file. If people think this is not secure enough, file nuking could be
   added as an interim step.
 - Nuke the temporary file using seven overwrites (even though it's on a RAM disc, this should
   ensure any traces of the original file are lost forever).
 - Delete the temporary file.
 
When decrypting a file the process is as follows:-

 - Make a temporary copy of the encrypted file on a RAM disc.
 - Temporarily store the pasphrase in a pipe file so that GPG can decrypt using the
   --passphrase-file option. Pipe files are temporary 'in memory' files for data transfers 
   between processes so are even more temporary than RAM disc. Hopefully this is secure enough
   to ensure no trace of the passphrase is left in memory.
   It is *never* stored on permanent storage such as a hard disc.
 - Decrypt the file from RAM disc, storing the unencrypted file over the original file.
 - Delete the pipe storing the passphrase
 - Delete the temporary file on the RAM disc.
 - Erase the 'in memory' buffer used for GPG processing.
   
At all stages of development I've been cautious to ensure maximum security, both of the
passphrase AND the original file. Obviously FileCrypt is pretty useless if you use it to encrypt
a file whilst the original file is still stored in plaintext format on the disc somewhere.
However, any suggestions for increased security and due diligence are alway appreciated.

Full source code is provided so that:
 a) You know there are no secret back doors in the code.
 b) You can see how the encrypting/decrypting process works and possibly adjust to suite your
    own requirements - although please contact me if you would like any help.
 c) Any potential RISC OS programmers can see how my wimp library works, to encourage more
    development of RISC OS applications and utilities.


To Do List
~~~~~~~~~~
I've received a number of helpful suggestions for improvements or things to add to FileCrypt, 
which I hope to examine when I have the time. Those things I know about are:-

- Scan entire file for Begin GPG block so that you can save emails etc and FileCrypt will scan
  through them rather than just looking for the first line.
  

Copyright Message
~~~~~~~~~~~~~~~~~
This application and all its associated files are the copyright of the author; Paul Vigay but
you are free to pass it around as long as all files remain intact and unaltered and the whole
application is distributed (including this !Help file).

This software is freeware and the source code in BASIC is supplied.
However, if you do make any alterations, or would like new features added, please contact me so
that I can keep the most up to date version on my web site.


Contacting me
~~~~~~~~~~~~~
I can be contacted via the following methods;

Email: nospam@vigay.com
  Web: http://www.vigay.com/software/
 Post: PO Box 813, Portsmouth, Hampshire, PO1 9EY
 
 
Acknowledgements
~~~~~~~~~~~~~~~~
I'd like to offer my sincere thanks to Dr. Nat Queen of Birmingham University for help and
extensive beta testing. FileCrypt wouldn't be half as comprehensive if it wasn't for his help.
He also has a very good cryptography section on his own website at
http://www.queen.clara.net/pgp/pgp.html


Version History
~~~~~~~~~~~~~~~

 v0.04 (29th Jul 2007)
        a) Bug fix: Can now click OK in passphrase box when signing files, without eof error
           given.
        b) Made RAM risc buffer 1.3 times size of file but only rounded up to nearest KB instead
           of MB, to run on lower memory and/or older machines.
        c) Added verification of signature on signed+encrypted files.
        d) Added improved error checking for availability of GnuPG.
        e) Added memory check to ensure 940K is available before calling GnuPG.
      - f) Tweaked RAM disc size calculation to round up to nearest 100K (and made into a 
           variable)
        g) Bug fix: Swapped -r and -u parameters for calling GPG so that correct recipient and
           local user are passed to GnuPG.
        h) Made main window bigger, to allow for more characters being visible in key icons.
        i) Only give 'Good signature' notification when a good signature is detected. Don't
           output anything if not detected.
        j) Made some icons wider to allow for larger desktop font sizes.
 
 v0.03  (16th Jul 2007)
        a) Added Encrypt+Sign option to encrypt and sign files.
        
 v0.02  (15th Jul 2007)
        a) Bug fix: If no RAM disc exists, create one 1.2 times the size of the file being
           processed, rounded up to next MB, which should be big enough.
        b) Extended icons in templates.
        c) Made passphrase appear as *'s (instead of nothing).
        d) Added -no-show-photos option to GPG when reading keyring.
        e) Extended maximum number of keys to read from keyring to 200.
        f) Added pointer change when over menu icons.
 
 v0.01  (13th Jul 2007)
        - First release version - should work ok.
      
2007 Paul Vigay
