I want a simple layer of protection for my content (resource) files in my application. For example, I have various sound and image files used in my application. I think, I can wrap them in a SFX archive (Probably packed with WinRAR), then in my application, start the SFX exe with some parameters, like, -silent. But this may not be the best way to do this, so if you can give me some suggestions, that would be great.
P.S. I know it does not sound unbreachable (like there is one, anyways), but this is needed for some reasons.
P.S. I could use some help for a method to hide the files after the SFX (or some other package) complete extraction.
Thank you.
Don't use a SFX archive.
Well a lot depends on how you use your resources. If you have a lot of library code that requires file names then the files have to be persisted on hard drive for a while. If you can, you want to find out if your sound and media libraries can be passed pointer - then you load the files up yourself, decrypt them, and pass the pointers to the decrypted buffers to the media api's.
As to the actual encryption. Either use an archive file format, something like zlib. This gives you the ability to store all your data files in a single encrypted archive and expand them into memory.
Or roll your own per-file encryption. A rolled at home XOR encryption has the advantage of being very fast.
Almost all file encryption comes down to:
The problem is (obviously) that the key needs to exist in the client so any determined hacker can get it. So theres no real point in being too fancy here. Just generate 256 bytes of "random" data and use it to encrypt and decrypt your files as you load them into memory - or write them to a temporary folder.
If you need to write out ttemp files, you might be able to use FILE_FLAG_DELETE_ON_CLOSE to get the temp folder to clean itself up safely without leaving unencrypted resources persisted on disk.