KiXtart 2010 provides an option to pre-tokenize scripts. This feature takes a regular, clear text script, converts it to so-called tokens and stores the result as a new file. Tokenized scripts are smaller and can be processed faster than clear text scripts. Additionally, tokenized scripts are encrypted and contain a signature to protect against accidental changes in the script. These features provide a level of security unavailable with clear text scripts.
Note |
The
level of security provided by tokenizing a script qualifies as obsfucation. In practical terms this means that tokenized
scripts are perfectly safe from attempts at viewing or changing them by regular
end users. However, tokenized scripts are not safe from attacks by people with
enough time and determination on their side. As a rule, you should never store
any valuable or sensitive data, such as administrative passwords, in scripts
(including tokenized scripts).
Additional protection of scripts can be achieved by using the
password-protection option. Scripts that have been protected with a password
can only be used by specifying the correct password on the KiXtart
commandline.
To pre-tokenize a script, simply specify the /t option on the commandline:
KIX32 demo.kix /t
To pre-tokenize a script and protect it with a password, combine the /t option with the /u option on the commandline:
KIX32 demo.kix /t
/u=YourSecretPassword
Tokenized scripts are stored using the original filename appended with the .kx extension. The example above would produce a file with the name demo.kx.
Using the INCLUDE statement you can combine multiple scripts into a single pre-tokenized script.
Tokenized scripts can be run from the KiXtart commandline as well as by using the CALL command. Note however, that CALL cannot be used to run tokenized files have been protected with a password.
Note |
KiXtart does not provide a way to convert pre-tokenized scripts back into clear text scripts. If you use the pre-tokenizing feature, always make sure to maintain copies of the original source scripts.