A very nice upgrade and an excellent job. The first version which doesn't
need a temporary file to past kixtart code to the kix32 binary. The file
is very hard (possible impossible) to catch.
It works fast and is very flexible.
Also the way of passing the password to the script is very nice. Possible
by this one-way encryption method. Encrypting and decrypting program aren't
the same and it is also possible to use all other kind of files/information
to encrypt.
Also a possible security leak with kix32.exe can be catch with the
checksum security -s switch.

Some points:

• we doesn't get a error message when we want to encrypt a file.
  an example:
  - we have the file "code"
  - 'kixcrypt code' creates the file 'crypted.exe'
  and 'crypted.exe' returns the message 'Script error : failed to find/open script !'
  - 'kixcrypt code.' createsalso the file 'crypted.exe'
  and 'crypted.exe' runs like we expected. no error messages.
  
• by using the -d switch the 'crypted.exe' run will also display
  debug information, which can't be stopped.
  is this the wanted result?
  
• we get an error when we are using following script with a password
  

  code:

  ---

  
  ? "kix @kix @build"
  

  ---

  
  the call are 'kixcrypt -p password script.' and 'crypted password'.
  the output on the screen is:
  

  code:

  ---

  
  CRYPTED caused a divide error in module CRYPTED.EXE at 014f:00402fe1.
  Registers:
  EAX=00000000 CS=014f EIP=00402fe1 EFLGS=00010246
  EBX=00530000 SS=0157 ESP=0073fc10 EBP=0073fd58
  ECX=78037ca8 DS=0157 ESI=816096fc FS=3a97
  EDX=00000000 ES=0157 EDI=00000000 GS=0000
  Bytes at CS:EIP:
  f7 3d a0 50 40 00 89 d6 89 35 a4 50 40 00 a1 00 
  Stack dump:
  00530000 816096fc 815e723c 815bc000 8160de40
  0008160e 000000c0 8160de40 00000010 bff782c8
  815bc000 8160de50 000000c0 00000000 8160de40
  815bc000 
  

  ---

  
  f.e. the same problem we have by encrypted our os.kix of our
  site. without using the -p option we doesn't have any problem.
  we have verify it on a windows95 system for you.
  
• we get another error when f.e. the filename 'kc000000' is a directory.
  the message was:
  

  code:

  ---

  
  Cannot open temp file for writing kc000000.
  Could not open an output script file - aborting
  

  ---

  
  questions:
  - is it possible to use a random filename, which also check for
  already existing (directory)names.
  - what will happen when the user doesn't have write access to the
  directory for creation of 'kc000000' file.
  

A nice issue can be the usage of environment variables which can't
prevent running the crypted.exe file in other environments. Specifi-
cations like:
- kixcrypt -p %domain% script.kix
- kixcrypt script.kix \\mylogonserver\netlogon\kix32.exe %s
will always decrypt the script. In the first situation you can simple
enter the another (= required) domain name to bypass it.

we are waiting for an upgrade.
greetings.

btw:
we like to publish your program on our site. let me know what you
think of that idea.