tags:

views:

68

answers:

2
+1  Q: 

Loading and storing encryption keys from a config source

I am writing an application which has an authenticity mechanism, using HMAC-sha1, plus a CBC-blowfish pass over the data for good measure. This requires 2 keys and one ivec.

I have looked at Crypto++ but the documentation is very poor (for example the HMAC documentation). So I am going oldschool and use Openssl. Whats the best way to generate and load these keys using library functions and tools ? I don't require a secure-socket therefore a x.509 certificate probably does not make sense, unless, of-course, I am missing something.

So, do I need to write my own config file, or is there any infrastructure in openssl for this ? If so, could you direct me to some documentation or examples for this.

+1  A: 

Although it doesn't answer your question directly, if you are looking at this as a method of copy protection for your program, the following related questions may make for interesting reading.

Konrad  2010-03-23 10:25:32
Thank you for the links, I will look at them. The system is for handing out login tokens, similar to Kerberos tokens, embedded into HTTP cookies. I personally would have just used Kerberos and webauth, instead of re-inventing the wheel, but I do what I am told :P
Hassan Syed  2010-03-23 10:28:36
+1 as it might be useful for others :D
Hassan Syed  2010-03-23 10:37:32
A: 

This is the solution I am going for atm. Unless of course someone comes up with a better one, or one that solves my specific problem.

I will put three files in /etc/acme/auth/file1 file2 and file3, binary files with randomly generates numbers for the 2 keys and the ivec, and do the same in windows but under c:\etc\acme\auth.

Hassan Syed  2010-03-23 11:27:26
Can I suggest (for Windows) you use a subdirectory in your application directory? Nothing annoys me more than applications polluting my filesystem. :-)
Konrad  2010-03-23 11:32:25
The library will be a nginx module, Perhaps I can place it under a directory relative to the nginx install location. I will have to investigate that further, in all likelihood the server will only run under linux.
Hassan Syed  2010-03-23 11:36:06

related questions

Of Memory Management, Heap Corruption, and C++
How do I make a GUI?
Alpha blending sprites in Nintendo DS Homebrew
Thread safe lazy contruction of a singleton in C++
Interview Programming Questions - In house Exam
Link issues (VC6)
What are the barriers to understanding pointers and what can be done to overcome them?
Why are professors or schools picking Java over C++ to teach to students?
What is the best way to create a sparse array in C++
C/C++ library for reading MIDI signals from a USB MIDI device
How do you pack a visual studio c++ project for release?
How to set up unit testing for Visual Studio C++
How do I configure and communicate with a serial port?
Lightweight IDE for Linux
Mapping Stream data to data structures in C#
CPU throttling in C++
Asynchronous multi-direction server-client communication over the same open socket?
Exceptions in C++
Heap corruption under Win32; how to locate?
Build for Windows NT 4.0 using Visual Studio 2005?
C++: Should I use nested classes in this case?
BerkeleyDB Concurrency
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS