---------- Forwarded message ---------- From: Dillon Beresford <[email protected]> Date: Sun, Feb 1, 2009 at 5:35 PM Subject: Re: CryptoPP::ArraySource Stub Decryption To: Avi <[email protected]>
Avi, I feel your pain with the library. It can be a cumbersome process getting a configuration setup. I'm actually not looking forward to writing build documents for my project. So the example you gave me is perfect, I see exactaly what your trying to acomplish. One quick question. Are you also embedding the public key as well? You said, you embedded the private key. Is the public key stored in there as well? Just checking, decryption will fail if the public key is not stored as well. >(*) Please correct me if I'm wrong here: I believe I will need to embed the >private key into client.exe as well as the decryption function. const char pubKey[] = "000......"; const char privKey[] = "000......"; stubDecrypt.LoadKey(pubKey,priKey); You are correct the private key needs to be stored, and the public key (together). The way the class is designed it reads from two files. The way my stub is designed it reads from two types. I know you already understand storage I just want to make sure that you have included the public key as well. All the very best and I will try to respond as quickly as possible to help you resolve this issue. Sounds like a fun little project and very useful too. Regards, Dillon Beresford On Sun, Feb 1, 2009 at 4:34 PM, Avi <[email protected]> wrote: > > Hi Dillon, > > For the sake of clarity, I started programming 15 years ago. It's > cryptography that I'm new to. Same as American Football – didn't get > to it yet :) > > Anyways, yes – I rebuilt everything according to compiler version and > flavor. > I even name my libs this way (for example: > cryptopp552.debug.msvc60.lib) so I know exactly what I'm linking up > against. > > Regarding my client, it's just a small util I developed in my own free > time. The audience loves it and I enjoy maintaining it. I got to a > stage where I need it to be more secure, so I'm taking the opportunity > here to expand my horizons into cryptography. > > So, it goes like this: I have an offline tool that builds a database > on a nightly basis (the size is around 1Mb). I want to add a final > encryption phase to this nightly build. > I have an .exe client (let's call it client.exe) that checks for > updates and downloads the database from our intranet upon need. > > Currently I have the full database, more of less, sitting as clear > text on the client machine's harddisk. > I want to change my strategy, place just a minimal subset of the > database on the harddisk for working offline (e.g. laptops), and if > client.exe detects that it is connected to the intranet, I plan to > download the full database file into memory (without saving it). > > (*) Please correct me if I'm wrong here: I believe I will need to > embed the private key into client.exe as well as the decryption > function. > > Just to be clear, both versions of the databases will be encrypted in > the same manner so it doesn't matter which version I load, it will be > decrypted the same way. > > Practically, I wish to tighten up the security of the database(s) and > make sure that no readable version of the file will exist. > > (*) Once decrypted, the database will be stored in memory as clear > text data… > > > Dillon, thanks for your time and effort – I really appreciate it. > > I'll look around for "Wei's Instructions" on how to build the library > because so far it has not been a pleasant experience. > > Good luck with the Super Bowl! > > Avi. > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~---
