> On May 5, 2019, at 11:04 PM, Birajendu Sahu <biraje...@netskope.com> wrote: > > I would like to generate a device specific key upon installation of the > application. Same time I don't want to save the key in device memory too.
For AES256, just generate 32 bytes (256 bits) of securely random data and use that as the key. (“Securely random” means do not use `rand` or `random`, rather a random number generator provided by the OS or a crypto library. This varies by platform. On macOS see SecRandom.h.) (Don’t try to do anything fancy to generate the key. There is nothing you can do that will give you a more-random, less-guessable key than your OS’s secure RNG.) The key should be stored in OS-provided secure storage. On macOS that’s the Keychain. I’m sure Windows and Android have some equivalent of that. —Jens _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
