flat assembler
Message board for the users of flat assembler.
Index
> Windows > digital signature |
Author |
|
revolution 24 Dec 2008, 23:52
The problem is fundamentally unsolvable, because anyone can always just replace the keys with their own, or just simply bypass the check completely.
So with that in mind, you can use a simple RSA/ECC scheme. There is lots of info and source code around the 'net. |
|||
24 Dec 2008, 23:52 |
|
bcdsys 25 Dec 2008, 02:15
>The problem is fundamentally unsolvable, because anyone can always just replace the keys with their own, or just simply bypass the check completely.
I know but this isnt problem here, problem is to make it so no 3ed party outside target system or me can revoke key. cracker on target can add key, but i dont want to use keys from ms or verisign or anyone who can revoke them, so i want my own root ca heres problem: 1.app comes with cert by me 2.when app gets remote input it checks if digital sign by me 3. input only accept if signed i want secure way to do above what is best for this, must be very secure against attackers and must work any signing scheme accept, doesnt have to be ssl, cert can be any format, just must be simple, fast, secure, and use my own signing keys |
|||
25 Dec 2008, 02:15 |
|
bcdsys 25 Dec 2008, 02:21
various ways and problems:
1. use http://en.wikipedia.org/wiki/GNU_Privacy_Guard problem is not api must use another process so inefficient, i dont want create another process 2. use ECC/RSA how complex is the code in my app to code myself? prob need to find code on net, should be free sourcecode on net. know windows has wincrypt.h for encryption. is this good for this? also I heard of OpenSSL. is openssl good for this? |
|||
25 Dec 2008, 02:21 |
|
revolution 25 Dec 2008, 02:22
Just use what I mentioned above RSA or ECC, that's what hey are designed for. You encrypt/sign with the private key and send to the program to decrypt/check the received data. Simple.
As for revoking a key etc. You have to make sure no one has access to the program else all bets are off. If someone can change your program then it is already too late, you have no control over what that program will accept/reject in the future. These are two separate issues though. Sending verifiable data to someone/something is easy with RSA/ECC, but ensuring no one hacks a program is hard. |
|||
25 Dec 2008, 02:22 |
|
revolution 25 Dec 2008, 02:28
bcdsys wrote: 2. use ECC/RSA Have a look at my SHA512, RSA and Rijndael (AES) macros to give you an idea of what is involved. |
|||
25 Dec 2008, 02:28 |
|
vid 25 Dec 2008, 13:42
or just use libtomcrypt, it is pretty easy....
|
|||
25 Dec 2008, 13:42 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2025, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.