I am trying to figure out the best approach to implement an encrypted
log file. One application logs data, and another application
periodically manipulates it and loads it into a database. Data logs
to a file for a set length of time, and then creates a new log file
for the next time increment. Log files are large enough and updated
frequently enough that I am hoping to avoid reading and decrypting the
current file, appending the new text and then encrypting the whole
thing again.
I was (probably very naively) hoping to do something very simple like
setting up a StreamTransformationFilter using a StringSource and a
FileSink usin the same IV/key for one complete file, then change the
IV and start logging the next file until done, etc. Unfortunately
either it is not that simple or I am using it wrong.
I was hopeful, because when I made repeated calls using StringSink it
seemed to do what I wanted, but FileSink is not. I have been using
Sosemanuk since a stream cipher seems to fit in with what I am trying
to do. I have also
example:
// The following does exactly what I want, which is to build a cipher
string which decodes to the concatenation of the three input strings.
// Is there something inherently wrong in this approach?
std::string plain1( "Test string one");
std::string plain2( "Test string two");
std::string plain3( "Test string three");
std::string CipherText;
// Encrypt three separate strings to the same cipher string
byte key[CryptoPP::Sosemanuk::DEFAULT_KEYLENGTH],
iv[CryptoPP::Sosemanuk::IV_LENGTH];
CryptoPP::Sosemanuk::Encryption enc(key,
CryptoPP::Sosemanuk::DEFAULT_KEYLENGTH, iv);
CryptoPP::StringSource( plain1, true, new
CryptoPP::StreamTransformationFilter( enc, new
CryptoPP::StringSink( CipherText ) ) );
CryptoPP::StringSource( plain2, true, new
CryptoPP::StreamTransformationFilter( enc, new
CryptoPP::StringSink( CipherText ) ) );
CryptoPP::StringSource( plain3, true, new
CryptoPP::StreamTransformationFilter( enc, new
CryptoPP::StringSink( CipherText ) ) );
// Decrypt
CryptoPP::Sosemanuk::Decryption dec(key,
CryptoPP::Sosemanuk::DEFAULT_KEYLENGTH, iv);
CryptoPP::StringSource( CipherText, true,
new CryptoPP::StreamTransformationFilter( dec, new
CryptoPP::StringSink( RecoveredText )))
If instead of the above I use
CryptoPP::StringSource( plain1, true, new
CryptoPP::StreamTransformationFilter( enc, new
CryptoPP::FileSink( "CipherFile" ) ) );
CryptoPP::StringSource( plain2, true, new
CryptoPP::StreamTransformationFilter( enc, new
CryptoPP::FileSink( "CipherFile" ) ) );
CryptoPP::StringSource( plain3, true, new
CryptoPP::StreamTransformationFilter( enc, new
CryptoPP::FileSink( "CipherFile" ) ) );
and
CryptoPP::FileSource( "CipherFile2", true,
new CryptoPP::StreamTransformationFilter( dec, new
CryptoPP::StringSink( RecoveredText )));
I get garbage.
Any advice, including telling me this is not the way to encrypt log
files, would be welcome.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [EMAIL PROTECTED]
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---
