Hi
I have been testing some methods for key handling. I feel it's best to
keep raw keys handled as the key types rsa::PublicKey and
rsa::PrivateKey etc. within the application. This would appear to aid
with type safety for one and security (not wishing to have keys
represented as strings which do not use secure allocators). I realise
this does not necessarily require raw or uncooked keys, however it
seems more efficient to keep them in this form.
I have no requirement to interoperate with other systems as of yet and
therefore I am looking at efficiency and security.
I can easily use a filesink/source and write keys to a file (and load
them) with the key.Save and key.Load methods, however I do need to
serialise keys as parts of structs for transmission on a network.
So can anybody suggest the most efficient and secure method. I was
thinking about boost serialisation to serialise to a string
representation and encapsulate this in a protocol buffer (Google).
So basically we may have a struct similar to
typedef CryptoPP::RSA::PrivateKey PrivateKey;
typedef CryptoPP::RSA::PublicKey PublicKey;
typedef std::string ValidationToken, Identity, PlainText, Signature,
CipherText;
struct RSAKeys {
public:
enum { KeySize = 4096 };
RSAKeys() : identity(), priv_key(), pub_key(), validation_token() {}
Identity identity;
PrivateKey priv_key;
PublicKey pub_key;
ValidationToken validation_token; // certificate, additional
signature etc.
};
And wish to send this (and similar) across a network. I would really
like to keep string representations to a minimum if possible.
If anybody has a good suggestion or knows it it worth/possible to
simply use boost::serialisation to keep the keys as raw (or encoded
for that matter) while allowing them to be passed between systems and
sometimes saved to disk (although this would be done with file sink as
per examples) then it would be great to hear from you.
Thanks for reading a (too) long explanation.
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
