Hi, I have a client/server application, where client authenticate itself by signing a random string (sent by server) using its private key. Whole logic is working fine for me. I am using PEM_read_PrivateKey() function to read the private key from the key file which is stored on the disk.
As per the current mechanism PEM file needs to be the part of the client bundle, but that is not good for the safety of the client's private key (as this way key file will be visible to all the users of the application). I am looking for some mechanism to directly hardcode the key in the code & directly read it from there. Can anyone give me some idea on this. What format I can use to specify the PEM data in the code & what APIs can be used to read the private key directly from the memory buffer. Looking for some valueable comments from you. Thanks Cheers !
