Каморка

This is what I want.

Get password from UI, encrypt string, store to file.
Next time UI started, load string from file, decrypt it into original string (for using against DBMS login, for example).

My question is. What would be the best way implement string encryption/decryption on Linux.
I can do that with OpenSSL, but what if OpenSSL not installed (could it be case ?)

thanx

dima писал(а):I can do that with OpenSSL, but what if OpenSSL not installed (could it be case ?)

может статически прилинковать её?

dima писал(а):This is what I want.

Get password from UI, encrypt string, store to file.
Next time UI started, load string from file, decrypt it into original string (for using against DBMS login, for example).

My question is. What would be the best way implement string encryption/decryption on Linux.
I can do that with OpenSSL, but what if OpenSSL not installed (could it be case ?)

thanx

In your approach basically everybody who will start UI will have access to DB (in your example).
Password decryption is not good idea either, because in most case you have "one-way" encryption, and it will not be possible to revert it, unless it's something simple in terms of encryption algorithm. Typically system works in the following way - it stores password in the encrypted form, from UI it's getting plain text password, encrypt it using the same algorithm, than compare hashes.

dima писал(а):This is what I want.

Get password from UI, encrypt string, store to file.
Next time UI started, load string from file, decrypt it into original string (for using against DBMS login, for example).

My question is. What would be the best way implement string encryption/decryption on Linux.
I can do that with OpenSSL, but what if OpenSSL not installed (could it be case ?)

thanx

если пароль, то ты НЕ хочешь чтобы его можно было расшифровать. обычно пароли просто хешируют. смотри на md5.

borei писал(а):

dima писал(а):This is what I want.

Get password from UI, encrypt string, store to file.
Next time UI started, load string from file, decrypt it into original string (for using against DBMS login, for example).

My question is. What would be the best way implement string encryption/decryption on Linux.
I can do that with OpenSSL, but what if OpenSSL not installed (could it be case ?)

thanx

In your approach basically everybody who will start UI will have access to DB (in your example).
Password decryption is not good idea either, because in most case you have "one-way" encryption, and it will not be possible to revert it, unless it's something simple in terms of encryption algorithm. Typically system works in the following way - it stores password in the encrypted form, from UI it's getting plain text password, encrypt it using the same algorithm, than compare hashes.

I have to use plane password in some API's, like connect. It's not enough to confirm that password entered last time is the same as entered now. MD5 will work for that.

man 3 crypt

http://linux.die.net/man/3/crypt

gonzo писал(а):man 3 crypt

http://linux.die.net/man/3/crypt

А, не заметил, что надо расшифровывать. Ответ снимается.

this is how it end up.

If open ssl installed, I will encrypt/decrypt my string using predefined password (blowfish - what a name !)
if not whole storing/retrieving functionality will be disabled.

thanks to all

Даже затрудняюсь придумать причину по которой OpenSSL может быть не инсталлирован на Линуксе...
Any security reasons?

Stanislav писал(а):Даже затрудняюсь придумать причину по которой OpenSSL может быть не инсталлирован на Линуксе...
Any security reasons?

could it be uninstalled ?

dima писал(а):

Stanislav писал(а):Даже затрудняюсь придумать причину по которой OpenSSL может быть не инсталлирован на Линуксе...
Any security reasons?

could it be uninstalled ?

SSL устанавливается по умолчанию на любой Линукс
Юзер даже не подозревает об этом. Для админа - нет причин деинсталлировать.
HTTPS не будет работать, мыло секьюрное.
Вы к своему софту требования укажите - опенССЛ и все.