Reputation: 814
Serializing a public key for sending over network
I have some Client/Server application. It works correct. And I want to add the cryptography to it. I find Crypto++ library, and make some simple project using it: for DES encoding, and for RSA encoding. It contains two classes: EncoderDes and EncoderRSA:
class EncoderDES
{
public:
EncoderDES();
std::string encode(std::string plainText);
std::string decode(std::string cypher);
std::string toReadable(std::string cypher);
void doIt();
private:
AutoSeededRandomPool prng;
SecByteBlock key;
byte iv[];
};
class EncoderRSA
{
public:
EncoderRSA();
void keyGeneration();
void substitutePublicKey(Integer e, Integer n);
Integer encode(std::string plainText);
std::string decode(Integer cypher);
private:
AutoSeededRandomPool prng;
RSA::PublicKey publicKey;
RSA::PrivateKey privateKey;
};
I think, Server must generate the DES key, and pass it to each client by RSA. And in this step I have some questions: 1. How to send (and how to receive) RSA::PublicKey? 2. How to send (and how to receive) SecByteBlock?
(I can't send them, because I can't: 1. convert RSA::PublicKey to char* 2. convert char* to RSA::PublicKey 3. convert SecByteBlock to string.)
I can only convert string to SecByteBlock:
SecByteBlock stringToKey(string decodedKey) {
SecByteBlock receivedKey(decodedKey.data(), decodedKey.size());
return receivedKey;
}
But don't sure that it's correct.
How to resolve this problems?
Upvotes: 2
Views: 1246
Answers (1)
Reputation: 102205
I have some Client/Server application...
Before you go too far down a rabbit hole, scrap most of the existing design.
To encrypt communications between the client and server, use an Integrated Encryption Scheme. Crypto++ has two of them. The first is Elliptic Curve Integrated Encryption Scheme, and it operates over the field of elliptic curves. The second is Discrete Logarithm Integrated Encryption Scheme, and it operates over the field of integers.
Both schemes are state of the art, and they tie the ciphertext (and decryption) to the other's public key. The plain text is encrypted and the cipher text is MAC'd, so it provides confidentiality and authenticity. They also ensure you don't reuse a security context. Integrated Encryption Schemes are some of the most secure schemes you can use because they are IND-CCA2 (its a very strong notion of security).
You still need to solve the key distribution problem from your earlier question. But once you have a public key, the system mostly works. I can only say "mostly" because I don't know what you are doing to guard against insertions and replays at the network level.
I can't send them, because I can't: 1. convert RSA::PublicKey to char* 2. convert char* to RSA::PublicKey 3. convert SecByteBlock to string.
You should visit Keys and Formats on the Crypto++ wiki. It shows you how to serialize them. Also see Safe way to sending a public key over a socket on Stack Overflow.
A quick nudge in the right direction: use Save and Load; and don't use DEREncode or BERDecode. Save and Load operate on the subject public key info, and it includes an algorithm identifier in addition to the key. That usually helps you later because the key type is part of the public key.
Upvotes: 2
Related Questions
- Serializing and Deserializing in a client-server architecture
- c++ : How to send a struct from client to server through socket and serialize it?
- How to serialize an object to send over network
- ECIES Public Key serialization
- client server c++ serialization
- Sending PublicKey within packet payload
- Object serialization of c++ on TCP
- Best way of serializing/deserializing a simple protocol in C++
- Doing serialization in c++
- serialize and deserialize structures in sockets