?
Solved

a security function that can be called by Java and C

Posted on 2003-10-23
17
Medium Priority
?
412 Views
Last Modified: 2010-04-15
There are 2 programs, a C program and a Java program . I would like to add a security function ( a program or function that can called by the C program and the Java program) in these 2 programs so that the programs cannot run after an expired date.

My planning is that firstly I write a program that write the expired date (in encrypt form) into the registry in the user's windows. (Q1: What programming should I use? I plan to use VB. Is there any advantages and disadvantages? Q2: Which encrypt method is good for that VB or the programming language u suggest?)

Secondly, everytime the user run the C program and the Java program, the program will call a module (maybe a class written in C), that module will try to go to the registry and get the expired date ( in encrypt form) and return the expired date to the C or Java program. (Q3: Would you please tell me what programming tool should I use so that both the C program and the Java program can call it? Would you please give me a sample program or reference for using that programming language to get the data in the registry? Q4: Would you also tell me the sample code for calling from C and Java using that programming language ? Q5: Would you also tell me how to decrypt the data that is encrypted in Q2 using the programming language u suggest to me in Q3? )

Would you also give suggestions on my planning ? What can I improved ?
0
Comment
Question by:mikekwok
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 3
17 Comments
 
LVL 23

Accepted Solution

by:
brettmjohnson earned 252 total points
ID: 9612240
You probably should write the check function in C so that is easily callable by the C routine.

The Java code can call C code using the Java Native Interface (JNI).  
JNI tutorial here:  http://java.sun.com/docs/books/tutorial/native1.1/

0
 

Author Comment

by:mikekwok
ID: 9618383
Thanks for answering q3 , do u have some sample codes for doing q3 ?
Do u have any idea on the other questions in my problem ? Thanks.
0
 
LVL 23

Expert Comment

by:brettmjohnson
ID: 9618545
Q1)  I have never used Visual Basic.  I don't know how Java Native Interface works with VB. I would use C.

Q2) MD5 encryption is probably sufficient for your needs.  There are implementations in many languages.

Q3) Java Native Interface (JNI).

Q4) See tutorial mentioned in previous post for JNI sample code.

Q5) Most encryption packages (including MD5) include encryption and decryption interfaces. (Except one-way cyphers, of course.)


0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:mikekwok
ID: 9618555
Would you give me the sourcecode or tutorial on using MD5 in C ?
0
 

Author Comment

by:mikekwok
ID: 9656559
Would somebody please teach me (Q1) how to use MD5 with C / Visual Basic, (Q2) How to use C/C++ to open / edit windows registry  ?
0
 

Author Comment

by:mikekwok
ID: 9675795
I would like to ask after I have encrypted a string using the MD5 and write it to windows registry , how can i decrypt the string into the orginal string ?
0
 
LVL 22

Assisted Solution

by:cookre
cookre earned 248 total points
ID: 9676362
This isn't all that difficult - either conceptually or in implementation.

There are several simple algorithms in which the same key can be used to both encrypt and decrypt.  Here's some code I use frequently.  You should be able to follow the comments.  Note that this is used on an entire file, but the idea would work just as well with a single clump of data to be plopped in the registry:
===================
#include "stdafx.h"
#include <stdlib.h>
#include <stdio.h>
#include <time.h>
#include <fcntl.h>
#include <sys\types.h>
#include <sys\stat.h>
#include <io.h>
#include <dos.h>
#include <errno.h>
#include <string.h>
#include <conio.h>

int FileIn;
int FileOut;
unsigned int   FileSize;      // How large our file is
unsigned char *Buf;           // Place to keep file in RAM
unsigned char  Password[128]; // Enc/Dec key
unsigned int   uidx;
unsigned int   BufIdx;
unsigned int   ClumpSize;
unsigned char  Clump[128];


///////////////////////////////////////////////////////////////////////
void XOR()
// Clump=Clump XOR Password
{
unsigned int uidx;
for (uidx=0; uidx<ClumpSize; uidx++)
    {
    Clump[uidx]=Clump[uidx] ^ Password[uidx];
    }
return;
}

///////////////////////////////////////////////////////////////////////
void LSC()
// Clump=Clump LeftCircularShift 1
{
unsigned char LeftMostBit;
unsigned char CarryBit;
unsigned int uidx;

LeftMostBit=Clump[0]>>7;
for (uidx=0; uidx<(ClumpSize-1); uidx++)
    {
    CarryBit=Clump[uidx+1]>>7;
    Clump[uidx]=CarryBit | (Clump[uidx]<<1);
    }
Clump[ClumpSize-1]=LeftMostBit | (Clump[ClumpSize-1]<<1);
return;
}

///////////////////////////////////////////////////////////////////////
void RSC()
// Clump=Clump RightCircularShift 1
{
unsigned char RightMostBit;
unsigned char CarryBit;
unsigned int uidx;

RightMostBit=Clump[ClumpSize-1]&1;
for (uidx=ClumpSize-1; uidx>0; uidx--)
    {
    CarryBit=Clump[uidx-1]&1;
    Clump[uidx]=(CarryBit<<7) | (Clump[uidx]>>1);
    }
Clump[0]=(RightMostBit<<7) | (Clump[0]>>1);
return;
}


void main(int argc, char* argv[])
{
if (argc!=3)
   {
   printf("Usage: SecDec  <FileIn>  <FileOut>\n");
   exit(1);
   }

//
// magic word
                                     Password is whatever string you'ld like to use.
                                     Rather than put a plain text sting in the code that could be seen
                                     in a file dump, I build the string at run-time.
                                     For each character, I use a randomly generated addition of two
                                     of two integers whose sum is the ascii value of the character.
                                     For example, if the 12th character of the key were 'u' (117),
                                     I might have Password[11]=93+24;
Password[0]=...;
Password[n]=...;
Password[n+1]=0;


                                     You can ignore all the file I/O stuff


// Open input file
FileIn=_open(argv[1],_O_BINARY|_O_RDONLY);
if (FileIn<0)
   {
   printf("Unable to open input file <%s>(%d)\n",argv[1],errno);
   exit(2);
   }

// Open or create output file
FileOut=_open(argv[2],_O_BINARY|_O_CREAT|_O_RDWR|_O_TRUNC,_S_IWRITE);
if (FileOut<0)
   {
   printf("Unable to open output file <%s>(%d)\n",argv[2],errno);
   exit(3);
   }

//
// Get space to hold file in RAM
FileSize=(unsigned int)_filelength(FileIn);
Buf=(unsigned char*)malloc((size_t) FileSize);
if (Buf==NULL)
   {
   _close(FileIn);
   _close(FileOut);
   printf("Insufficient RAM\n");
   exit(4);
   }

//
// Load input file into RAM
_read(FileIn,Buf,FileSize);

//
// Decrypt file in clumps of Passwords length;
ClumpSize=strlen((char *)Password);
BufIdx=0;
while (BufIdx<FileSize)
      {
      // Adjust for last clump being smaller than Password
      if ((FileSize-BufIdx)<ClumpSize) ClumpSize=FileSize-BufIdx;

      // Load clump to be decrypted
      for (uidx=0; uidx<ClumpSize; uidx++) Clump[uidx]=*(Buf+BufIdx+uidx);

      // Encrypt this clump
      RSC();
      XOR();
      RSC();
      XOR();
      RSC();
      XOR();

                                       To decrypt using the same key, use

                                       XOR();
                                       LSC();
                                       XOR();
                                       LSC();
                                       XOR();
                                       LSC();




      // Put the clump back where it came from
      for (uidx=0; uidx<ClumpSize; uidx++) *(Buf+BufIdx+uidx)=Clump[uidx];
      BufIdx+=ClumpSize;
      }

//
// Write out buggered file
_write(FileOut,Buf,FileSize);

//
// Cleanup
free(Buf);
_close(FileOut);
_close(FileOut);
exit(0);

}
===================





0
 

Author Comment

by:mikekwok
ID: 9676526
What's the algorithm u use ? md5 or other algorithm ?
0
 
LVL 22

Expert Comment

by:cookre
ID: 9676575
If you do a search on ENCRYPT XOR SHIFT you'll find similarities in both DES and AES block cyphers.  To most folks I know who know about it, it's just "That XOR shift thingie".

For what it's worth, it's passed muster with every security officer I've had to deal with.
0
 

Author Comment

by:mikekwok
ID: 9676586
Do you have some sample on creating an using public key and private key for encryption and decryption in C ?

If i don't want to use the same key for encryption and decryption in ur same code, what should i do ?
0
 
LVL 22

Expert Comment

by:cookre
ID: 9678091
<Do you have some sample on creating an using public key and private key for encryption and decryption in C ?>

Nope. The times I've had to write to public/private key encryption have used commercial encryption packages, the APIs for which are all different.


<If i don't want to use the same key for encryption and decryption in ur same code, what should i do ?>

Don't use it, then.  One of the points of that method is that the same key will both encrypt and decrypt.
0
 
LVL 22

Expert Comment

by:cookre
ID: 9889056
How's it going?
0
 
LVL 22

Expert Comment

by:cookre
ID: 10414133
Sunny - whatever you deem appropriate...
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface I don't like visual development tools that are supposed to write a program for me. Even if it is Xcode and I can use Interface Builder. Yes, it is a perfect tool and has helped me a lot, mainly, in the beginning, when my programs were small…
This tutorial is posted by Aaron Wojnowski, administrator at SDKExpert.net.  To view more iPhone tutorials, visit www.sdkexpert.net. This is a very simple tutorial on finding the user's current location easily. In this tutorial, you will learn ho…
The goal of this video is to provide viewers with basic examples to understand and use pointers in the C programming language.
The goal of this video is to provide viewers with basic examples to understand and use switch statements in the C programming language.
Suggested Courses
Course of the Month14 days, 19 hours left to enroll

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question