Find the answer to your Linux question:
Results 1 to 5 of 5
Hi, Our product has a web interface through which user can download configuration file. The file is associated with a passphrase. The format of file is binary and it has ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Nov 2006
    Location
    Harrisburg, PA, USA
    Posts
    56

    Lightbulb Encrypting file contents


    Hi,

    Our product has a web interface through which user can download configuration file.
    The file is associated with a passphrase. The format of file is binary and it has different types of records with each record of different data structure.

    When user downloads this file I want the dowloaded file not to be readable. Also if user edits the downloaded file and make some changes and uploads it again, I don't want it to be uploaded in our product.

    I was looking for a solution by which I can make this file read only and hence not editable by user. Is there a way to achieve this?

    Or is there any algorithm by which I can come to know that file is modified while uploading? some sort of signature???

    I am using linux C, CGI for web development.

    Thanks.

    Regards,
    Sumit

  2. #2
    Linux Newbie sarlacii's Avatar
    Join Date
    May 2005
    Location
    South Africa
    Posts
    110
    Hi Sumitv... file hash algorithms were invented for this function. Will need a common key though. Check out md5, sha etc. for possible implementations. Most types included in Linux distros by default.

    As for permissions... that a bit more difficult, as by allowing the download, control of the file passes to the user, at which point they can modify permissions at will. Will need to encrypt - zip?

    Cheers, hope this helps a bit?
    Respectfully... Sarlac II
    ~~
    The moving clock K' appears to K to run slow by the factor (1-v^2/c^2)^(1/2).
    This is the phenomenon of time dilation.
    The faster you run, the younger you look, to everyone but yourself.

  3. #3
    Just Joined!
    Join Date
    Nov 2006
    Location
    Harrisburg, PA, USA
    Posts
    56
    sarlacii,

    Thanks for your reply. It helped me.
    I found a way to encrypt the file using different alogorithms. I also observed some of the algorithms are readily available with source code. But all these algorithms require a password to be entered by user, which is not possible in my case.

    I have a backend C code which runs independent of user. I have to encrypt the contents of the file and make it user unreadbale. I am OK if it is not password protected. Is there a way to achieve this?

    Thanks.

    Regards,
    Sumit

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Guru Cabhan's Avatar
    Join Date
    Jan 2005
    Location
    Seattle, WA, USA
    Posts
    3,252
    You said that every file is associated with a passphrase. Why not just use that passphrase as the user-entered password?

  6. #5
    Just Joined!
    Join Date
    Nov 2006
    Location
    Harrisburg, PA, USA
    Posts
    56
    Yes.

    You are right. Every file is associated with a passphrase. But this passphrase is sent through web user interface and at the backend we have linux cgi code along with shell script. We get this passphrase at the backend.

    I am investigating how can we send this passphrase to gpg(or any other encryption utility) program through shell script without requiring user to input that. Is there a way?

    Thanks for the reply.

    Regards,
    Sumit

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •