1

I want to save email accounts and passwords, which I will have previously encrypted with an algorithm. They need to be saved and read as binaries, with fwite and fread. What I want, is to be able to know if it's a pass or an email account, saving it between < e > < e > and < u > < u >

For example:

<e> !"§(!"$)Asdn12§(!"§UASD <e>
<u> !"§()!="§ksd!"§KM!"§lkm12 <u>
<e> !"§KMK!M"§asd9i1ikm23ß0 <e>
<u> l,1ö2l3!"§)IQASD=K!"E <u>

how do you suggest should I read the file as binary but be also able to parse it.

Those emails and passes are read by another prog which performs some tasks with them.

Improve this question
10
  • Are usernames and passwords always paired? Commented Jul 22, 2011 at 20:18
  • Why <p> and <u>? Are you thinking of xml? Commented Jul 22, 2011 at 20:19
  • Off topic: please securely hash your passwords instead of encrypting them. Commented Jul 22, 2011 at 20:19
  • yes they are always paired, no xml just a way to know it's a pass or usename Commented Jul 22, 2011 at 20:22
  • 1
    On topic: If you're saving the data as binary, then typically you would define a file format. For example, the first few bytes can specify how many username/password pairs you have, then you can have a header consisting of a few bytes that specifies how long the username and password is, then have the actual username and passwords follow it. Repeat for each pair. You may save a hash of the data to check for integrity. Commented Jul 22, 2011 at 20:23

2 Answers 2

Reset to default
1

If usernames and passwords are always paired I suggest you store the length (in number of bytes) before each username and before each password. This way you can read the length (say a 4 byte integer) and know how long the next username / password record will be. You can then repeat this without worrying about searching for tags that could occur within a username or password.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

You're doing it wrong. Writing your own crypto is a general no-no.

If you need to save usernames and passwords for authentication or logging into services, I recommend saving it normally but relying on the OS's file permissions to keep it safe (this is standard Unix practice, as if the OS is compromised you've lost anyway).

If you do need publicly-readable but encrypted passwords, use a freely-available encryption library and put the decryption key right into the source code (and compiled binary). This is as secure as you can be, since an attacker can just read the memory after decryption anyway.

I strongly recommend thinking about why you need encryption, and who you're trying to hide the information from.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.