Home/ Questions/Q 8638199
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-12T10:40:07+00:00

We have an app that stores some data localy, none of this data is

  • 0

We have an app that stores some data localy, none of this data is valuable to anyone else except the user and us. So, we don’t need to encrypt it, but we do want to make sure that nobody has changed it.

I figured the easiest way to do this is to generate a hash from file contents, date stamp and/or size. Doing straight md5 is probably not good enough, because who ever wants to change the data could just generate a new hash, so it would be nice to use some sort of the key. Does anybody know of a simple way to do this? I would like to avoid using libraries such as crypto++, but not 100% against it.

Oh, and we are doing the app in C++.

Maybe, I just need to add some obscure data to whatever we pass to the md5 function and be done with this. What do you guys think?

Just to reiterate, file has no valuable info to hackers, so there is no reason to go overboard with security. I just want to check if the settings have been messed with.

Thanks,
Angrius.

PS> does anyone know a good way to implement md5 that would work on both?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The simplest way to do what i wanted to do is to implement basic HMAC (http://en.wikipedia.org/wiki/Hash-based_message_authentication_code). You can even store this hash inside the config file itself, although that’s a bit more complicated, but pretty neat.

    Turns out that both iOS and Android have built in libraries to do basic SHA1, MD5 and so on. They also both support HMAC. So for iOS you would do something like this:

    #include <CommonCrypto/CommonHMAC.h>

string createHMAC( string key, string text )
{
    string result;

    const char *cKey  = key.c_str();
    const char *cData = text.c_str();
    unsigned char cHMAC[CC_SHA1_DIGEST_LENGTH];

    CCHmac( kCCHmacAlgSHA1, cKey, strlen(cKey), cData, strlen(cData), cHMAC );

    NSMutableString* output = [NSMutableString stringWithCapacity:CC_SHA1_DIGEST_LENGTH * 2];
    for(int i = 0; i < CC_SHA1_DIGEST_LENGTH; i++)
    {
        [output appendFormat:@"%02x", cHMAC[i]];
    }
    result = string( [output UTF8String] );

    return result;
}

    Since this is objective-c code, you can compile this as objective-c++ and it will work. If your app doesn’t require any advanced cryptography, there is no need to use any frameworks.

    Cheers,
    Angrius

    • 0