comment on

I want the passphrase to be kept secret, not available in the source code.

Only way around this is to put the passphrase in a seperate file which you read out of each time your program runs. The file should be only be readable by the username your software runs under. You can run the passphrase through SHA1 first and set that value as the passphrase, so at least the passphrase wouldn't be in plaintext.

I know, this isn't the best solution. It's mearly the only solution. In a perfect world, a human would manually enter the passphrase every time. This doesn't sound like an option for you, so I present this flawed but useable solution instead.

----
I wanted to explore how Perl's closures can be manipulated, and ended up creating an object system by accident.
-- Schemer

Note: All code is untested, unless otherwise stated

In reply to Re: Using Asymmetric keys for Encryption by hardburn
in thread Using Asymmetric keys for Encryption by fuzzyping

Are you posting in the right place? Check out Where do I post X? to know for sure.
Posts may use any of the Perl Monks Approved HTML tags. Currently these include the following:
<code> <a> <b> <big> <blockquote> <br /> <dd> <dl> <dt> <em> <font> <h1> <h2> <h3> <h4> <h5> <h6> <hr /> <i> <li> <nbsp> <ol> <p> <small> <strike> <strong> <sub> <sup> <table> <td> <th> <tr> <tt> <u> <ul>
Snippets of code should be wrapped in <code> tags not <pre> tags. In fact, <pre> tags should generally be avoided. If they must be used, extreme care should be taken to ensure that their contents do not have long lines (<70 chars), in order to prevent horizontal scrolling (and possible janitor intervention).
Want more info? How to link or How to display code and escape characters are good places to start.


"be consistent"
	PerlMonks