问题描述:

Ok, here's the deal. I have a program that makes a log in Python. I wanted this log to be secure from edits when the program isn't using it, so I wrote a python script which creates C++ source designed to reprint the log back into Python. Once I compile this source, I can have the log pretty secure, then just run the executable to retrieve it. Its convoluted, but it works

The Issue: When I create the Python log, I replace ' with the equivalent literal (\') so that it doesn't ruin my strings while their stored. But, when I pick this up with C++, and the plop it back down, I lose the literal, so I get broken strings. Is there an easy way to replace the ' in C++ with the corresponding literal similar to the replace function in Python.

Some code snippets that might help:

How I write string to the log in Python

logFile.write(" '{}'".format(somestring.replace("'","\\'").encode('ascii', 'ignore'))

What the Python log looks like:

CRDict = {"ID number string":[list of a bunch of items], "Another ID number: [Another list of things]}

How I write the C++ lines that store strings from the log in Python (where CR{} is struct)

CFile.write(' CR{}.somestring = "{}";\n'.format(num,somestring))

What the C++ line that stores the string ends up looking like

CR0.somestring = "This is a string and it doesn't keep track of literals";

The C++ line which writes the string back into Python (the file called CRPYLog)

CRPYLog << " '" + CR0.somestring + "'," << endl;

And this is what the line looks like when it gets printed back into the Python log

'This is a string and it doesn't keep track of literals'

The above line is not syntactically valid, so it will break when I try to use the Python log

网友答案:

In order to address what seems to be your primary goal, i.e., to make your application's "log to be secure from edits when the program isn't using it", I would suggest to stick with commonly used standard tools that were made for purposes alike.

For example, add a digital signature:

A digital signature is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, such that the sender cannot deny having sent the message (authentication and non-repudiation) and that the message was not altered in transit (integrity). Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery or tampering.

and/or encrypt the file:

In cryptography, encryption is the process of encoding messages (or information) in such a way that third parties cannot read it, but only authorized parties can.

Both approaches are cryptographic ways to make it very hard to alter the file content undetectedly, if the used (private) encryption key is effectively kept secret.


In Python you could use GnuPG (python-gnupg) for both approaches:

The gnupg module allows Python programs to make use of the functionality provided by the GNU Privacy Guard (abbreviated GPG or GnuPG). Using this module, Python programs can encrypt and decrypt data, digitally sign documents and verify digital signatures, manage (generate, list and delete) encryption keys, using proven Public Key Infrastructure (PKI) encryption technology based on OpenPGP.

I haven't used this Python library myself, but GnuPG itself is somewhat standard, e.g., for securing e-mail communication or linux package distribution.

Note that you might need a digital signature even though you have encrypted the file this way. That's because a public key is being used for the encryption, that is by definition public. In asymmetric cryptography you need the (secret) private key to decode the ciphertext and to create a digital signature, that is to authenticate the identity of the recipient (encryption) and the sender (signature).


If you want to go with encryption plus integrity check, have a look at this library:

  • https://cryptography.io/en/latest/

That is, when the protection provided by your operating system's access control mechanisms suffice, you could just configure them restrictively and rely on that. (No need for passphrase checks then either.)

网友答案:

Is there an easy way to replace the ' in C++ with the corresponding literal similar to the replace function in Python.

Actually yes, you can use Boost libraries for that.

#include <boost/algorithm/string.hpp> 

std::string some_string("Your string");
boost::replace_all(some_string, "Your", "My");
相关阅读:
Top