Writing secure data to a protected file
-
wrote on 29 May 2016, 19:51 last edited by
Hello everyone,
I was making an application today and noticed that i only can save files like this localyQByteArray txtBuffer = "txtdata"; QFile file("file.txt"); if (file.open(QIODevice::WriteOnly)) { file.write(txtBuffer); qInfo() << "[Info] Txt has been written to the disk"; } file.close();and read it like this
QByteArray txtBuffer; QFile file("file.txt"); if (file.open(QIODevice::ReadOnly)) { txtBuffer = file.readAll(); qInfo() << "[Info] Txt has been read from the disk"; } file.close();but what if that data isn't that stupid like "txtdata" but something more like progress in a game, how to save this? I could do it like this but then the player can just alter the progress in the game with a text-editor so it has more abilities or something like that. I would like to prevent this by writing to a protected location or a password-protected file, especially on Android. What is the right approach?
-
wrote on 29 May 2016, 20:21 last edited by
Hi! One simplistic approach that comes to my mind: Once you want to save the contents to your file.txt, take this content, append a secret string to it and compute a hash over everything. Then save the content (without the secret, of course) to a file. Also save the computed hash to another file. Next time, your application reads the two files, recomputes the hash and checks if they match.
-
Hi,
Thinking of something like encrypting that file ?
The CryptFileDevice project might be of interest.
-
Hello everyone,
I was making an application today and noticed that i only can save files like this localyQByteArray txtBuffer = "txtdata"; QFile file("file.txt"); if (file.open(QIODevice::WriteOnly)) { file.write(txtBuffer); qInfo() << "[Info] Txt has been written to the disk"; } file.close();and read it like this
QByteArray txtBuffer; QFile file("file.txt"); if (file.open(QIODevice::ReadOnly)) { txtBuffer = file.readAll(); qInfo() << "[Info] Txt has been read from the disk"; } file.close();but what if that data isn't that stupid like "txtdata" but something more like progress in a game, how to save this? I could do it like this but then the player can just alter the progress in the game with a text-editor so it has more abilities or something like that. I would like to prevent this by writing to a protected location or a password-protected file, especially on Android. What is the right approach?
wrote on 30 May 2016, 05:48 last edited by the_but what if that data isn't that stupid like "txtdata" but something more like progress in a game, how to save this?
Another approach for this could be QSettings with a custom format. You could set a reader and a writer function that writes encrypted data into a file.
QSettings::Format newformat = QSettings::registerFormat("cnf",read,write); settings = new QSettings("cnf/u.cnf",newformat); bool read(QIODevice &dev,QSettings::SettingsMap &map) { //your code goes here return true; } bool write(QIODevice &dev,const QSettings::SettingsMap &map) { //your code goes here return true; }For not so strong encryption you could use Simple Crypt in your read and write functions
1/4