I have written a program which trigger some task in it when it got a particular message(let's say "task1") in it's TCP server socket. actually i don't want to trigger by the same message, because someone who connect to this device can trigger the task. I can encrypt the message and i also encrypt using AES-CBC mode. okey.. i got different message but the different messages can also trigger the task (if someone got the encrypted message can trigger the task by sending the same message)....
my goal: triggering the task by different temporarily valid message.
What i have done:
1) First, i communicate the two device in (AES-CBC encrypted). in this communication i share a temporary '(a salt)',{salt is generated from UUID}. this salt is store in a variable.
2). Secondly, when they got the salt, the tcp cleint add the server's salt to it messages and then encrypt the message and send back to the server
3). Third, the tcp server decrypted the message and check the salt is valid or not(by checking in its variable). if the salt is valid, the task is trigger, if not the task not trigger.the salt is also removed from the variable
in this whole process the every message is not same. so even a hacker grab a peice of message, he will not able to trigger the task by sending the same messsage(let's assume he don't know the AES encryption key)
I am happy with my logic. but the problem is that it is very lengthy and i sometime feels i am re inventing wheel. So if there is some better way or better library please suggest me.
Aucun commentaire:
Enregistrer un commentaire