Using Hard-Coded Keys and Certificates
You might want to use hard-coded keys and certificates in your application in cases where your software will be running on some kind of constrained device where a file system may not be available.
To hard-code a key or certificate into an application, your application must store the data as an array of character pointers to the actual data. The actual data must be stored in PEM format.
Each line of the PEM format key or certificate becomes an element of the array. So, the first line of the PEM file becomes the first element in the array, the second line of the PEM file becomes the second element in the array, and so on. A key can be hard-coded in an application as follows:
const char* keyData[] = {
"-----BEGIN RSA PRIVATE KEY-----",
"MIICXAIBAAKBgQC2ryS14iDA6X/VXaH016goKvbivRyjn3FCB/AH/r6KSFZaHPTP",
"GnhbCm/sG5YeutFlPGsq7FeBAKkuKS3FFkSn2uJD10Sy6oatmekMu0s7SFsxMo+e",
"GRMsnhhioh0HYhTQotl76fwUKnDGc7u2glRdGQvTl5+y0gO7DaJhN6dEKQIDAQAB",
"AoGANtdZM+jQYFk4cPsM1Y2wA27ycprG8C+7NlFfs2a8GJMiqSasL0gI/XuiocSe",
"SldW6Qc8PMR6eFWUdDEUdmf6787LNT1YBJp/M2Xuk4Gr7qR99DJS1HhdEKrumksF",
"gmWJRwTmw4rJ0o2DC61ZAN+Iul+QujGoIdHWAYAwS7zOiwECQQDor9ZB/DjKSjeu",
"j1u1E473yrP9amQXHSbuquGaH+b7Cac6GC/YfZm7YODBWp0rU8jceq+hV8vkdl79",
"ICj1+p5ZAkEAyPzKsMY6BYmzqPaFRj6KFl3WSOkTHlVyLh9+WwjYU/Iyg+1Zr1Aj",
"Qu4niGtgK7QEXvuOeVxJK3CjNkxnFfM6UQJANFZgtgTabT3WWnAqa4dTsA6q/4Qv",
"sTdAa4yKJBWq6apZL+sC0AooSwpWY4dTNMyqsFT0LjFGTkQFx5+1NubBOQJAR90j",
"eCuYiWxgIdTreF9aLn8k5HL6FAmHRviZzGEQQIvEBinyvF2SDhdraTrDazz1pySZ",
"H8mgm/itUvfkkBOk0QJBAJZ5Hw+yhiEIKV6nSHcSwGlo+mxLDzUzq0NkU7Svgfk5",
"K1gngAYDkLZGi9U1JRR0E7SbUNXs+cFpE/wzm3C85iE=",
"-----END RSA PRIVATE KEY-----"
};
NOTE: The key shown here is a real RSA private key. Do not use this or any key or certificate shipped with the Secure Sockets package in your applications. A determined attacker will probably try all example keys supplied by the cryptographic libraries.
The number of elements in the array must also be passed to the
RWAsymmetricKey or
RWX509Certificate constructor. This is normally done by passing
sizeof(keyData) divided by
sizeof(keyData[0]) as the second parameter. The complete constructor call to use the above key is:
RWAsymmetricKey key(keyData, sizeof(keyData)/sizeof(keyData[0]));
The process is similar for certificates. See the example program in examples\secsock\InlineEncryptedKeyServer.cpp.
NOTE: Your application must use the technique described in this section to encode the entire key or certificate, including the beginning and ending tag lines and any blank lines in between. Failing to do so causes an exception to be thrown by the key or certificate constructor.
