Hints for Safe Implementation - How to protect the UPW

The API integration offers you the best compatibility and flexibility. For example, you can keep your software running in demo or limited full-product mode if the CRYPTO-BOX^® is not present.

Before starting with the CRYPTO-BOX integration into your software, we strongly recommend that you review our secure implementation notes in Chapter 17 of the Smarx^®OS Compendium. By following these suggestions, you can significantly increase the protection level of your integration.

An important point is the protection of the CRYPTO-BOX user password (UPW). If you store the UPW statically in your source code, it can be easily found by an attacker analyzing your software. Therefore it is a good idea to decrypt the UPW dynamically during program execution. These sample projects demonstrate how you can implement this securely:
www.marx.com/share/PPK/ProtectUPW-sample-CBIOS-Cpp-Delphi-31AUG2022.zip

The samples are written in C++ (Visual Studio 2015 and up) and Delphi (RAD Studio 10 and up) and are based on the CBIOS API. They can serve as a reference code which can be adapted to other development environments as well. More samples which demonstrate the usage of hardware based encryption functions of the CRYPTO-BOX can be found in the Smarx OS Professional Protection Kit (PPK) under:
[PPK root folder]\SmarxOS\API\Win\Samples\CBIOS
and:
[PPK root folder]\SmarxOS\API\Win\Samples\Security

Do you have any questions or feedback to this sample, or need support by adapting it to other languages/development environments? Please contact us!