什么是嵌入Java code里面的密码最安全的方法是什么? [英] What's the most secure way to embed a password inside Java code?
问题描述
我要preface通过说我知道,硬编码的客户端应用程序的密码是不好的做法,原因是多方面的这个问题。有处理这个问题的其他问题。这个问题的范围较窄,假设验证凭据必须驻留在客户端应用程序的code一些一套是你无法控制的原因。
如果某些方面比别人更好(比如:JPasswordField中存储在字符数组,而不是一个字符串密码),如果您在Java应用程序中有硬code,你会采取什么措施,使更难可读取?
更新:
应用程序的一个实例上的远程PC中,最终用户具有管理员权限运行。凭据用于在同一网络中访问数据库,所以实际的密码已经是predetermined,必须在实际code手动输入。
....如果你有硬code将其在Java应用程序中,你可以采取什么措施来使其更难被取出?
一开始,我会做该死的肯定与作出这种糟糕的决策管理责任人充分意识到,这是的从根本上造成不可挽回的不安全 1 。
然后我可能会想出一些的蹩脚的算法,组装在一个不起眼的方式,密码;例如通过建立两个字节数组和异或在一起...和分发混淆字节codeS。你可以希望做到最好是很难让有限的技能乡亲扭转从code工程师的密码。
(加密具有较强的算法的密码不会有太大的帮助,因为算法的选择和解密密钥都已经被嵌入在code。事实上,你可以梦想可以通过打败任何计划使用调试器设置在那里的密码,需要在明确的点一个断点。)
1 ...而且即使乔恩斯基特将不能够使它安全
如果某些方面比别人更好(比如:JPasswordField中在字符数组,而不是一个字符串存储密码)...
我只是想指出,的正常的推理使用字符数组持有JPasswordField中的密码之类的是为了防止坏人读出密码的核心转储或交换文件。它不会在这种情况下,真正的帮助,因为我们必须假设,坏家伙有足够的控制,从字符数组附加一个调试器到JVM并捕获字节。
I have to preface this question by saying that I'm aware that hard-coding a password in the client application is bad practice, for many reasons. There are other questions dealing with that issue. The scope of this question is narrower and assumes that authenticating credentials HAVE to reside on the client application's code for some set of reasons that are out of your control.
If some ways are better than others (for instance: JPasswordField stores the password in a char array instead of a String) and if you had to hard code it in the Java application, what measures could you take to make it harder to be fetched?
Update:
One instance of the application runs on a remote pc, where the end user has admin rights. The credentials are used to access a database in the same network, so the actual password is already predetermined and must be entered manually in the actual code.
解决方案.... if you had to hard code it in the Java application, what measures could you take to make it harder to be fetched?
For a start, I would make damn sure that the person with management responsibility for making this bad decision is fully aware that this is fundamentally and irredeemably insecure1.
Then I'd probably think up some naff algorithm that assembles the password in an obscure way; e.g. by building two byte arrays and XORing them together ... and distributing obfuscated bytecodes. The best you can hope to do is to make it difficult for folks with limited skills to reverse engineer the password from your code.
(Encrypting the password with a strong algorithm won't help much, because the choice of algorithm and the decryption key both have to be embedded in your code. Indeed, any scheme you can dream of can be defeated by using a debugger to set a breakpoint at the point where the password needs to be in the clear.)
1 ... and that even Jon Skeet wouldn't be able to make it secure.
If some ways are better than others (for instance: JPasswordField stores the password in a char array instead of a String) ...
I just want to note that the normal reasoning for using a char array to hold passwords in JPasswordField and the like is to protect against bad guys reading passwords out of core dumps or swap files. It won't really help in this case because we have to assume that the bad guy has sufficient control to attach a debugger to the JVM and capture the bytes from the char array.
这篇关于什么是嵌入Java code里面的密码最安全的方法是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
