在编译的C或C ++代码中加密密码 [英] Encrypting password in compiled C or C++ code
问题描述
我知道如何使用GCC和CC在终端中编译C和C ++源文件,但是我想知道一旦编译,是否可以安全地在这些文件中包含密码。
I know how to compile C and C++ Source files using GCC and CC in the terminal, however i would like to know if its safe to include passwords in these files, once compiled.
例如..我检查某个密码的用户输入,例如123,但是编译的C / C ++程序可能被反编译。
For example.. i check user input for a certain password e.g 123, but it appears compiled C/C++ programs is possible to be decompiled.
无论如何编译一个C / C ++源文件,同时保持源完全隐藏..
如果没有,任何人都可以提供一个小例子加密输入,然后检查密码例如:(SHA1,MD5)
Is there anyway to compile a C/C++ source file, while keeping the source completely hidden.. If not, could anyone provide a small example of encrypting the input, then checking against the password e.g: (SHA1, MD5)
推荐答案
不建议在代码中保留任何敏感的静态数据。您可以使用配置文件。
It is not recommended to keep any sensitive static data inside code. You can use configuration files for that. There you can store whatever you like.
但是如果你真的想这么做,请记住,通过调试器调试并修改代码可以很容易地改变代码。只有用户无权访问的程序才能被视为更安全的(例如网站)。
But if you really want to do that first remember that the code can be easily changed by investigating with a debugger and modifying it. Only programs that user doesn't have access to can be considered safer (web sites for example).
大多数登录密码不同的网站)不是存储在数据库中,而是用算法MD5,SHA1,Blowfish等加密。
The majority of login passwords (of different sites) are not stored in clear in the database but encrypted with algorithms MD5, SHA1, Blowfish etc.
I'd suggest you use one of these algorithms from OpenSSL library.
我会做的是使用一些公钥加密算法。这可能需要一段时间才能破解,因为我认为在谈论软件保护时没有100%的确定性。
What I would do is using some public-key cryptographic algorithm. This will probably take a little longer to be cracked because in my opinion there is nothing 100% sure when talking about software protection.
这篇关于在编译的C或C ++代码中加密密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
