如何在代码中安全地存储PrivateKey [英] How to securely store a PrivateKey in code
问题描述
我正在开发一个软件项目,应用程序最终会在不受信任的环境中运行。我需要执行一些辅助加密签名(这意味着这不是保护数据的主要手段),但不希望将此密钥保留在普通视图中:
I'm working on a software project where the application will end up being run in an untrusted environment. I have a need to perform some ancillary cryptographic signing (meaning this is not the primary means of securing data), but do not wish to leave the key in plain view as such:
private static final String privateKey = "00AABBCC....0123456789";
我可以使用什么方法来合理保护?我知道没有什么是充分的证据,但这将在安全墙中添加一个额外的层。
What method can I use to reasonably secure this? I'm aware that nothing is full proof, but this will add an extra layer in the security wall.
澄清:我有什么本质上是一个字符串我不想在调试器或通过反射容易拔出。我知道类文件的反编译基本上可以渲染这个模糊,但这是一个可以接受的风险。
For clarification: I've got what is essentially a String that I don't wish to have easily pulled out in a debugger or via reflection. I'm aware that decompilation of the class file could essentially render this moot, but that's an acceptable risk.
显然存储的关键离线将是理想的,但我可以'保证互联网访问。
Obviously storing the key offsite would be ideal, but I can't guarantee Internet access.
推荐答案
在不受信任的环境中确保密钥是不可能的。你可以模糊你的代码,你可以从任意变量创建一个键,无论什么。最后,假设你使用标准的 javax.crypto 库,你必须调用 Mac.getInstance()有时,您将在该实例上调用 init()。
It's impossible to secure a key in an untrusted environment. You can obfuscate your code, you can create a key from arbitrary variables, whatever. Ultimately, assuming that you use the standard javax.crypto library, you have to call Mac.getInstance(), and sometime later you'll call init() on that instance. Someone who wants your key will get it.
然而,我认为解决方案是你把密钥绑定到环境,而不是程序。签名意味着数据源自已知源,并且没有被篡改,因为该源提供它。目前,您试图说保证我的程序生成的数据。相反,将您的要求更改为保证我的程序的特定用户生成数据。然后将该用户转移给该用户以照顾他/她的密钥。
However, I think the solution is that you tie the key to the environment, not the program. A signature is meant to say that the data originated from a known source, and has not been tampered with since that source provided it. Currently, you're trying to say "guarantee that my program produced the data." Instead, change your requirement to "guarantee that a particular user of my program produced the data." The onus is then shifted to that user to take care of his/her key.
这篇关于如何在代码中安全地存储PrivateKey的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
