stackoom
  简体   繁体   中英

Using a password to protect private key in c++

 原文  2015-12-30 14:20:51       c++/ encryption/ private-key

Question

I'm planning to write a little application with the basic idea that users are able to share encrypted information with each other. A little scenario: Alice writes a memo (data format is known), the application encrypts this memo and saves the memo on the application server. Now Alice wants to share this memo with Bob. Alice opens the application, searches for user "Bob" and receives the public key of Bob. The application encrypts the memo with Alice and Bob's key and saves the memo on the server. Now Bob is also able to read the memo.

The private key of the user only belongs to the device where the application is installed. It is never transferred over network. Nevertheless I would like to 'encrypt' the private key with the password of the user, so it can be stored in a (relative) secure way on the device and only be 'decrypted' if the correct password is entered. The key itself should not be altered if the password of the user changes, because this would cause that all data will have to be encrypted again with this new key. Instead the user will have to enter the old passphrase, the key is decrypted and encrypted again with the new passphrase.

Is there any function (maybe in OpenSSL?) to 'encrypt' or protect a key with a passphrase?

Note: the private key may or may not be stored in a keystore. because the application will run on many plattforms it is not clear in advance which keystore is available.

2 answers

solution1
 4 ACCPTED  2015-12-30 14:33:07

Is it possible to integrate PGP in my own applications?

GnuPG Made Easy (GPGME) "is a library designed to make access to GnuPG easier for applications. It provides a High-Level Crypto API for encryption, decryption, signing, signature verification and key management."

solution2
 3  2015-12-30 14:29:57

Using OpenSSL you can save your key in a protected form ( BEGIN RSA ENCRYPTED... ). An exemplary function you may want to use (I'm omiting all the operations required beforehand, but they're pretty elementary). 

PEM_write_PKCS8PrivateKey(pFile, m_pKey, cipher, sPass, iPassLen, 0, NULL)

where cipher is your encryption algorithm, of appropriate type. More (with examples!) here: https://www.openssl.org/docs/manmaster/crypto/pem.html

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to import private key in PEM format using WinCrypt and C++? C++ Code Encryption without using password nor key Protect private key in Qt application C++ OpenSSL export private key Store a private key and a certificate in C++/OpenSSL Private key for RSA decryption C++ How to find private key in token by using X509 certificate modulus in C++ How to export a password-protected private key using MS CryptoAPI? Using Member Variables That Are Private c++ Protect c++ dll file
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM