Reputation: 127
keep the password while reading encrypted file in C/C++ program
I need to open and read an encrypted file in a C++ program. Do I need to keep the password in the program? Are the user able to get the password when the program is disassembled?
What's the best way to keep the user away from the password?
Upvotes: 1
Views: 214
Answers (2)
Reputation: 371
Another simplistic solution (provides very basic security only - may be succeptible to hacker attack )
- Create your password file in a directory on which users have no permission.
- Provide users only execute permissions to the executable but use setuid so that they can run the executable as you.
- In the exe read the password from the file kept in a directory that only you have permission to. (created in step 1).
Upvotes: 0
Reputation: 1622
If you just put the password hard coded then, yes. With some dissassembly it is easy to get the password (you don't even need to dissassemble fully, only get the strings). You can try to obfuscate the password somehow, such as computing a hash of something that creates the password (this is very simplistic). In the end if you give someone an encrypted file and a program that opens that file you can't really hide that information from them.
Upvotes: 1
Related Questions
- How to decrypt a file in memory?
- Reading in Encrypted Username/Password
- Decrypt a file with a password with c++/openssl
- How to encrypt a file and hide password
- C Encrypt data in file.txt
- Encrypt password in C source code
- Encrypting a file from a password using libgcrypt
- Read from a simple encrypted file C++
- Encrypt password for storing
- What is the best way to encrypt a text file in C/C++?