dongqian0763 2014-07-17 19:33
浏览 202

解密数据时保护我的RSA私钥密码

I generated a public and private key to use for encryption purposes. There is a passphrase connected to the private key but I know I shouldn't be showing it in plain text like this.

What should I do to protect this password so it isn't shown in plain-text?

// $data = encrypted data using RSA public key
// $key = the key that came along with the encrypted data

// find private key
$pkeyid = openssl_get_privatekey("file:///path/to/private.pem", "PASSWORD");

// try and decrypt the data using private key
openssl_open($data, $decrypted_data, $key, $pkeyid);

// if all went well, show decrypted data
echo $decrypted_data;
  • 写回答

1条回答 默认 最新

  • dtdt0454 2014-07-17 20:02
    关注

    There are various ways to do this to what extent do you need to go to protect your password(s)?

    Why not save it in a secure file and read it in when needed?

    Below is a list of levels you can go through to ensure maximum protection of master keys. Each step will add more protection to the previous step.

    1. Isolation of the masterkey in a repository on a secure server
    2. Restriction of access to server containing the masterkey
    3. Encryption of the masterkey in the repository. (See Red Key/Black Key)
    4. Randomness and frequent changing of the masterkey
    评论

报告相同问题?

悬赏问题

  • ¥100 set_link_state
  • ¥15 虚幻5 UE美术毛发渲染
  • ¥15 CVRP 图论 物流运输优化
  • ¥15 Tableau online 嵌入ppt失败
  • ¥100 支付宝网页转账系统不识别账号
  • ¥15 基于单片机的靶位控制系统
  • ¥15 真我手机蓝牙传输进度消息被关闭了,怎么打开?(关键词-消息通知)
  • ¥15 装 pytorch 的时候出了好多问题,遇到这种情况怎么处理?
  • ¥20 IOS游览器某宝手机网页版自动立即购买JavaScript脚本
  • ¥15 手机接入宽带网线,如何释放宽带全部速度