从 libsodium 中的密码生成密钥对
Generating key pair from passphrase in libsodium
我想根据 libsodium 的密码确定性地生成 public/private 密钥对。
Whenever/wherever 用户输入他的密码,s/he 将得到相同的密钥对。
我的方法是以某种方式获取密码(例如,fgets),用crypto_generichash散列它,然后使用散列作为crypto_sign_seed_keypair:[=15的种子=]
#include <assert.h>
#include <string.h>
#include <sodium.h>
int main (void) {
char passphrase[1024];
printf("ENTER PASSPHRASE: ");
{
char* ret = fgets(passphrase, sizeof(passphrase), stdin);
assert(ret != NULL);
assert(passphrase[strlen(passphrase)-1] == '\n');
passphrase[strlen(passphrase)-1] = '[=10=]';
}
unsigned char hash[crypto_generichash_BYTES];
{
int ret = crypto_generichash(hash, crypto_generichash_BYTES,
(unsigned char*)passphrase, strlen(passphrase),
NULL, 0);
assert(ret == 0);
}
unsigned char pk[crypto_sign_PUBLICKEYBYTES];
unsigned char sk[crypto_sign_SECRETKEYBYTES];
{
assert(crypto_generichash_BYTES == crypto_sign_SEEDBYTES);
int ret = crypto_sign_seed_keypair(pk, sk, hash);
assert(ret == 0);
}
printf("PUBLIC KEY:\n");
for (int i=0; i<crypto_sign_PUBLICKEYBYTES; i++) {
printf("%02X ", pk[i]);
}
printf("\n");
printf("PRIVATE KEY:\n");
for (int i=0; i<crypto_sign_SECRETKEYBYTES; i++) {
printf("%02X ", sk[i]);
}
printf("\n");
return 0;
}
假设密码强度高,这个方案安全实用吗?
您的代码很好,但即使是 "strong" 密码也有相当低的熵。因此,您可能想要使用 password hashing function.
而不是通用哈希函数
我想根据 libsodium 的密码确定性地生成 public/private 密钥对。
Whenever/wherever 用户输入他的密码,s/he 将得到相同的密钥对。
我的方法是以某种方式获取密码(例如,fgets),用crypto_generichash散列它,然后使用散列作为crypto_sign_seed_keypair:[=15的种子=]
#include <assert.h>
#include <string.h>
#include <sodium.h>
int main (void) {
char passphrase[1024];
printf("ENTER PASSPHRASE: ");
{
char* ret = fgets(passphrase, sizeof(passphrase), stdin);
assert(ret != NULL);
assert(passphrase[strlen(passphrase)-1] == '\n');
passphrase[strlen(passphrase)-1] = '[=10=]';
}
unsigned char hash[crypto_generichash_BYTES];
{
int ret = crypto_generichash(hash, crypto_generichash_BYTES,
(unsigned char*)passphrase, strlen(passphrase),
NULL, 0);
assert(ret == 0);
}
unsigned char pk[crypto_sign_PUBLICKEYBYTES];
unsigned char sk[crypto_sign_SECRETKEYBYTES];
{
assert(crypto_generichash_BYTES == crypto_sign_SEEDBYTES);
int ret = crypto_sign_seed_keypair(pk, sk, hash);
assert(ret == 0);
}
printf("PUBLIC KEY:\n");
for (int i=0; i<crypto_sign_PUBLICKEYBYTES; i++) {
printf("%02X ", pk[i]);
}
printf("\n");
printf("PRIVATE KEY:\n");
for (int i=0; i<crypto_sign_SECRETKEYBYTES; i++) {
printf("%02X ", sk[i]);
}
printf("\n");
return 0;
}
假设密码强度高,这个方案安全实用吗?
您的代码很好,但即使是 "strong" 密码也有相当低的熵。因此,您可能想要使用 password hashing function.
而不是通用哈希函数