-2
class LockdownUnlock{
    private:
        /*snip*/
        std::string rootCertificate;  //Will this protect the data?
        /*snip*/
    public:
    /*snip*/
}LDUnlock;
Ahab Devoid
  • 5
  • 1
  • 4
  • It is not clear what you want to protect against. If the application is running with the permissions of a specific user this user and more privileged users (i.e. root) can debug the application or inspect the memory. Other users cannot do it. So do you want to protect the encryption key from the user who is using the encryption? – Steffen Ullrich Apr 30 '18 at 11:21
  • Your question is not really about AES, but about perfectly hiding (any) data (which would make AES useless in the first place). And no, this is not possible. Someone who can access the program file content can get keys that are stored there, always. The solution is not to store keys there, or to not give people access to the file. – user155462 Apr 30 '18 at 11:38
  • 2
    I'm voting the question down since you've changed your original question to a completely different one, making any already existing comments and answers not matching the question anymore. Instead you should ask a new question in such cases. – Steffen Ullrich Apr 30 '18 at 12:10
  • If you binary contains the encryption keys this means that any with some expertise on debugging can find it and decrypt the code. It is not a good idea to store, in general of course, the keys on a binary. – camp0 Apr 30 '18 at 11:42

1 Answers1

1

No, the protected section of the class is to protect the variable from code on the same application, not to protect from the outside. Protected means that this variable is available to instances of this class and all subclasses. Private means the variable is acessible only from instances of this class, and public is public.

You don't even need to "reverse engineer" the application to read the certificate, reading the binary on notepad would suffice.

So no matter if you put on the private, protected, public, or hardcode it somewhere. If someone can read the binary, can read the certificate.

ThoriumBR
  • 50,648
  • 13
  • 127
  • 142