Stack Overflow
Stack Overflow

Questions tagged [key-management]

77 questions
49
votes
2 answers

How to properly do private key management

Has anyone got practical experience or a reference for a scheme that implements a key management scheme that would comply with the PCI DSS security standard? There are obviously quite a few implementations around given the number of companies…
sipsorcery
  • 28,885
  • 23
  • 95
  • 145
28
votes
1 answer

How to read a RSA public key in PEM + PKCS#1 format

I have a RSA public key in PEM format + PKCS#1(I guess): -----BEGIN RSA PUBLIC…
Mr.Teen
  • 571
  • 1
  • 6
  • 17
22
votes
3 answers

Android Secure Storage

I want to store some small but critical piece of information such as AES keys in my Android application. What would be the recommended way to do this? I do not want to hardcode keys as part of my application. I look at KeyStore but it does not…
Szere Dyeri
  • 13,926
  • 10
  • 35
  • 40
17
votes
4 answers

How to extract private keys from an ssh-agent?

ssh-add -l displays that I have 3 RSA keys added to my SSH agent. ssh-add -L displays those public keys. How do I get the private keys as well, so that I can save them to a file? Or is it by design that this is impossible? How does it work then? Can…
pts
  • 64,123
  • 15
  • 92
  • 159
15
votes
4 answers

data encryption and key management in c#

Which route to take, whats the pros and cons, which is more secure.. 1) Generate AES key, encrypt the data with it and then encrypt the AES key with RSA, save the encrypted data and encrypted AES key to a file and RSA keypair to a KeyContainer. 2)…
hs2d
  • 5,523
  • 18
  • 58
  • 97
14
votes
1 answer

What is the appropriate way to manage API secrets within a Google Apps script?

If I write a google apps script, and within the script I need to invoke third party APIs or make database calls, what is the appropriate way of managing secret API keys and passwords? Is there any risk in placing the secrets directly within the…
Master_Yoda
  • 842
  • 7
  • 17
14
votes
4 answers

How to retrieve my public and private key from the keystore we created

My task is the following: Retrieve my public and private key from the keystore I created. Use these keys to encrypt a paragraph using my RSA 2048-bit public key. Digitally sign the result using the DSA-SHA-1 signature algorithm. Save the digital…
Zack Ef
  • 143
  • 1
  • 1
  • 5
14
votes
6 answers

Open Source Key Management Solution

I am researching Key Management Solutions in order to become PCI compliant. I have spoken to a number of vendors in the arena, and while I like their products, the cost is beyond my budget. Is anyone aware of any open source or low cost solutions…
Dave
  • 387
  • 3
  • 4
  • 16
12
votes
2 answers

programmatically import .cer certificate into keystore

How can I import a .p12 certificate from the classpath into the java keystore? First I used the InstallCert https://code.google.com/p/java-use-examples/source/browse/trunk/src/com/aw/ad/util/InstallCert.java and did some changes so the server…
Pali
  • 1,259
  • 1
  • 12
  • 36
11
votes
2 answers

Is there an opensource library implementing DUKPT or ANSI X9.24

I'm tasked with implementing a decryption functionality against a device using the DUKPT protocol/scheme/algorithm. The encryption algorithm itself is just DESede which is easy to work with and have good library support(JCE, BouncyCastle). The…
Hyangelo
  • 4,644
  • 4
  • 22
  • 33
10
votes
5 answers

Where can I learn about proven methods for sharing cryptographic keys?

Suppose that a group wants to encrypt some information, then share the encryption key among the group members in a way that requires the consensus of the group to decrypt the information. I'm interested in a variety of scenarios where the breadth of…
erickson
  • 249,448
  • 50
  • 371
  • 469
7
votes
3 answers

What happens to OpenPGP-signed git commits after key expiration?

If I sign a git commit with an OpenPGP key that has an expiration date, what does that mean for people looking at that commit after the expiration date? Should all keys used for commit signing like this be permanent? What if the verifying party have…
Captain Man
  • 5,651
  • 3
  • 41
  • 64
5
votes
3 answers

Why shouldn't a private key be stored verbatim or in plain text on the local computer?

I was reading this: http://msdn.microsoft.com/en-us/library/tswxhw92(VS.80).aspx The first sentence says: "Asymmetric private keys should never be stored verbatim or in plain text on the local computer." What's the problem with this? And how…
Scott Langham
  • 53,246
  • 34
  • 122
  • 193
5
votes
1 answer

Are there any published extensions to PKCS#12?

PKCS#12 is a convenient way to lump together a private key with its corresponding X.509 certificate into a standardized single file format. However, the specification was published by RSALabs in 1999 and uses only RC4, RC2 and TripleDES for…
Henrick Hellström
  • 2,311
  • 14
  • 17
5
votes
1 answer

Is there a command line tool to generate symmetric keys in a Java keystore?

I am writing a procedure about key renewing for my application. This procedure will be executed by a sysadmin every year or so. In my application, there is a symmetric key used to cipher some data before storing it in the database. This key is…
cbliard
  • 6,292
  • 5
  • 36
  • 45
1
2 3 4 5 6