Safe storage of RSA private keys before binding to X.509 cert
Matthew Hall
mhall at mhcomputing.net
Wed Feb 20 00:26:49 UTC 2013
Hello,
I have a question about safely storing RSA private keys while waiting for a
Cerification Request to be processed remotely so a signed X.509 Certificate
will be returned.
I want to store it inside the PKCS #11 KeyStore so it will be protected while
we wait for the Certificate to become available, so that both can be bound
together and then stored.
However, the KeyStore APIs prevent this from succeeding:
If public final void setKeyEntry(String alias, byte[] key, Certificate[]
chain) is used with keyPair.getPrivate().getEncoded(), it throws
UnsupportedOperationException.
If public final void setKeyEntry(String alias, Key key, char[] password,
Certificate[] chain) is used, it throws java.lang.IllegalArgumentException:
Private key must be accompanied by certificate chain.
If one creates a RAW-type SecretKey using SecretKeySpec privateKeySpec = new
SecretKeySpec(privateKeyBytes, "RAW"), and attempts to store the RAW
SecretKey, it throws java.security.KeyStoreException: Cannot convert to PKCS11
keys caused by java.security.InvalidKeyException: Unknown algorithm RAW.
How is one supposed to store the RSA PrivateKey in a FIPS-safe way, if the
KeyStore refuses to handle it via any of these APIs? Several threads on
StackOverflow also mentioned this issue, with no known workaround.
Regards,
Matthew.
More information about the security-dev
mailing list