Safe storage of RSA private keys before binding to X.509 cert
mstjohns at comcast.net
mstjohns at comcast.net
Wed Feb 20 02:24:40 UTC 2013
Store the private key with a self-signed certificate. Replace the cert when it is issued.
Sent from Comcast mobile
-----Original Message-----
From: Matthew Hall
To: security-dev
Sent: 2013-02-20 00:27:51 +0000
Subject: Safe storage of RSA private keys before binding to X.509 cert
Hello,
I have a question about safely storing RSA private keys while waiting for a
Cerification Request to be processed remotely so a signed X.509 Certificate
will be returned.
I want to store it inside the PKCS #11 KeyStore so it will be protected while
we wait for the Certificate to become available, so that both can be bound
together and then stored.
However, the KeyStore APIs prevent this from succeeding:
If public final void setKeyEntry(String alias, byte[] key, Certificate[]
chain) is used with keyPair.getPrivate().getEncoded(), it throws
UnsupportedOperationException.
If public final void setKeyEntry(String alias, Key key, char[] password,
Certificate[] chain) is used, it throws java.lang.IllegalArgumentException:
Private key must be accompanied by certificate chain.
If one creates a RAW-type SecretKey using SecretKeySpec privateKeySpec = new
SecretKeySpec(privateKeyBytes, "RAW"), and attempts to store the RAW
SecretKey, it throws java.security.KeyStoreException: Cannot convert to PKCS11
keys caused by java.security.InvalidKeyException: Unknown algorithm RAW.
How is one supposed to store the RSA PrivateKey in a FIPS-safe way, if the
KeyStore refuses to handle it via any of these APIs? Several threads on
StackOverflow also mentioned this issue, with no known workaround.
Regards,
Matthew.
More information about the security-dev
mailing list