Safe storage of RSA private keys before binding to X.509 cert

Matthew Hall mhall at mhcomputing.net
Wed Feb 20 03:03:51 UTC 2013 

Abandon all hope, ye who import sun.* ? :-D

On Wed, Feb 20, 2013 at 02:54:08AM +0000, mstjohns at comcast.net wrote:
> Use the source Luke.  
> 
> Sent from Comcast mobile
> 
> -----Original Message-----
> From: Matthew Hall
> To: mstjohns
> Cc: security-dev
> Sent: 2013-02-20 02:48:57 +0000
> Subject: Re: Safe storage of RSA private keys before binding to X.509 cert
> 
> How could I do it with the undocumented classes? Muahahahahaha! :)
> 
> On Wed, Feb 20, 2013 at 02:36:26AM +0000, mstjohns at comcast.net wrote:
> > Not using the pkcs11 provider.  If you use the (undocumented) wrapper classes you can get more direct access to the pkcs11 libraries.  Or go with the iaik pkcs11 lobs.  
> >> Sent from Comcast mobile
> >> -----Original Message-----
> > From: Matthew Hall
> > To: mstjohns
> > Cc: security-dev
> > Sent: 2013-02-20 02:27:21 +0000
> > Subject: Re: Safe storage of RSA private keys before binding to X.509 cert
> >> Is there a more elegant way?
> >> On Wed, Feb 20, 2013 at 02:24:40AM +0000, mstjohns at comcast.net wrote:
> >> Store the private key with a self-signed certificate.  Replace the cert when it is issued.  
> >>> Sent from Comcast mobile
> >>> -----Original Message-----
> >> From: Matthew Hall
> >> To: security-dev
> >> Sent: 2013-02-20 00:27:51 +0000
> >> Subject: Safe storage of RSA private keys before binding to X.509 cert
> >>> Hello,
> >>> I have a question about safely storing RSA private keys while waiting for a 
> >> Cerification Request to be processed remotely so a signed X.509 Certificate 
> >> will be returned.
> >>> I want to store it inside the PKCS #11 KeyStore so it will be protected while 
> >> we wait for the Certificate to become available, so that both can be bound 
> >> together and then stored.
> >>> However, the KeyStore APIs prevent this from succeeding:
> >>> If public final void setKeyEntry(String alias, byte[] key, Certificate[] 
> >> chain) is used with keyPair.getPrivate().getEncoded(), it throws 
> >> UnsupportedOperationException.
> >>> If public final void setKeyEntry(String alias, Key key, char[] password, 
> >> Certificate[] chain) is used, it throws java.lang.IllegalArgumentException: 
> >> Private key must be accompanied by certificate chain.
> >>> If one creates a RAW-type SecretKey using SecretKeySpec privateKeySpec = new 
> >> SecretKeySpec(privateKeyBytes, "RAW"), and attempts to store the RAW 
> >> SecretKey, it throws java.security.KeyStoreException: Cannot convert to PKCS11 
> >> keys caused by java.security.InvalidKeyException: Unknown algorithm RAW.
> >>> How is one supposed to store the RSA PrivateKey in a FIPS-safe way, if the 
> >> KeyStore refuses to handle it via any of these APIs? Several threads on 
> >> StackOverflow also mentioned this issue, with no known workaround.
> >>> Regards,
> >> Matthew.

More information about the security-dev mailing list