Stack Overflow
Stack Overflow

Questions tagged [key-management]

93 questions
5
votes
1 answer

Is there a command line tool to generate symmetric keys in a Java keystore?

I am writing a procedure about key renewing for my application. This procedure will be executed by a sysadmin every year or so. In my application, there is a symmetric key used to cipher some data before storing it in the database. This key is…
cbliard
  • 7,051
  • 5
  • 41
  • 47
5
votes
1 answer

pricing encrypting RDS with KMS

i want to encrypt my RDS instance from Amazon Web Service but i dont know the explanation of the pricing. It says that each API request of AWS Key Management Service costs $0.03 per 10,000 requests. Every query means an API request or every…
mgg
  • 321
  • 1
  • 2
  • 10
5
votes
2 answers

How do I separate an encryption key into parts?

I have a 128 bit encryption key that I would like to break up into three parts that when XOR'ed together reproduce the key. How do I do this?
crawfish
  • 853
  • 4
  • 11
  • 14
4
votes
1 answer

Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingProvider[48] An error occurred while reading the key ring

This issue only comes when i deploy the ASP .NET Core 2.1 Web App on shared hosting. I am using Azure Key vault with PersistKeysToFileSystem. Web App is working good on my development machine and on Azure App with and without Azure Key Vault using…
Zubair Rana
  • 2,006
  • 2
  • 15
  • 38
4
votes
0 answers

Using keytool to list secret key

I used keytool to generate the secret key: keytool -genseckey -alias mykey -keyalg AES -keysize 256 -storetype jceks -keystore mykeystore Then, the following command will list information about mykeystore: keytool -list -keystore mykeystore…
klichen
  • 49
  • 1
  • 2
4
votes
1 answer

How to encrypt client-side with AWS KMS using the C# SDK

Is there already a C# library for encrypting and decrypting data using Amazon's Key Management Service (KMS) but without sending your sensitive data to Amazon (i.e. using "envelope encryption" as described in their developer guide)? Something that…
KingPong
  • 1,439
  • 1
  • 16
  • 22
4
votes
2 answers

Developing a web application that automatically rotates encryption keys used to encrypt data stored in a database

Assuming I have a ASP.NET MVC 3 application that runs in a web farm where each web server belongs to a workgroup (as appose to a domain with shared accounts). The web farm is also auto scalable, meaning that the number of instances are dependent on…
bloudraak
  • 5,902
  • 5
  • 37
  • 52
4
votes
1 answer

Encrypt Patient Data

I am going to use AES_ENCRYPT() and AES_DECRYPT to store patient data in an EMR System, and I was wondering how to store the key. I need to be able to allow authorized users access to that key in order to decrypt and read the data that is stored in…
user658096
3
votes
1 answer

Can't create new session keyring with keyctl

According of a documentation I have to create new session keyring when my script starts. keyctl new_session Sometimes the command returns the new keyring ID but often I get error message: keyctl_session_to_parent: Operation not permitted When it…
darvud
  • 31
  • 4
3
votes
1 answer

How do I correctly store encryption keys on macOS so only my executable can access them?

Introduction Basically, how/where do I persist encryption keys my executable needs? Let me explain how my executable looks like. It's basically a Swift script that is compiled using swift build --configuration=release…
swift-lynx
  • 3,219
  • 3
  • 26
  • 45
3
votes
0 answers

How to make PKCS12 (PKCS#12) contain more than one private key in .p12 container?

I used Openssl to create a PKCS12 .p12 container storing a private key, server certificate and a CACertificate (Self signed) and I was able to export/parse the same successfully. But I want to know how I can add more than one Private key to the…
Arun kumar R
  • 235
  • 3
  • 12
3
votes
0 answers

How to implement a KMS client as server-agnostic as possible?

Given an application that has to acquire private keys (mainly RSA ones) from a Key Management System (KMS), which could be a Hardware Security Module (HSM), what could be the best way to implement that kind of client if there's no way to know in…
Vrakfall
  • 966
  • 7
  • 13
3
votes
1 answer

How are KMIP and PKCS#11 related?

I understand that PKCS#11 is std that defines cryptoki API and KMIP is a protocol that defines message format, but how they are connected or are they even interconnected? How they both hold their individual significance in cryptography?
TheBeginner
  • 405
  • 5
  • 23
3
votes
2 answers

Best practices for key/certificate management

I'm deploying hundreds/thousands of small servers that communicate with my hosted mothership via HTTPS and ssh. What are the best practices for managing SSL client certs (for https) and ssh keys, when either might need to be revoked? I'm thinking…
Bill Gribble
  • 1,797
  • 12
  • 15
3
votes
3 answers

Encryption Key Management Software and Transparent Data Encryption MySQL

For PCI compliance, is there any recommended Encryption Key Management Software? Open source preferable, but commercial is ok too. Is there a tool or software that provides both?
Prabhu R
  • 13,836
  • 21
  • 78
  • 112
1
2
3 4 5 6 7