Export public key from key store without the key store password
19 views
Skip to first unread message
Chad F
Aug 8, 2016, 1:15:02 PM8/8/16
to DidiSoft Forum
Is it possible to export the public key from a keystore for a specific user id without needing the keystore password? Everything I tried requires I specify the user id and password when instantiating a KeyStore object like this:
KeyStore keyStore = new KeyStore("some_user_id", "some_password");
string publicKey = keyStore.ExportPublicKeyAsString("some_user_id");
It would be nice to have another overloaded constructor that takes a single argument: userId so I can do this:
KeyStore keyStore = new KeyStore("some_user_id");
This object would have limited capabilites and could only do things like export the public key. If I tried to decrypt with this keyStore instance or export the private key it would throw an exception about needing the password.
My goal is to allow apps/senders to retrieve the public key from a keystore using only the userid so they can encrypt messages without needing the password. Giving the keystore password to the apps/senders is obviously a security risk.
Chad F
Aug 8, 2016, 1:26:28 PM8/8/16
to DidiSoft Forum
[EDIT]
I forgot to mention the other limited capabilities a keyStore object (without a password) would have would be encryption. I want to be able to encrypt data by providing just the keystore user id.
Didisoft Support
Aug 8, 2016, 2:09:03 PM8/8/16
to didisof...@googlegroups.com
Hi Chad,
The usual parameters for the KeyStore constructor are the file location of the KeyStore and it's own password (keys are kept encrypted there).
--
You received this message because you are subscribed to the Google Groups "DidiSoft Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to didisoft_foru...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
The usual parameters for the KeyStore constructor are the file location of the KeyStore and it's own password (keys are kept encrypted there).
You received this message because you are subscribed to the Google Groups "DidiSoft Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to didisoft_foru...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Chad F
Aug 8, 2016, 3:22:49 PM8/8/16
to DidiSoft Forum, sup...@didisoft.com
Yeah, I forgot I was just using the userId as the file name of the keystore. But that doesn't answer my question.
Thanks
Didisoft Support
Aug 8, 2016, 3:34:01 PM8/8/16
to didisof...@googlegroups.com
Hi Chad,
Can you please describe your use case and more specifically what capabilities should the customers have and I can provide you suggestions afterwards.
Can you please describe your use case and more specifically what capabilities should the customers have and I can provide you suggestions afterwards.
Reply all
Reply to author
Forward
0 new messages