Windows Regitry - Encryption Key storage

From: Harman Sahni (HarmanSahni_at_Hotmail.com)
Date: 06/30/04

Next message: Henk Verhoeven: "Re: Should be simple: installation dialogs"
Previous message: John Spiegel: "Should be simple: installation dialogs"
Next in thread: Harman Sahni: "Re: Windows Regitry - Encryption Key storage"
Reply: Harman Sahni: "Re: Windows Regitry - Encryption Key storage"
Messages sorted by: [ date ] [ thread ]

Date: Wed, 30 Jun 2004 12:56:46 -0400

We have a public and private key pair for Credit Card data encryption.
The database part is all done where we generated the key pair.

Public key resides in the database for encryption and we intend to store the
private key in the registry of Windows 2003 server from which our
application will pass it to the stored proc to decrypt back the data.

Problem is that when we use the "Multi-String" value in the registry to
store the private key which looks something like

"----- BEGIN KEY
fooo
bar
tar
"

we get the error "Data of type REG_MULTI_SZ cannot contain empty strings,
Registry editor will remove all empty strings found and hence it messes up
the Key format.

Question: How can we store the key in the registry?

Any help is appreciated!

Rgds,
-H

Next message: Henk Verhoeven: "Re: Should be simple: installation dialogs"
Previous message: John Spiegel: "Should be simple: installation dialogs"
Next in thread: Harman Sahni: "Re: Windows Regitry - Encryption Key storage"
Reply: Harman Sahni: "Re: Windows Regitry - Encryption Key storage"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: Windows Regitry - Encryption Key storage
... > We have a public and private key pair for Credit Card data encryption. ... > The database part is all done where we generated the key pair. ...
(microsoft.public.dotnet.general)
Re: Access token usb
... I issue thumbdrives to each user, each with an embedded private key, ... I encrypt the various sections of the database with a different ... control of a subscriber sharing decrypted information inappropriately. ... I need some one-way mechanism to load the fob with some ...
(comp.lang.java.programmer)
Re: Can Windows be pointed to other locations for private keys?
... It lists numerous Registry keys pointing to physical locations. ... stronger, but EFS is not a bad idea, just relying on log on security to ... protect the private key is a bad idea. ... > EFS requires Microsoft's own CSPs, ...
(microsoft.public.platformsdk.security)
Re: Protecting private key on a soft cert
... CSP protection for MS providers in W2k+ is based on DPAPI. ... > stores an encrypted version in the registry. ... > can somebody give me any further details on private key protection? ... is there some message generated to decrypt the private ...
(microsoft.public.platformsdk.security)
Re: Reinstall Enterprise CA server?
... If you do a backup of the database and private key using the certification ... options on install to preserve the existing database. ...
(microsoft.public.windows.server.security)