[Esapi-user] store encyrptor.masterkey encrypted

chrisisbeef at gmail.com chrisisbeef at gmail.com
Fri Jan 29 15:14:13 EST 2010

Hi Yi Li -

Which version of the ESAPI are you working with?

On Fri, Jan 29, 2010 at 11:48 AM, Yi Li <yi.li26 at gmail.com> wrote:
greetings, all:
    will appreciate if anyone could provide insight here.
    I would like to store the master encryption key (encryptor.masterkey) with some sort of protection, instead of keeping it clear text in the properities file even though i can place access control via the file system.
   i am thinking to either store the encryption key either in a database or in a flat file but encrypted (where to store the master's master key become another problem to solve).
   will appreciate if anyone could point me to an implementation that will support this or point me the way to write my own implementation to implement this.
  thanks in advance.

Esapi-user mailing list
Esapi-user at lists.owasp.org

Chris Schmidt


Check out OWASP ESAPI for Java

OWASP ESAPI for JavaScript

Yet Another Developers Blog

Bio and Resume

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/esapi-user/attachments/20100129/7bbd6670/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 271 bytes
Desc: OpenPGP digital signature
Url : https://lists.owasp.org/pipermail/esapi-user/attachments/20100129/7bbd6670/attachment.bin 

More information about the Esapi-user mailing list