Highest Voted 'keys' Questions - Software Engineering Stack Exchange

20

votes

2 answers

REST API security: HMAC/key hashing vs JWT

I just read this article that is a few years old but describes a clever way of securing your REST APIs. Essentially: Each client has a unique public/private key pair Only the client and the server know the private key; it is never sent over the…

asked Sep 16 '15 at 13:26

smeeb

4,950
10
33
52

6

votes

2 answers

Right way to spread secret keys between microservices

I have a few services that sign some data with an asymmetric cryptography algorithm (like RSA). I need to spread some secret (private) keys between all instances of the service. I've found a few ways to do that: Share keys as configuration (looks…

security microservices configuration-management keys devops

asked Jul 27 '16 at 15:23

rootatdarkstar

163

6

votes

2 answers

What is a good way to keep track of strings for dictionary lookups?

I am working through the Windows 8 app tutorial. They have some code about saving app data like so: private void NameInput_TextChanged(object sender, TextChangedEventArgs e) { Windows.Storage.ApplicationDataContainer…

c# dictionary keys

asked Oct 06 '12 at 23:09

Justin

259

5

votes

4 answers

How does SSL relate to the Public Key Infrastructure?

ssl keys

asked Jan 11 '11 at 12:50

JHarley1

701

4

votes

1 answer

How do large corporations store API keys?

When FaceBook or Google give me an API key, are they just storing it in a database? Unlike a password, where you can hash and salt it before putting it in the database, it seems to me that a key needs to be stored as-is (or else in a reversible…

security mysql keys

asked Dec 23 '15 at 13:49

Birrel

259

4

votes

3 answers

Is this a good solution for deactivating key value pairs?

A (relatively) simple CRUD application on which I work has a lookup table which holds key-value pairs, some of which have child key-value pairs. These are used mainly in drop-down lists on the application front end. Currently there is a RowStatus…

keys lookup

asked Oct 23 '15 at 13:30

atamata

141

3

votes

6 answers

Is it smart to store application keys, ids, etc directly inside an application?

I have heard some say it isn't but they never suggest an alternative. Is this true? UPDATE Is it possible to store this external from application and have it called?

api keys

asked Apr 06 '11 at 13:23

Edward

2,179

3

votes

6 answers

How to define a natural id in database?

There are a lot of manuals. I am trying to create an database to hold information of these documents. But, there is a small problem. How can I give meaningful id to the manuals? Are there any standard or logic behind the giving meaningful id to the…

database naming standards keys

asked Jun 22 '12 at 08:07

user12278

2

votes

1 answer

How to store private ssh keys for my application?

I 've a pair of private and public ssh keys, which I'm using in encrypting and decrypting my JWT. So I'm creating and signing my JWT with my private key and shared the public key with the client who then use it to decode the JWT. Now, I'll be…

security cryptography keys

asked Apr 26 '19 at 06:01

megamind79

29

2

votes

1 answer

How to encrypt communication without hard coding key in client?

I've found description of vulnerability here. The kankun smart socket device and the mobile app use a hardcoded AES 256 bit key to encrypt the commands and responses between the device and the app. The communication happens over UDP. An attacker on…

security client-server encryption keys

asked Mar 01 '16 at 10:37

Marian Paździoch

233

2

votes

1 answer

What alogrithm is used on the smart cards for the DNSSEC Trusted Community Representatives?

I've been doing some reading about DNSSec and am interested in the algorithm that they chose to use when splitting the trusted key up between the 7 Trusted Community Representatives (TCR). I unfortunately can't find any information about the…

algorithms cryptography keys

asked May 17 '12 at 08:25

Aidos

125

1

vote

1 answer

Long dictionary/map key vs shorter key + equality check for an auth cache

I'm implementing an API key based authentication scheme and I'm caching valid API key entries (hash, scope etc.) in a memory cache. For the cache key, I had been using the first 8 characters of the base 64 representation of the key hash. I did this…

map dictionary keys

asked Jun 27 '24 at 09:41

Kyohei Kaneko

379

1

vote

0 answers

Which 'Fkey' can I safely use in a cross-platform application?

I'm developing a text editor and start to think about key bindings. Which F key (F1, F2, F11, etc.) should I use in my application, assuming that I want OS X users to be able to use it as well? I don't want to bind keys that are already used in…

keys keyboard-shortcuts

asked Feb 23 '21 at 15:53

atrefeu

119
2

1

vote

2 answers

Composite Id based on another Aggregate root?

An Aggregate Root should always have a unique ID within the bounded context. Typically the examples one finds use a GUID for this to ensure global uniqueness. However consider a bounded context for a Chat. In this case I deem messages and chats as…

domain-driven-design aggregate identity keys

asked Jan 04 '21 at 11:47

udnes99

59

1

vote

1 answer

Geolocation client side requests: Key and ID storage

I'm developing a small web-app to help users manage shopping lists. One of the required features is the ability of the application to notify the user if a shop of the same category is near him/her. To do so I'm using Foursquare API. Said API…

javascript keys geolocation

asked Jan 25 '19 at 08:35

MFranc

113

Questions tagged [keys]