[n_u_l_l]

Aside from improvements with organization and environment separation when you separate the configuration from the code (and also not having to roll your own solution), one of the security risks is that you accidentally mix up binaries. You will think that will never happen until it happens.

A bigger security threat, I think, is that you have the private key both on your server and on your computer. It adds another location where you could mix up, hackers now have 2 possible attack targets, and it's more likely that your PC gets infected than your server. Either way, now, if your PC gets infected or your server gets hacked they will have the private key, while if you only have it on your server they won't necessarily have it when your PC gets infected.

The safest solution if you don't want to store the private key unencrypted is to generate an encrypted private key with openssl. You would however need to provide the encryption key every time you start the server. You will still have the unencrypted private key in RAM, but that's inevitable and also the case with your current method. The private key (even encrypted) should never leave the server.

[herdcall]

Thanks for your response, much appreciated. I'm actually not planning to place the private key (or anything really) on the server other than the executable. I was in fact also thinking about using a password like you suggested (it's still under development). You're correct about the vulnerability of my personal computer and the need to take special care to protect the private key.

[GauntletWizard]

You are putting the private key on the server, it just happens to be encoded as data in the binary. It would not take an attacker long, looking at your executable in a sandbox, to figure out where it is - not matter how it is that you've obfuscated it.

From a threat modeling perspective, nothing you do will prevent an attacker that is able to run as your application user (or root) on your server. That's fine; The level of obfuscation you've put into place will (possibly) keep some of the script-kiddies who aren't targeting you directly from realizing they've stolen your key.

The attack you should be concerned about is on your distribution side: You can't copy that binary anywhere else without revealing your key. You can't put it in a docker image repository or a java package repository or even a s3 bucket - Because those become places that your key can be revealed. And you want to do those things. You want a copy of precisely the binary you deployed.

[herdcall]

The key will be encrypted, not obfuscated - it won't be possible to retrieve it even if they have the binary without my password. This is what you also suggested, right? I just agreed with you above. Perhaps you missed the part about using the password? I'm confused.

[GauntletWizard]

There's two objections that remain: It's impossible to rotate the key without recompiling the binary (and every recompile is an opportunity to add bugs, though a good compile environment minimizes it), and that it's easy to mess up the encryption - Are you using a PKCS12 file format with DES? That's trivially crackable (to the point that most modern libraries recommend using a builtin password). And even if you've got the encryption part right, you're left with the password distribution problem, which is exactly the same problem; You've got a small (12 characters or 4k, not a lot by modern standards) bit of sensitive data that needs to be distributed to the app at startup.

[cutemonster]

> The private key (even encrypted) should never leave the server.

What about backing it up? Or if the server disappears in a fire, the key would be gone for good and one would generate a new pub-priv key pair?

What about server whole disk snapshot backups; they'd include the key?

> it's more likely that your PC gets infected than your server

That's a good point

[GauntletWizard]

Yes, you should generate a new keypair if the server disappears in a fire. No, you should not do whole-disk backups, but if you do secure them properly.

[cutemonster]

Thanks! I like this, it's also simpler than such backups and keeping them safe