mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-06-13 06:34:57 +03:00
mukul975
1.6 KiB
1.6 KiB
RSA Key Pair Management Template
Key Generation Checklist
- Select key size (minimum 3072 bits for new deployments)
- Generate key pair using secure random number generator
- Protect private key with strong passphrase (AES-256)
- Compute and record key fingerprint (SHA-256)
- Set restrictive file permissions on private key
- Store public key in accessible location
- Document key metadata (size, algorithm, creation date)
Key Metadata Template
{
"key_id": "rsa-prod-001",
"algorithm": "RSA",
"key_size": 4096,
"public_exponent": 65537,
"fingerprint_sha256": "<hex-digest>",
"created_at": "2024-01-01T00:00:00Z",
"expires_at": "2025-01-01T00:00:00Z",
"usage": ["sign", "verify"],
"owner": "security-team",
"version": 1
}
Key Rotation Schedule
| Environment | Rotation Frequency | Grace Period |
|---|---|---|
| Production | 12 months | 30 days |
| Staging | 6 months | 14 days |
| Development | 3 months | 7 days |
Quick Reference
from cryptography.hazmat.primitives.asymmetric import rsa, padding
from cryptography.hazmat.primitives import hashes, serialization
# Generate
key = rsa.generate_private_key(public_exponent=65537, key_size=4096)
# Sign (RSA-PSS)
signature = key.sign(data, padding.PSS(
mgf=padding.MGF1(hashes.SHA256()),
salt_length=padding.PSS.MAX_LENGTH), hashes.SHA256())
# Verify
key.public_key().verify(signature, data, padding.PSS(
mgf=padding.MGF1(hashes.SHA256()),
salt_length=padding.PSS.MAX_LENGTH), hashes.SHA256())