Where are software based CA keys stored in the database?

These keys are stored in a PKCS#12 file, encrypted with a password. The PKCS#12 is stored in the database in the CryptoTokenData table.

When a new end entity is created, where and how is the password stored?

A one-time password is stored hashed with BCrypt in the UserData table in the database. If the option Clear text password is enabled when adding the user the password is stored in clear text, to be used for server-side generation. Clear text passwords are obfuscated with built-in password-based encryption. This is not considered a secure encryption, only for obfuscating so it is not possible to see (and remember) clear text passwords.

If I enable key recovery, where are the end entities' private keys stored in the database?

The private keys for key recovery are stored in the KeyRecoveryData table in the database. The data is encrypted with the CAs encryption key in a CMS (PKCS#7) structure using RSA and AES256. The private keys are only stored if key recovery is enabled.

For more information, see Key Recovery.

What is EJBCA's export classification (ECCN code)?

In theory, EJBCA would be classified under ECCN code 5D002.c.1, and the PrimeKey PKI Appliance under 5A002.a.1 and approved for export under License Exception TSU. Refer to the Bureau of Industry and Security website for further details.

However, in EJBCA, SignServer and the PrimeKey PKI Appliance encryption is only used for authentication and digital signatures. The products are therefore not controlled according to 5D002.c.1 or 5A002.a.1.

I get the error "Signature was not correctly verified" when running an HSM in FIPS mode

You have probably set the same key to be used for signatures and encryption, which is not allowed according to FIPS. For more information on HSMs, see Hardware Security Modules (HSM).