Geek Answers Handbook

Storing public and private keys in a database or keystore

I am making a web service that will store public and private keys for each record in a database table.

Keys are created using Java, but I'm not sure if I create a keystore or place keys directly inside database fields.

Which option would you recommend and what are the advantages of each method?

+5
source share
4 answers

If you use a keystore, you will use a database designed to store encrypted items, such as keys and certificates.

. ? , , , Java.

+5

http, , . keystore = KeyStore.getInstance( "JKS" ), .

, ( ), "keystore" = > , = > KeyStore.getInstance( "PKCS12" )

, , , . Keystores , . keystore.store(OutPutstream, password)..

, , :

@Entity
public class MyKeyStoreClass {
private Long id;
@Transient
private KeyStore keystore;
private String passwordForKeyStore;
private Byte[] keyStoreAsBytes;

@PreUpdate
@PrePersist
public void concertKeyStoreToBytes() {
   ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        keystore.store(byteArrayOutputStream,
                passwordForKeyStore.toCharArray());
   keyStoreAsBytes = byteArrayOutputStream.toByteArray();
}

@PostLoad
public void getKeyStore() {
   if (keystore == null && keyStoreAsBytes != null) {
      keyStore = KeyStore.getInstance(getKeystoreType().getType());
      keyStore.load(new ByteArrayInputStream(keystoreAsBytes), passwordForKeyStore.toCharArray()); 
   }    
}

100% , , . , , , ;)

+2

? . , , , . , .

+1
source

you may have a database for storing userinfo rather than keys, for keys it is better to use a keystore. therefore userinfo may contain {name, symmetric pass / hash, ...} and using the name, you should be able to identify the key entry in the keystore. Remember again, do not use global (user, pass) to read the keystore, use user permission instead.

0
source

More articles:


All Articles