tags:

views:

70

answers:

3
+1  Q: 

Storing public and private keys in a Database or keystore

I am making a web service that will store public and private keys for each record in a database table.

The keys are made using Java, but I am unsure weather to create a keystore or place the keys inside fields in the databbase directly.

What option would you recommend and what are the benefits of each method?

+3  A: 

If you use a keystore, you'll be using a database that has been designed to keep encrypted items, such as keys and certificates.

Wherever possible, you shouldn't try and re-invent the wheel. Will a keystore suffice in your problem? If you try and design your own database for storing these artefacts, you're going to have to re-solve problems and issues which were taken into account already when creating databases such as Java's keystore.

Noel M  2010-07-06 08:08:25
Each record in my table will need to be linked to the keys in the keystore somehow. ie. I need a way to automatically pull the private key out of the keystore (as well as information from the db) and encrypt a message then send it back to the user. So should I be storing the keystore password inside the database record? How do I get around this problem in a secure way? You see there is more than just the public/private key per row, I have id, price, name...etc.
jax  2010-07-06 09:06:14
A: 

Why does each record have a private key? This is very strange design. Private keys see generally held by entities, e.g. People, or servers acting on their behalf.

EJP  2010-07-06 10:18:27
Each record represents an application. So each application will have it's own private and public keys.
jax  2010-07-07 05:01:34
A: 

you can have a database to store userinfo not keys, for keys it is better to use keystore. so userinfo may contain {name, symmetric pass / hash, ...} and using the name you should be able to identify the key-record in the keystore. Again remember, do not use a global (user,pass) to read the keystore, use the user grant instead.

yadab  2010-10-20 09:37:18

related questions

Java Time Zone is messed up
Eclipse on win64
Automate builds for Java RCP for deployment with JNLP
Why are professors or schools picking Java over C++ to teach to students?
Is there a real benefit of using J#?
Public/Popular Websites using JavaServer Faces
Why can't I use a try block around my super() call?
Accessing post variables using Java Servlets
Personal Linux web server
Is this really widening vs autoboxing?
How can I Java webstart multiple, dependent, native libraries?
Why can't I call toString() on a Java primitive?
How do I use Java to read from a file that is actively being written?
What code analysis tools do you use for your Java projects?
IllegalArgumentException or NullPointerException for a null parameter?
How do I configure and communicate with a serial port?
What is the best way to parse strings in Java
Getting started with a custom JXTA PeerGroup
Creating a custom button in Java
How to get started "writing" a code coverage tool?
Which Build-/Configuration Management Tool?
What is the difference between an int and an Integer in Java/C#?
What is the meaning of the type safety warning in certain Java generics casts?
How would you access Object properties from within an object method?
Converting CSV File to XML in Java