Storing public and private keys in a Database or keystore

java encryption-asymmetric
jax picture jax · Jul 6, 2010 · Viewed 7.4k times · Source

I am making a web service that will store public and private keys for each record in a database table.

The keys are made using Java, but I am unsure weather to create a keystore or place the keys inside fields in the databbase directly.

What option would you recommend and what are the benefits of each method?

Answer

Noel M picture Noel M · Jul 6, 2010

If you use a keystore, you'll be using a database that has been designed to keep encrypted items, such as keys and certificates.

Wherever possible, you shouldn't try and re-invent the wheel. Will a keystore suffice in your problem? If you try and design your own database for storing these artefacts, you're going to have to re-solve problems and issues which were taken into account already when creating databases such as Java's keystore.

Related questions

Encryption and decryption with private key in Java

After I have read articles about Cryptography(Symmetric and Asymmetric) methods.Many articles are telling that Private key is used to encrypt and decrypt data.Public key is used to encrypt data.But When I try to start implementing in …

Read More
Any tutorials on public key encryption in java?

I've been able find information on symmetric encryption and hashing but I've been having quite a bit of trouble finding much information on any sort of public key encryption for java. What I'd like to do is make a very …

Read More
Java asymmetric encryption: preferred way to store public/private keys

This code generates a pair of public/private keys: KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA"); keyGen.initialize(1024); KeyPair keypair = keyGen.genKeyPair(); PrivateKey privateKey = keypair.getPrivate(); PublicKey publicKey = keypair.getPublic(); What I'd like to know is how do you usually store the …

Read More