How to use keystore in Java to store private key?

Question

I have used KeyPairGenerator to generate a RSA key pair. If I\'m not wrong, the KeyStore is only used to store certificates and not keys. How can I properly sto

Answer 1

http://snipplr.com/view/18368/

OR

http://docs.oracle.com/javase/1.5.0/docs/api/java/security/KeyStore.html

OR

http://java.sun.com/docs/books/tutorial/security/apisign/vstep2.html This is most Promising

OR

It's impossible to secure a key in an untrusted environment. You can obfuscate your code, you can create a key from arbitrary variables, whatever. Ultimately, assuming that you use the standard javax.crypto library, you have to call Mac.getInstance(), and sometime later you'll call init() on that instance. Someone who wants your key will get it.

However, I think the solution is that you tie the key to the environment, not the program. A signature is meant to say that the data originated from a known source, and has not been tampered with since that source provided it. Currently, you're trying to say "guarantee that my program produced the data." Instead, change your requirement to "guarantee that a particular user of my program produced the data." The onus is then shifted to that user to take care of his/her key.