HackerTrans
热门最新趋势评论往期问答秀出招聘

bootloop

no profile record

评论

bootloop
·7年前·讨论
Well, the trick is that using a KeyStore ensures that the key doesn't leak into the application (but is only used for cryptographic operations in a trusted environment).

However, you would need the plain key to authenticate against the database so using this wouldn't work.
bootloop
·7年前·讨论
No, you can only obfuscate it but the correct way to do this is to limit the access scope of the access key.