I am working on a pluginengine and wanted to add support for signed plugins
and want to store which certificates are accepted by the user, I guess I should store them in a keystore but how do I safely imlpement it so that no other program can add a certificate that the user didn't accepted?
Thanks,
Evert
Ok, so is it correct that with the storepass I have read-only access to the keystore so I can view which certificates are in the keystore?
And the keypass is for to have write access to the keystore so I can add/remove certificates?
I could ask the user for the keypass when a new certificate needs to be added to the keystore but it would be nicer if would store the keypass in an encrypted file so I can fill in automaticly the keypass by reading it from the encryped file but the big problem I see is how I can I make the encrypted file save so only my application can decriped it to get the keypass? With closed software that isn't a big problem I think but with open source software it is, or am I wrong about that?
