Cache the contents of KeyStore and convert it to a InputStream

Question

I am using AES to accomplish symmetric-key encryption. I store the Key in a password protected KeyStore.

the api exposes the following for loading the key from keystore

keyStore.load(inputStream, keyStorePassword.toCharArray()); 

so everytime when i want to enrypt or decrypt , i have to pass the inputstream which is atleast in my opinion a performance hit as it has to read the content everytime afresh.

Could you anyone please help me out with the strategy of storing it in memory and from then on accessing it and converting to a InputStream?

Note : i did try to read the contents of the keystore to String (UTF-8)and convert it to InputStream and passed it to the api .But it spit out following exception

java.io.IOException: Invalid keystore form

Answer 1

Thanks for the responses. I am all for the below alternative.

I would Load the keystore once and extract the SecretKey and assign to an instance or class variable of the class you are using and then use the SecretKey whenever one need to encrypt or decrypt

Answer 2

The KeyStore is in some binary format. Converting it to a UTF-8 string is no good. You could use a ByteArrayInputStream which uses a byte buffer.

But: in my opinion doesn't count when it comes to performance optimization. You should do some profiling to check whether this really impacts performance. Because it shouldn't. The operating system does cache too and most probably won't read the same file from disk over and over again if it didn't change in the meantime. Programmers usually are extremely bad at judging which parts of a program are performance hogs and which aren't.

Also: It has a reason that passwords usually are provided via char arrays: You have total control over the content of the array and can clear it once it isn't needed anymore. The password should stay in memory as short as possible. You don't have that kind of control with simple strings (you don't know when they are garbage collected).