First i would advise against writing your own solution, there are so many ways to do it wrong, and you need to invest a lot of time to know about all important points.
You don't need to store a key anywhere, just use the key to encrypt the data then forget the key. For decrypting you use the key as entered, if the key is correct you get back the data, otherwise you get back scrambled content.
Because users do not like to type strong keys and prefere passwords, you should use a key-derivation function like BCrypt or PBKDF2 (Password-Based-Key-Derivation-Function-2), which can translate a password to a key.