Where to store encryption keys?

I think if anyplace, in your configuration file. I don't think you'd want to hard-wire something like that to a model. I understand you need to store this somewhere, but I must admit storing it anywhere makes me feel a bit uneasy from a security standpoint.

Doesn't your encryption library include guidelines for this?

Michael Glaesemann
grzm seespotcode net

If the key is stored in the same database as the encrypted data, there
isn't any point in encrypting it in the first place. And no don't use
a blob, base64 encode it and put it in a text/varchar column.