I want to store third party API secret (like AWS) of my users in database. Leakage of which can lead to a potential loss to my users. It should be kept confidential.
So how can I secure their data on NodeJS platform? I'm thinking to encrypt and store the store the secret key so it will not directly visible to intruders.
Any suggestion on how more security can be maintained?
var crypto = require('crypto');
var assert = require('assert');
var algorithm = 'aes256'; // or any other algorithm supported by OpenSSL
var key = 'password';
var text = 'I love kittens';
var cipher = crypto.createCipher(algorithm, key);
var encrypted = cipher.update(text, 'utf8', 'hex') + cipher.final('hex');
var decipher = crypto.createDecipher(algorithm, key);
var decrypted = decipher.update(encrypted, 'hex', 'utf8') +
decipher.final('utf8');
console.log(encrypted);
console.log(decrypted);
assert.equal(decrypted, text);
via Sowmay Jain
No comments:
Post a Comment