I have a set of passwords which I have saved in git repo. But I want to keep the file always encrypted. But in my automation, I should be able to decrypt and read data from that file.
Any idea how its possible ?
Related
I am trying to encrypt a file using crypto module in Node.js before uploading it to IPFS. I want to have the same result every time I encrypt the same file so I computed the hash of the file using crypto.createHash().
For encrypting the file, right now I'm using the crypto.createCipheriv(). I wanted to know if there are other ways to encrypt a file without the iv? I wanted to just use the hash I computed to encrypt the file to ensure that I get the same result every time.
I'm using Node.js v16.14.0
Which one would be a better way to store secret API keys in Node js applications.
Create .env file at root folder and add your all keys, password in that file. To make it secure never ever add file in git repo. Instead add this file in .gitignore file so that git ignore this file when you push your changes.
Syntax of .env file
APP_URL=http://localhost:3000
APP_KEY=SECRETKEY
Additionally to access the keys from your .env file is process.env.APP_KEY
Its secure method, no one can access this file. I use this way.
Hope it gives your answer.
I read some articles about how to protect files with encryption on the ipfs network. If i understand ipfs correctly, without knowing file hash you can not get file on ipfs network(maybe i am wrong).
My question
Is it possible to get a file without knowing file hash? If not why we need to encrypt files on the network(i assume that file hash is known by only file owner)?
If you do not encrypt the data, then whoever is in control of the IPFS node can very easily just look at the data. If you want to be reasonably sure that only the appropriate people can view a piece of data, you need to encrypt it in some way.
I want to encrypt the passwords used in my web application. In normally we will encrypt the passwords and save it to the property file and later we will decode it. But here if the source code is an open source then the attacker can find the decoding method in the source code and can get the password.
Another way is save the password into a key store file and then access it with the key store password. But again same problem is there, attacker can see the key store password.
Could anyone tell me any solution to this?
You could make the secret key an environment variable and then refer to it like that in code (python: os.environ('secretKey')), or (I'm assuming you're storing your code on github) you can store the secret key in a file and add that file to .gitignore
I want to write a program(java) which takes a file as input ,encrypt it(using aes128) and send that encrypted file via ftp and the receiver receives it and decrypt using a key.
I'm a beginner and any help on how can it be done?
thanks a lot.
Please refer this link for encrypting and decrypting your file,first you need to read file and pass contents to encrypt() and decrypt() methods,you can use simple socket server and client for transferring files.