Question 220390 in Mongodb Question posted in
The official documentation can be found here.

How to make safety saving private keys to mongodb? JavaScript, node.js

using the web3.eth.account.create() method returns:

{
    address: "0xb8CE9ab6943e0eCED004cDe8e3bBed6568B2Fa01",
    privateKey: "0x348ce564d427a3311b6536bbcff9390d69395b06ed6c486954e971d960fe8709",
    signTransaction: function(tx){...},
    sign: function(data){...},
    encrypt: function(password){...}
}

How to make safety saving private keys to mongodb?

I was researching bcrypt, hashcode, but hascode is not safety and bcrypt encoding requires to remember private key, but it is difficult.
Earlier I have worked with Java Spring Boot and there was bcrypt password encoder, but I dont know how it will work in node.js

Tags:

2

Answers


  1. 0

    you can use nodejs crypto and use a global secret

    const crypto = require('crypto');

const encrypt = (text, secret) => {
  const cipher = crypto.createCipher('aes-256-cbc', secret);
  let encrypted = cipher.update(text, 'utf8', 'hex');
  encrypted += cipher.final('hex');
  return encrypted;
};

const decrypt = (encryptedText, secret) => {
  const decipher = crypto.createDecipher('aes-256-cbc', secret);
  let decrypted = decipher.update(encryptedText, 'hex', 'utf8');
  decrypted += decipher.final('utf8');
  return decrypted;
};

const originalText = "Hello, this is a secret message!";
const secret = "this is test";

// Encryption
const encryptedText = encrypt(originalText, secret);
console.log("Encrypted:", encryptedText);

// Decryption
const decryptedText = decrypt(encryptedText, secret);
console.log("Decrypted:", decryptedText);

    and if you feel like that might not be strong enough you can add a random string to the encryption

    const crypto = require('crypto');

const generateRandomIV = () => {
  return crypto.randomBytes(16);
};

const deriveKey = (secret) => {
  return crypto.createHash('sha256').update(secret).digest();
};

const encrypt = (text, secret) => {
  const iv = generateRandomIV();
  const key = deriveKey(secret);
  const cipher = crypto.createCipheriv('aes-256-cbc', key, iv);
  let encrypted = cipher.update(text, 'utf8', 'hex');
  encrypted += cipher.final('hex');
  return iv.toString('hex') + encrypted;
};

const decrypt = (encryptedText, secret) => {
  const iv = Buffer.from(encryptedText.slice(0, 32), 'hex');
  const key = deriveKey(secret);
  const decipher = crypto.createDecipheriv('aes-256-cbc', key, iv);
  let decrypted = decipher.update(encryptedText.slice(32), 'hex', 'utf8');
  decrypted += decipher.final('utf8');
  return decrypted;
};

const originalText = "Hello, this is a secret message!";
const secret = "this is test";

// Encryption
const encryptedText = encrypt(originalText, secret);
console.log("Encrypted:", encryptedText);

// Decryption
const decryptedText = decrypt(encryptedText, secret);
console.log("Decrypted:", decryptedText);
    Login or Signup to reply.
  2. 0

    You can use Mongodb’s Encryption Key Management here.

    The following example creates a Data Encryption Key with an alternate name.
    const encryption = new ClientEncryption(client, {
  keyVaultNamespace,
  kmsProviders,
});
const masterKey = {
  "<Your dataKeyOpts Key>": "<Your dataKeyOpts Value>",
};
const key = await encryption.createDataKey(provider, {
  masterKey: masterKey,
  keyAltNames: ["<Your Key Alt Name>"],
});

    Read more about ClientEncryption.encrypt

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search