Encryption using Deno KV and OAuth?

I'm creating a note-taking app using most of Deno's tools. I was thinking about encrypting user notes for additional privacy. The problem I have is that I don't know how to generate and manage the encryption keys without somehow storing them in the server. If anyone has any pointers on how to achieve this I would love to hear it, thank you.
F
foobar60d ago
You need key to encrypt/decrypt. 3 possibilities for me, key - can be hard coding (bad way) - get from .env - store it in KV
C
cknight60d ago
The encryption key needs to be external to the code and the KV store. Options to supply this typically include passing in the encryption key via an environment variable or CLI argument.
P
Poncho60d ago
@foobar @cknight I think an env variable would work great, thank you for your input
F
foobar60d ago
For my knowledge, why put key in kv store could be wrong ? effectively, in env variable nobody can see the key, in kv store, only admin can see it
C
cknight60d ago
If the KV store can be remotely accessed then anyone can get the key and decrypt the data. Best practice would be to store the key separately from the encrypted data For example you can also store backups in multiple places without worrying as much about the security surrounding those backups as the data is encrypted and the key is not available in the KV store.
More Posts
Deno is not seeing a projectIt seems deno is not seeing a project i am using. Project link: https://github.com/Swifter1243/ReMa`arch` and `platform` are empty strings in `node:process`👋 hello! I'm trying to use a node project that uses `arch` and `platform` inside `node:process`, whNPM imports fail on JSON requireWhen importing modules via `npm:` protocol, the embedded esbuild will throw the following error if tuse-case: web component development in denoMy use-case is quite simple, really. But I have a hard time finding the tooling to work with it. - Starting project errorsI have error in url of DenoConditional callback with deno_kv_oauthHello I am using deno_kv_oauth for my application and am trying to do the following: I want users tClear deno kv dbHow can I clear out the database? using `list` requires the keys to be known, but I just want to clehow to break console.log maximum characters limithi, im using usual `deno run file.ts` command and realized that there is a limit to number characternpm import : class is not found but it is well declared in node_moduleI try to use Tatum SDK in deno (https://github.com/tatumio/tatum-js). I pick up the easiest code exaInteractive Jupyter notebookHas anyone figured out how to do interactivity in a Jupyter notebook with Deno kernel in VSCode? LiRun all pending ticks synchronouslyCurrently it seems like `run_event_loop` is the only way to run all the pending ops that are schedulHow can I do server sent events on the client side in deno?I have a server api which is doing server sent events correctly, I can see it in curl doing what I wunable to connect to mongodb using deno inside containerFirst of all, I want to mention that when I run `deno task preview` on my local machine / laptop, itTC39 stage 3 decorators not working anymore in Deno DeployAs of Feb 15th, deployments to #deploy™ fail when using TC39 decorators. Despite the decision to su