Crypto’s application protection: API keys and secrets
When you develop the Crypto portfolio application from Ionic 5 using express.js, it is necessary to ensure that sensitive information, such as keys and secrets of API, is not publicly disclosed. In this article we will discuss the importance of protecting your application.
** Why storing the API keys and secrets is a problem?
Sensitive data, such as keys and secrets of API directly in the code, can lead to several problems:
* Safety hazards
: If the attacker gets access to the code,
* Requirements for compliance : Many regulatory bodies require organizing sensitive information from organizing. Public storage of keys and secrets of API may make it difficult to meet these requirements.
** What is a better approach?
API keys and secrets:
1. Use environmental variables
AWS S3. This approach ensures this
2. Use a secret management service
Services such as Hashicorp’s Vault, AWS Secrets Manager or Google Cloud Secret Manager ensure safe storage and management of confidential data. These services are equipment such as encryption, access controls,
3. Lever and equipment safety module (HSM)
Requirements requirements, hardware security module considered (HSM). HSMS equipment. Additional protection layer by encrypting and storing sensitive offline data, which significantly hinders access to attackers.
4. Use the Cryptography Library
Instead of raw API keys and secrets, you can use a cryptographic library such as the built -in Crypto module or external libraries such as OpenSSL to generate and manage safe keys and secrets.
Sample code: storage of API Binance keys as environmental variables
Here is an example fragment of the code that shows how to store the API Binance and Secret key as environmental variables in node.js:
`Javascript
Const Crypto = requires ("Crypto");
// Set the APi Binance key as an environmental variable
process.env.binance_api_key = 'your_bina_api_key';
// generate a safe password using the "Crypto" module
Const Password = Crypto.pBKDF2Sync ("MyScretpassword", 100,000, 32, 128, "SHA512").
process.env.binance_password = password;
module.exports = {api_key: process.env.binance_api_key, password.env.binance_password};
Sample code: storage of API keys and binance secrets using a secret management service
Here is an example fragment of the code that shows how to store the API keys and the secrets of Binance API using the Hashicorp vault:
`Javascript
Constant vault = requires ("node-vault");
// Create a new secret with the key API Binance
vault.write ("binance_api_key", "your_bability_api_key")
// Create another secret with a password
vault.write ("binance_password", "MySecretpassword")
Key for protecting the application against concluding and reculing requirements. Consider the use of environmental variables, secret management service or hardware security module (HSM) for private storage of confidential information.
By following the best practices, you can make sure that your application for the cryptographic portfolio from Ionic 5 is safe, reliable and consistent.
