Reputation: 318
Storage of symmetric keys in Golang
I am currently developing an application which uses symmetric key encryption, with the key generated from an user provided password. I want to include a way for the user to log-in to the application, so for that I need to store the key somewhere accessible by different processes. I am currently using a temporary file for beta testing, but I know that is not very secure. What will be a simple key storage solution in golang?
Upvotes: 1
Views: 847
Answers (1)
Reputation: 79
Sensitive information, such as keys, should not be stored in your program/executable as this leaves them vulnerable. You can store the keys outside of your program using a database (where they should not be stored in plain-text) or by using a config file that can be read by your program. You can read more about it on this google forum.
Upvotes: 0
Related Questions
- Why is this struct with a map field usable as a map key in Go when the docs say it shouldn't be?
- How to reuse struct keys on golang?
- How to encrypt and decrypt data with Openssl RSA public private key pair in Golang?
- Using a key value store in webserver application golang
- Golang AES encryption
- Storing and retrieving RSA encryption key
- How to implement efficient in memory key value store in golang
- Golang file encryption with crypto/aes lib
- Go equivalent to OpenSSL EVP symmetric EVP_aes_256_cbc
- How to encrypt and decrypt plain text with a RSA keys in Go?