Question:
Hello! I came across the problem of storing various tokens / passwords, etc. in an open repository on Github. I would like to put some sensitive data (tokens, client ids, passwords) in some file and encrypt / (or something like a config file that I will add to git ignore). Questions: How is it customary to do this in the modern world? With the help of which it is customary to encrypt files, etc. (Certificates, keys?) .I've heard a lot about ivi, json and xml file formats for storing settings and so on. But I would like to hear the opinion of more experienced people. PS I'm especially interested in how things are with this in .Net Core, now I'm actively using it. Sorry for the possible incoherence, I almost do not sleep. Thanks!
Answer:
One of the simplest options is to require the user to enter the password from the container/key store (and, if necessary, the certificate) with the private key installed on the developer's client/machine, where the encryption keys are stored, when starting the application. In the program, implement easy-to-use encryption of all sensitive data when writing to files / storages and decrypting when reading. In the program itself, this data will already be used in its pure form.
Thus, in the case of unloading sources even with recorded (encrypted) data to the external environment, a key and password are required in order to be able to decrypt.