我有一台node.js服务器,它使用一对非对称密钥进行加密/解密.服务器约90%的功能依赖于主动加密和解密数据,或验证用这些密钥签名的JWT令牌.
For security reasons, it is always recommended to dispose, after usage, of any plain-text strings or Buffers where such keys are loaded in memory. However, given the massive usage of the keys, reading them from file every time becomes a huge performance bottleneck.
For DRY (Don't Repeat Yourself) reasons, it also makes you question why each function has to read the key files themselves every time.
My question is: how safe is it to load these keys in memory instead of reading them each time from file?
Would you be able to recommend any different approach? See code below:
100
import * as fs from "node:fs";
export const PRIVATE = fs.readSync("./private.key");
export const PUBLIC = fs.readSync("./public.key");
// in another file
import * as KEYS from "./keys";
function doSomething(data) {
return JWT.sign(data, KEYS.PUBLIC);
}
VS个
100
import * as fs from "node:fs";
function doSomething(data) {
const PUBLIC_KEY = fs.readSync("./public.key");
return JWT.sign(data, PUBLIC_KEY);
}