I am running the nodejs server in azure VM running win8 server, and I need to secure the configuration data. Since I am deploying the server by hand; not using azure role, manifest, iisnode integration etc – I need to figure out way for securing the configuration data.

.Net frameworks has the useful api ProtectedData.Protect and nodejs has a useful interop module edge for interop between nodejs and c# from Tomasz Janczuk @msft.

config data is earlier protected using the ProtectedData.Protect(), encoded base64 and saved to file. Code snippet below uses edge module with c# code to decrypt/unprotect the config data.

 
var edge = require('edge');
function unprotect(fileName, callback)
{
    var unprotectCsFunc = edge.func(function unprotectCsFunc()
    {/*
    #r "System.Security.dll"

    using System;
    using System.IO;
    using System.Security.Cryptography;

    async (fileName) => { 
        string cipherText = File.ReadAllText(fileName.ToString());
        byte[] cipherBytes = Convert.FromBase64String(cipherText);
        var data = ProtectedData.Unprotect(cipherBytes, null, DataProtectionScope.CurrentUser);
        return data;
    }*/});

    unprotectCsFunc(fileName, function (error, result)
    {
        callback(error, result);
    });
}

What do you use to protect configuration data for your nodejs server?