I have been designing a system with some super careful cryptographic needs and decided that having the console app administrator type in a sensitive cryptographic password when the app calls for it might be the way to go in my use case.
I was reading that we do not want to store this password (cryptographic key) as a string because it remains immutable in memory and could be found by an attacker via a memory dump. I read that such keys should be a Buffer instead and should immediately be cleared after they are used by invoking bufferVal.fill(0).
However, I have not come across in my study any example of keyboard text going straight into a Buffer. The best I can tell, everything I have found is intermediate strings, which I am trying to avoid.
If someone could help me find a mechanism for a NodeJS console keyboard input going straight to a Buffer instead of a string, that would be great!
See point number 5 in this answer if you are interested in what brought my concern.
