I need to encrypt sensitive data in my Node.js application using AES-256-CBC encryption, and I want to make sure I’m implementing it securely. I’ve read that proper management of the key and IV is critical, but I’m not completely clear on the best practices for doing so.
Can anyone provide an example of AES-256-CBC encryption with Node’s crypto module, specifically highlighting how to securely handle the key and IV? Any advice on key storage and IV generation would be greatly appreciated.