I’m thinking about good ways to store third party credentials, which basically means there needs to be a secret somewhere, either in code or data. I’m deploying on google app engine.
If the ‘secret’ was something like
pw_passphrase = sha2(username + 'global-password')
pw_plaintext = aes_decrypt(pw_passphrase, pw_ciphertext)
can I depend on this code never being seen by a non appengine administrator?
…what if the credentials protect something supersensitive like personal financial data, do we still trust it?
(The sha2 bit is exchangable with any other secret pseudo-random function.)
Yes: your source code is secure (as secure as Google can make it), and there’s no way for unauthorized third parties to peek.