Sails: Allow setting "encryptWith" in the model settings

Created on 30 Nov 2017 · 4Comments · Source: balderdashy/sails

Waterline version: master
Node version: 9.2.0
NPM version: 5.5.1
Operating system: Ubuntu

Currently you can set different dataEncryptionKeys to encrypt/decrypt your data.

The docs suggest a key rotation, which doesn't work for some reasons.

You encrypt your data and use the default key. This string "default" is stored along with the encrypted data to decrypt the data with the default key. while rotating the keys, you change the default key. But if you change the default key, you can no longer decrypt your data because the default key has changed.

So my suggestion is to let the user set the {{encryptWith}} in the model settings to a different key name than default.

Here, we could also check for WLModel.encryptWith.

I Know, you could set meta manually when building the query, but this doesn't work if you use the sails blueprint api.

module.exports = {
    dataEncryptionKeys: {
        '2017': 'CoWu+nNr9a3gwB/WihMMMnsx5wvT7sQdDuIA4fATlCo=',
        '2016': 'I+3RdrJePwD8tlT3aqiijqpM3tnk0ntLB1lUqQaZ2hQ='
    },
    encryptWith: '2016',
    attributes: [
        // ...
        sensitiveData: {
            type: 'string',
            encrypt: true
        }
    ]
}

One simple so

Source

edy

All 4 comments

Hi @edy! It looks like you missed a step or two when you created your issue. Please edit your comment (use the pencil icon at the top-right corner of the comment box) and fix the following:

Provide your Node version
Provide your NPM version
Provide your Operating system
Verify "I am experiencing a concrete technical issue with Waterline (ideas and feature proposals should follow the guide for proposing features and enhancements (http://bit.ly/sails-feature-guide), which involves making a pull request). If you're not 100% certain whether it's a bug or not, that's okay--you may continue. The worst that can happen is that the issue will be closed and we'll point you in the right direction."
Verify "I am not asking a question about how to use Waterline or about whether or not Waterline has a certain feature (please refer to the documentation(http://sailsjs.org), or post on http://stackoverflow.com, our Google Group (http://bit.ly/sails-google-group) or our live chat (https://gitter.im/balderdashy/sails)."
Verify "I have already searched for related issues, and found none open (if you found a related _closed_ issue, please link to it in your post)."
Verify "My issue title is concise, on-topic and polite."
Verify "I can provide steps to reproduce this issue that others can follow."

As soon as those items are rectified, post a new comment (e.g. “Ok, fixed!”) below and we'll take a look. Thanks!

*If you feel this message is in error, or you want to debate the merits of my existence (sniffle), please contact [email protected]

sailsbot on 30 Nov 2017

👎1

Ok, fixed!

edy on 30 Nov 2017

Sorry to be a hassle, but it looks like your issue is still missing some required info. Please double-check your initial comment and try again.

*If you feel this message is in error, or you want to debate the merits of my existence (sniffle), please contact [email protected]

sailsbot on 30 Nov 2017

👎1

@edy,@sailsbot: Hello, I'm a repo bot-- nice to meet you!

It has been 30 days since there have been any updates or new comments on this page. If this issue has been resolved, feel free to disregard the rest of this message and simply close the issue if possible. On the other hand, if you are still waiting on a patch, please post a comment to keep the thread alive (with any new information you can provide).

If no further activity occurs on this thread within the next 3 days, the issue will automatically be closed.

Thanks so much for your help!

sailsbot on 1 Jan 2018

👎1

Was this page helpful?

0 / 5 - 0 ratings