Feature: Encryption option
m-dary-nur opened this issue · comments
Hi, do you think add encryption like aes 256 into vasern option ?, Or hava any right way practice to adding encryption data locally ?
Thank you
Hey @m-dary-nur. What are you using encryption for?
I found a few libraries that could help with the encryption
Yes @hieunc229 using aes 256, can you make a practice how to use encryption in vasern ?,
Im using encryption for health data
Thank you
Hey, @m-dary-nur!
Vasern doesn't support data encryption. There are a number of encryption libraries available you can choose
I have 2 questions to understand the senario, to see if I can help:
-
Which 1 of 2 senarios below are you in?
AES-256 encryption require apassword
to encrypt and decrypt. You will either:
a. Let users enter thepassword
(only people withpassword
can read the data)
b. Store thepassword
in the device internal or a secure storage -
Is the encrypted data being used in the server-side? Since, the data is encrypted and transfer to the server, in many cases, it'd be better to encrypt on the server
Hi @hieunc229,
For point 1 , i prefer second one
For point 2, sure, its also encrypt on the server
Ok, I still have some more questions to clarify. In general, you can encrypt data like as the below example:
I'll be using crypto-js in this example. This should works on any javascript enviroment like React Native, nodejs, ...(might not work when transfering from app -> server or somewhere else)
import crypto from "crypto-js";
// encryption password, need to store somewhere safe
const secretKey = `randomkey`;
const message = `Hello World`;
// To encrypt
const encryptedText = crypto.AES.encrypt(message, secretKey).toString();
// To decrypt
const bytes = crypto.AES.decrypt(encryptedText, secretKey);
const decryptedText = bytes.toString(crypto.enc.Utf8);
console.log(decryptedText) // => `Hello World`
The problem here is where to store the secretKey
to avoid people checking out the password. Basically, data stored in vasern
is private to the application (other apps can't read it). Though, there is a small but rare chance of someone will get the data file, and look for the password.
If you are still confuse, let's have a chat on our Slack channel here https://join.slack.com/t/vasern/shared_invite/zt-5uoc8hec-Y~b9PjQfN0n2PbCTJH7exA
Thank you @hieunc229 , but what is it possible to use encryption like crypto within vasern configdb parameter like
new Vasern({schemas: [...], encryption: { secretKey: 'someKey', type: 'sha256' }});
Sure, actually i've joined vasern channel on slack
We had a chat on slack channel so I'll close this thread. Feel free to re-open or create a new thread
Thanks @hieunc229 , sorry im forget to close it