Feature request: Two way encryption with Active Record Encryption

Question

Feature request: Two way encryption with Active Record Encryption

Closed this issue a year ago · 9 comments

We are migrating our application to use Sequent and currently encrypt quite a lot of data using Active Record Encryption. I noticed in the documentation that Sequent supports encryption but that's only one way encryption.

We would love to use Active Record Encryption in our app. Does anyone else have this use case?

Answer 1 · 2022-12-19T17:04:04.000Z

Interesting. We don't have this use case (yet), but would be nice to have and use. I don't have experience with Active Record encryption but having read through the docs this should be a way to test if this is possible (if you haven't already done so):

MyCommand.new(sensitive_content: EncryptUsingWhatEverActiveRecordIsUsing.call('foobar')) where sensitive_content is 'just' a String. Also the Event containing this sensitive content should be of type String.
Then I think we need to use the ActiveRecord::Encryption.without_encryption context in a Projector (since the data here is already encrypted):

class MyProjector
  on MyEventWithEncryption do
    ActiveRecord::Encryption.without_encryption do
       ...
    end
  end

If this works than we can start proper support by letting the Command do the encrypting using a special type or so and make the Sequent projector smarter so whenever it sees that type it will execute in the correct context.

Answer 2 · 2022-12-19T19:17:00.000Z

Thanks for the quick response. @bforma had the same idea.

I'm not sure yet if you can use the encryption easily without ActiveRecord, but I'll will ook into this! I'll report back when I have some more info.

Answer 3 · 2022-12-19T19:41:39.000Z

It looks like you can use the config.active_record.encryption.encryptor for encrypting the payload in the Command. If that works then I expect querying the data should decrypt out of the box.... Curious to see if this will work.

Answer 4 · 2022-12-19T19:47:00.000Z

I browsed the Rails source code and came up with this working code:

salt =  SecureRandom.random_bytes(32)

encryptor = ActiveRecord::Encryption::Cipher::Aes256Gcm.new(salt, deterministic: true)
encrypted_text = encryptor.encrypt("Hello Sequent")
stored_in_database = ActiveRecord::Encryption::MessageSerializer.new.dump(encrypted_text)
puts stored_in_database # => {"p":"KJNhOuD7uzSvCWA=","h":{"iv":"kB2LUXoHLcjiLRua","at":"PtW+F6WekN4I0MwP442f6g=="}}

message = ActiveRecord::Encryption::MessageSerializer.new.load(stored_in_database)
puts encryptor.decrypt(message) # => "Hello Sequent"

Answer 5 · 2022-12-19T19:48:31.000Z

It looks like you can use the config.active_record.encryption.encryptor for encrypting the payload in the Command. If that works then I expect querying the data should decrypt out of the box.... Curious to see if this will work.

This returns nil, in our app.

>> Stekker::Application.config.active_record.encryption.encryptor
=> nil

Answer 6 · 2022-12-19T20:02:42.000Z

Hmm I'd expected some of the attributes of config.active_record.encryption to be set... They all seem nil.

Answer 7 · 2023-06-23T07:52:22.000Z

Any update on this @jankeesvw ?

Answer 8 · 2023-07-05T06:46:09.000Z

No, sorry, we haven't touched this idea in the last couple of weeks.

Answer 9 · 2023-09-14T07:05:16.000Z

Closing due to inactivity. When needed we can re-open.