Jump to content

Encrypted Text Fields


BitPoet
 Share

Recommended Posts

The module has been lying around on GitHub for some time now, so I thought I'd give it its own forum topic so I can give it a module list entry.

SymmetricEncryptedText

Symmetric encryption for text based fields (supports multi language fields).

Module page.

Link to the GitHub repo.

Description

This module adds an encryption option to all text fields (and those derived from FieldtypeText).

Field contents are encrypted using a symmetric key when a page is saved and decrypted when loaded from the database.

The module by default uses sodium (if loaded) in PHP versions >= 7.2, otherwise it falls back to the bundled phpseclib.

Multi-Language fields are supported too.

WARNING!

Setting a field to encrypted and saving values in those fields is a one-way road!

Once encrypted, the contents cannot be unencrypted without writing a program to do so. Disabling the encryption option on a field after the fact gets you encrypted "garbage".

Usage

  • Download the zipped module through the green button at the top right of the GitHub repo or (once available there) from the official PW module repository
  • Extract in its own directory under site/modules.
  • In the backend, click "Modules" -> "Refresh", then install "Symmetric Encryption for Text Fields".
  • Go to module settings. An appropriately sized, random key will be generated if this is your first use.
  • Copy the supplied entry into site/config.php
  • Add fields or configure already present fields. On the "Details" tab you can enable encryption for the field in question
  • Edit a page with such a field, enter a value there, save and enjoy

Existing, unencrypted values are left untouched until a new value is saved. That way, you can do a smooth upgrade to encryption, but you have to save all pre-populated pages to have their values encrypted in the database. Thus it is recommended to avoid adding encryption to already populated fields.

Advanced Usage

You can hook after SymmetricEncryptedText::loadKey to retrieve your key from somewhere else, e.g. a different server.

Edited by BitPoet
Added module page link
  • Like 14
Link to comment
Share on other sites

  • 5 years later...
  • 3 months later...
  • 3 weeks later...
On 1/2/2024 at 12:36 PM, ceberlin said:

There is a warning with your composer version when running PHP 8.1

Thanks for letting me know. I've created an issue and will take a look as soon as I find a quiet minute.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...