Field encryption with existing data (v2023)

philmills · Post by **philmills** » Mon Apr 10, 2023 8:38 pm

I have an existing project with is in production environment
I'd like to start using field encryption for some table fields, but am looking for some clarification on how to convert existing unencrypted data to encrypted.
Has anyone done this, and if so, how?

Thanks

rembo · Post by **rembo** » Tue Apr 11, 2023 7:30 am

you may explain more about what you want to encrypt and how would you like to encrypt this data , by that time you may try function 'Encrypt()'
provided by PHPMaker , read more about fieldsetup & encryption

philmills · Post by **philmills** » Tue Oct 24, 2023 9:21 pm

I have a MEDIUMTEXT field with existing data (including html) which needs to be encrypted, and some VARCHAR fields in a users table containing existing data which should also be encrypted.
If I was starting from a fresh table it would be ok, but the problem is with converting existing unencrypted data to encrypted

philmills · Post by **philmills** » Mon Feb 19, 2024 7:57 am

So I got this far:

I discovered that encrypted fields containing existing data still display that data correctly which is great
on save the data then gets encrypted, this is good to know

I don't want users to have to re-save every record
How can i encrypt them all at once?
I'm thinking maybe to create a table purely for this purpose:
e.g.
Table name: Encrypt_Tool
fields: id, targetTable, targetField - plus some custom fields to show encrypted and unecrypted records count for each row for checking

Then add a row_inserted or row_updated event to encrypt the target table's Field for all records

Or is there an easier way?

arbei · Post by **arbei** » Mon Feb 19, 2024 8:51 am

You may create a simple script yourself to loop through the records and encrypt the fields by using the PhpEncrypt().

When you connect to your database, make sure you use the same encoding as your project, e.g. If you use MySQL 8, you should set name as "utf8bm4".

philmills · Post by **philmills** » Mon Feb 19, 2024 10:54 pm

I'm confused about this. Did you mean a script within PHPMaker (eg custom file), or as a standalone script or page?
I have a standalone script currently which works perfectly apart from its not encrypting in a format that my phpmaker generated pages can understand.
I used the same encryption key as i set in Advanced settings

philmills · Post by **philmills** » Mon Feb 19, 2024 11:45 pm

I also couldn't find anything in the documentation that tells me what encryption method phpmakeräs field encryption extension uses.

My function looks like this, but i have no idea if its the right encryption method

// Function to encrypt data using AES encryption with a base64-encoded key
function PhpEncrypt($data, $key) {
    // Decode the base64-encoded key
    $decodedKey = base64_decode($key);

    // Choose a suitable encryption method and cipher mode
    $method = 'aes-256-cbc';
    $ivLength = openssl_cipher_iv_length($method);
    $iv = openssl_random_pseudo_bytes($ivLength);

    // Encrypt the data using the specified method, key, and options
    $encrypted = openssl_encrypt($data, $method, $decodedKey, OPENSSL_RAW_DATA, $iv);

    // Combine the IV and encrypted data for storage
    $encryptedValue = base64_encode($iv . $encrypted);

    return $encryptedValue;
}

arbei · Post by **arbei** » Tue Feb 20, 2024 9:41 am

arbei wrote:

encrypt the fields by using the PhpEncrypt()