sling-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jason Bailey <Jason.Bai...@sas.com>
Subject RE: value level encryption - Donating?
Date Mon, 20 Nov 2017 15:57:33 GMT
Thanks Antonio. I had considered doing GCM, but I hesitated since it's not listed as a standard
transformation that a Java platform must support. As I couldn't know what platform it would
be running on I tried to be as much OOTB as possible. That desire to be OOTB is also why it's
128bit. My idea was to provide a generic level of encryption with the assumption that a downstream
implementer would/should implement the EncryptionProvider service to the level of security
their company requires.

Saying that, if the desire is to have it GCM I will get that implemented.

-----Original Message-----
From: Antonio Sanso [mailto:asanso@adobe.com.INVALID] 
Sent: Monday, November 20, 2017 10:29 AM
To: dev@sling.apache.org
Subject: Re: value level encryption - Donating?

EXTERNAL

hi Jason,

thanks a lot for the donation.
I already commented on the issue, just pasting inline part of the comment though

On Nov 20, 2017, at 2:50 PM, Jason Bailey <Jason.Bailey@sas.com> wrote:

> So I'm just about done implementing this.
>
> https://github.com/JEBailey/sling-encrypt
>
> Value level encryption. IV is stored inline so there's no repetition. Accessing encrypted
data via the EncryptionValueMap will decode it automatically on access and will handle automatically
encrypting values if an encrypted value is updated.
>
> Only problem I had besides catching up on the last 15 years of 
> cryptography

I have seen you have used AES/CBC that is not  (extremely) bad. Said that if we really want
to put this in Sling we'd better do things as the state of art requires.
As rule of thumbs you never (only) encrypt . You'd better add some integrity check mechanism
(eg AES GCM or encrypt-then-mac).

regards

antonio

> was that the downstream application I use has a non configurable whitelist filter for
post processors that contain an '@' So I had to make the post processor configurable.
>
> As mentioned earlier I wrote this with the intention of donating. I tried to make it
as easy as possible for it to be pulled into where it needs to go.
>
> However I don't know the process for Donating. Can someone point me the way or to some
documentation?
>
> Thanks.
> -Jason
>
> -----Original Message-----
> From: Justin Edelson [mailto:justin@justinedelson.com]
> Sent: Friday, November 03, 2017 3:37 PM
> To: dev@sling.apache.org
> Subject: Re: value level encryption
>
> EXTERNAL
>
> In AEM, posting encrypted properties to /etc/cloudservices is historically the primary
use case for @Encrypted, but the PostProcessor applies to all post requests.
>
> I think this would be a useful addition to Sling. We may want to have some kind of SPI
to support different encryption schemes, but that's an implementation detail.
>
> Regards,
> Justin
>
>
> On Fri, Nov 3, 2017 at 2:48 PM Jason Bailey <Jason.Bailey@sas.com> wrote:
>
>> They only docs I can find on that, assuming we're talking AEM, 
>> mentions it only works for posting things into /etc/cloudservices. So that's out.
>> It's been a while, but I'm under the impression that all 
>> implementations of the java platform now come with a certain level of 
>> crypto
>>
>> https://docs.oracle.com/javase/8/docs/api/javax/crypto/Cipher.html
>>
>> I'd probably add a configuration so you could define the level of 
>> cryptography, and then that would allow people who needed a higher 
>> level to install their own providers. Is this something that Sling 
>> would be interested in? Since I'm going to be writing this, if you're 
>> interested, I'd rather write it with the intent of directly donating it.
>>
>>
>>
>> -----Original Message-----
>> From: Justin Edelson [mailto:justin@justinedelson.com]
>> Sent: Friday, November 03, 2017 1:35 PM
>> To: dev@sling.apache.org
>> Subject: Re: value level encryption
>>
>> EXTERNAL
>>
>> We have this in our commercial product. At a high level, the way it 
>> works is that there is a PostProcessor which looks for an @Encrypted 
>> postfixed property and, if that is present, the corresponding 
>> property is stored in an encrypted fashion. Decryption is all done 
>> manually, although personally the idea of an EncryptionValueMap seems really cool
to me.
>>
>> I believe the challenge in bringing this into Sling relates to the 
>> encryption libraries.
>>
>> On Fri, Nov 3, 2017 at 8:45 AM Jason Bailey <Jason.Bailey@sas.com> wrote:
>>
>>> Here's the use case
>>>
>>> My organization has decided that to conform to the GDPR, any 
>>> sensitive data should be encrypted while at rest. From a Sling 
>>> perspective that is a challenge since we've empowered the authors to 
>>> create forms the way they want. So to be on the safe side, we're 
>>> looking at encrypting all form fields as they are persisted, and 
>>> then decrypting the values from the resource  when we need to processes them.
>>>
>>> Now I'm thinking of an EncryptionValueMap that will simplify this 
>>> process and encapsulate the functionality. You guys are usually 
>>> ahead of me when I come up with this stuff and I don't like 
>>> replicating effort. So is there any functionality currently or 
>>> planned to handle encryption of resource values?
>>>
>>> Thanks
>>> Jason
>>>
>>


Mime
View raw message