StyAndCo/zappyzep
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Encrypt archives at rest

Browse source
This commit is contained in:
Dragory 2020-09-16 22:42:25 +03:00
parent 7562a886e1
commit a017aa7bfe
No known key found for this signature in database
GPG key ID: 5F387BA66DF8AAC1
3 changed files with 47 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
backend/src/data/encryptedTextTransformer.ts Normal file
View file

@ -0,0 +1,21 @@
import { decrypt, encrypt } from "../utils/crypt";
import { ValueTransformer } from "typeorm";
interface EncryptedTextTransformer extends ValueTransformer {
from(dbValue: any): string;
to(entityValue: string): any;
}
export function createEncryptedTextTransformer(): EncryptedTextTransformer {
return {
// Database -> Entity
from(dbValue) {
return decrypt(dbValue);
},
// Entity -> Database
to(entityValue) {
return encrypt(entityValue);
},
};
}

7
backend/src/data/entities/ArchiveEntry.ts
View file

@ -1,4 +1,5 @@
import { Column, Entity, PrimaryGeneratedColumn } from "typeorm"; import { Column, Entity, PrimaryGeneratedColumn } from "typeorm";
import { createEncryptedTextTransformer } from "../encryptedTextTransformer";
@Entity("archives") @Entity("archives")
export class ArchiveEntry { export class ArchiveEntry {
@ -8,7 +9,11 @@ export class ArchiveEntry {
@Column() guild_id: string; @Column() guild_id: string;
@Column() body: string; @Column({
type: "mediumtext",
transformer: createEncryptedTextTransformer(),
})
body: string;
@Column() created_at: string; @Column() created_at: string;

20
backend/src/migrations/1600285077890-EncryptArchives.ts Normal file
View file

@ -0,0 +1,20 @@
import { MigrationInterface, QueryRunner } from "typeorm";
import { decrypt, encrypt } from "../utils/crypt";
export class EncryptArchives1600285077890 implements MigrationInterface {
public async up(queryRunner: QueryRunner): Promise<any> {
const archives = await queryRunner.query("SELECT id, body FROM archives");
for (const archive of archives) {
const encryptedBody = encrypt(archive.body);
await queryRunner.query("UPDATE archives SET body = ? WHERE id = ?", [encryptedBody, archive.id]);
}
}
public async down(queryRunner: QueryRunner): Promise<any> {
const archives = await queryRunner.query("SELECT id, body FROM archives");
for (const archive of archives) {
const decryptedBody = decrypt(archive.body);
await queryRunner.query("UPDATE archives SET body = ? WHERE id = ?", [decryptedBody, archive.id]);
}
}
}