Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.Hello,
I am looking into the possibility of integrating a CCK Textfield for example with AES Encryption module, to store the data as encrypted inside the db.
AES has these functions:
For developers:
This module can provide you with a very simple and easy to use encryption API. Just check out the aes_encrypt and aes_decrypt functions. It really can't get any simpler.
In a nutshell:
$encrypted_data = aes_encrypt("mydata");
$decrypted_to_plain_text = aes_decrypt($encrypted_data);
If we could hook into CCK just before it saves and retrieves data from the db, we could have data stored in the db securely. So if hackers get a hold of the db, the data will be useless for them.
Just think of the recent breach of email marketing companies, whose dbs were stolen and their user base spammed...
http://www.reuters.com/article/2011/04/05/idUS100003661220110405
Comments
Comment #1
giorgio79 CreditAttribution: giorgio79 commentedFor the UI we could have a checkbox in the field setup page, asking whether to store it as encrypted in the db. As simple as that :) The code may not be that simple though.
Comment #2
Tim Thompson CreditAttribution: Tim Thompson commentedIs there any update on this project? I'm interested in securely storing data from CCK fields.
Comment #3
giorgio79 CreditAttribution: giorgio79 commented#948246: Integration with CCK