Client-Side Content Encryption

Introduction

This module implements client-side, asymmetric encryption of content using Stanford JavaScript Crypto library using Elliptic Curve Cryptography.

Module installation

1. Get the module by running following commands while in the root of your Drupal installation:

cd modules
git clone --branch 8.x-1.x git.drupal.org:project/encrypt_content_client.git

2. Install required libraries:

• Build SJCL library - follow these instructions for building the library - remember about using the --with-ecc option and save the output file as /sites/all/libraries/sjcl.js
• Download library file from this location and save it as /sites/all/libraries/FileSaver.js

3. Grant the following permissions:

• encrypt content client - allows users to generate ECC keys, encrypt and decrypt content
• encrypt content client settings - allows admins to change module’s setting including encryption policies

4. Grant the following REST resource permissions using the REST UI module (not enabling particular ones should gracefully limit functionality of the module for selected user groups):

• Access DELETE on Client encrypted containers resource
• Access DELETE on Client encrypted fields resource
• Access DELETE on ECC keys resource
• Access GET on Client encrypted containers resource
• Access GET on Client encrypted fields resource
• Access GET on ECC keys resource
• Access POST on Client encrypted containers resource
• Access POST on Client encrypted fields resource
• Access POST on ECC keys resource

Post-install steps and settings

• Navigate to /client_encryption/policies and set which nodes and fields to encrypt.
• Generate keys as the admin user, open /user/ecc .
• Add a custom block - so the users can update their private keys which are stored locally.