planifica / encryption Goto Github PK

Thanks for your package.

Last update was happened 2015 sep only.
Can you confirm, is it possible to use your package for recent 1.4 meteor version.

Hi Philipp,

I'm considering using this package in a hosted (“SASS”) version of http://wekan.io to encrypt user data (boards, cards, files). One particular need that I have is to support public boards that can be read by anyone. Do you have any suggestion about how this could be implemented using the planifica:encryption package? Maybe this would require adding a encryptionCondition(doc) -> bool option for the CollectionEncryption constructor?

Currently the server-side code define the following method:

initEncryptionSchema: function (collectionName, fieldKey) {
    var schema = {};
    schema[fieldKey] = {
        type: Boolean,
        defaultValue: false
    };
    // add ecrypted field to the collection schema
    Mongo.Collection.get(collectionName).attachSchema(schema);
}

This method allow an attacker to break any application using this package by overwriting some fields definitions on the server-side schema.

It would be nice, if it would possible to get decrypted data by using Collection.find and not only Collection.findOne and to use parameters on encrypted fields (e.g. $regex or {fieldName: "blah"}).

A use-case would be e.g. a password manager, because there you have more than one document to fetch and display.

This package doesn't work on old browsers (for instance because IE9 doesn’t support Uint8Array). We should document that.

Say the client sees a table and pagination is done on the server cause 5000 documents would slow down the client to much. How can it be done to filter the table?

thanks for your package

Getting the following error TypeError: CollectionEncryption is not a function if code added at server side. For client side no errors.

For example:

Each document in "Chats" could have a principal that can be shared with a new user at any time but each document in "Messages" would be encrypted using the Chats principal, thereby cutting down on the amount of space required to store the keys. There would no longer need to be Principal keys for each Message document. This would also cutting down on the amount of time it takes to share an entire group of Messages with a new user.

I am not sure if this is possible with the current implementation but my understanding of the code suggests that it is not.

Really cool solution. Are inserts into collections not encrypted? Updates encrypt just fine, but when initially inserting, I get plain text on the server-side collection. Thanks.