planifica / encryption Goto Github PK
View Code? Open in Web Editor NEWClient-Side Encryption for Mongo Collections
Home Page: https://atmospherejs.com/planifica/encryption
License: MIT License
Client-Side Encryption for Mongo Collections
Home Page: https://atmospherejs.com/planifica/encryption
License: MIT License
Thanks for your package.
Last update was happened 2015 sep only.
Can you confirm, is it possible to use your package for recent 1.4 meteor version.
Hi Philipp,
I'm considering using this package in a hosted (“SASS”) version of http://wekan.io to encrypt user data (boards, cards, files). One particular need that I have is to support public boards that can be read by anyone. Do you have any suggestion about how this could be implemented using the planifica:encryption
package? Maybe this would require adding a encryptionCondition(doc) -> bool
option for the CollectionEncryption
constructor?
Currently the server-side code define the following method:
initEncryptionSchema: function (collectionName, fieldKey) {
var schema = {};
schema[fieldKey] = {
type: Boolean,
defaultValue: false
};
// add ecrypted field to the collection schema
Mongo.Collection.get(collectionName).attachSchema(schema);
}
This method allow an attacker to break any application using this package by overwriting some fields definitions on the server-side schema.
It would be nice, if it would possible to get decrypted data by using Collection.find and not only Collection.findOne and to use parameters on encrypted fields (e.g. $regex or {fieldName: "blah"}).
A use-case would be e.g. a password manager, because there you have more than one document to fetch and display.
This package doesn't work on old browsers (for instance because IE9 doesn’t support Uint8Array
). We should document that.
Say the client sees a table and pagination is done on the server cause 5000 documents would slow down the client to much. How can it be done to filter the table?
thanks for your package
Getting the following error TypeError: CollectionEncryption is not a function if code added at server side. For client side no errors.
For example:
Each document in "Chats" could have a principal that can be shared with a new user at any time but each document in "Messages" would be encrypted using the Chats principal, thereby cutting down on the amount of space required to store the keys. There would no longer need to be Principal keys for each Message document. This would also cutting down on the amount of time it takes to share an entire group of Messages with a new user.
I am not sure if this is possible with the current implementation but my understanding of the code suggests that it is not.
Really cool solution. Are inserts into collections not encrypted? Updates encrypt just fine, but when initially inserting, I get plain text on the server-side collection. Thanks.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.