GSoC Week 4: encrypt_content_client - table for encryption containers

Code reviews on Git repository

As there is a solid base for the module on Git, my mentor and I agreed to have weekly code reviews. The way I am organizing my code is that I push code to the code-review-x branch and then those commits are reviewed by Colan.

This week’s code changes can be viewed in this Merge Request on Gitlab.

Different way of attaching JavaScript libraries

At first I used hook_page_attachments() to attach JS libraries to my Drupal installation, but this way the libraries were added to every page. I needed to find a way to whitelist pages. I switched to hook_form_alter(). Using this approach I can use $form_id passed to the function and whitelist forms’ IDs and then only attach JavaScript to whitelisted ones. I have also created smaller libraries which are attached to one selected form.

Code

JavaScript library wrapper work

  • ECC keys validation

Now when user wants to upload a new key to his / her user profile, the key pair provided will be validated using the SJCL library. This is done to avoid further errors with encryption. The user also needs to provide a key for that key to make sure that the one he or she uploaded is correct.

  • Save encryption containers through REST

I have also created a middleware JavaScript function that will allow my script to attach to entity forms and modify their content before sending.

  • Using LocalStorage

I added a way of storing private keys in the browser, on the client’s side. This way users have more control over their own key storage and the server has no access to them, which increases security and privacy for the module.

Add a table for encrypted data keys

I added a new table using hook_schema() that fires on the module’s installation. It will store encrypted content per entity type so it does not limit the module to encrypting only hard-coded content types. After talking to my mentor I choose to create a new table compared to the previous design of extending nodes to include more fields.

encryption container table

Yet another REST resource

I created another custom REST resource for encryption containers table. This table will be used to store main key for decrypting content which is then encrypted using every user’s keys. This new REST resource class has two methods implemented: get() for retrieving records and post() for adding new records.

Using the database API in Drupal 8

I have investigated few possible ways of inserting and retrieving data directly from and to tables created previously with hook_schema(). I decided to go with this approach which uses an object of one of Drupal core’s classes.
 

Code

Plans for week 5

  • Call REST resource from JavaScript and add / get entries

  • Move code from sandbox to actual Drupal forms

  • Write a long post summarizing the first month up to the first evaluation

  • Go through the weekly objectives and rework objectives for the following weeks