GSoC Week 5: encrypt_content_client - encryption of new nodes

Downloading generated ECC keys

In my code, I used to call pure JavaScript functions for “downloading” files. After some research I found and switched to using a library called FileSaver.js, which does it more smoothly. This method can retrieve a file with string generated on the front-end so the server is not aware that a file had been downloaded.

Using Drush in local development

Due to my broadband internet problems, I had to switch to local development for some time. I installed Drush this time and discovered the command: drush cache-rebuild which is quite fast and it reloads the JavaScript code I am currently working on.

Encrypt content when adding a new node

So this is when the fun begins. I attached another small JavaScript file to node add and edit forms. I am also passing form type (create/edit) and node type to the JavaScript library so my wrapper can call different function based on this value.

Here is the process of encrypting content:

  1. Load JavaScript and determine whether a form is adding a new node or editing an existing one.

  2. When form is submitted, use e.preventDefault() so the form does not get send.

  3. Get all fields from the form, filter out so there are only fields with the class .form-text left

  4. Get field which stores the longest text value - create a data-key based on that field.

  5. Encrypt every field of that node with AES algorithm providing previously generated data-key as password.

  6. Replace fields’ values with corresponding ciphertext, do form.submit() so the server receives and saves encrypted fields in the database.

Encrypt New Node

Encryption container table - design changes

After talking to Colan I decided on the encryption container design. So I want my module to encrypt content for all entities, so I created following columns:

  • ID (serial) - global incrementing ID

  • ENTITY_ID (int) - get entity specific id

  • ENTITY_TYPE (varchar) - string representing entity’s type

  • ENCRYPTED_DATA_KEYS (varchar) -  json formatted string of data-keys encrypted with every user’s public encryption key

New Block for saving private encryption keysBlock for updating private ECC key

This is a new requirement which I came up with few weeks ago. This block will be an optional feature for my module, users will have their ECC private encryption keys stored on the client-side - in localStorage, this block would allow them to view their current keys and allow them to update them as well, which bypasses the server.

Adding this block will be optional but recommended as it is increasing security (users can see and update their ECC keys on every page).

Interesting issues:

  • When adding a new node, body input field not visible on send - unless summary had been edited

I am still investigating why is that happening. Only when I click edit summary and then click the submit button I am getting the value of the node body textarea field.

  • Cannot add new Block to the sidebar

When trying to place a block from the structure tab I was not able to do so. I figured that they way I am attaching JavaScript code was not robust and it prevented sending the form for adding new block.

Plans for week 6:

  • Finish encryption process when adding new nodes

  • Start working on decryption of content when:

    • Viewing a node on the front-end

    • Editing a node so user can see plain-text before is being encrypted again

  • Start working on automated tests for PHP and JavaScript