Code reviews on Git repository
As there is a solid base for the module on Git, my mentor and I agreed to have weekly code reviews. The way I am organizing my code is that I push code to the code-review-x branch and then those commits are reviewed by Colan.
This week’s code changes can be viewed in this Merge Request on Gitlab.
ECC keys validation
Now when user wants to upload a new key to his / her user profile, the key pair provided will be validated using the SJCL library. This is done to avoid further errors with encryption. The user also needs to provide a key for that key to make sure that the one he or she uploaded is correct.
Save encryption containers through REST
I added a way of storing private keys in the browser, on the client’s side. This way users have more control over their own key storage and the server has no access to them, which increases security and privacy for the module.
Add a table for encrypted data keys
I added a new table using hook_schema() that fires on the module’s installation. It will store encrypted content per entity type so it does not limit the module to encrypting only hard-coded content types. After talking to my mentor I choose to create a new table compared to the previous design of extending nodes to include more fields.
Yet another REST resource
I created another custom REST resource for encryption containers table. This table will be used to store main key for decrypting content which is then encrypted using every user’s keys. This new REST resource class has two methods implemented: get() for retrieving records and post() for adding new records.
Using the database API in Drupal 8
I have investigated few possible ways of inserting and retrieving data directly from and to tables created previously with hook_schema(). I decided to go with this approach which uses an object of one of Drupal core’s classes.
Plans for week 5
Move code from sandbox to actual Drupal forms
Write a long post summarizing the first month up to the first evaluation
Go through the weekly objectives and rework objectives for the following weeks