node-ottoman icon indicating copy to clipboard operation
node-ottoman copied to clipboard
verified publisher icon couchbaselabs

FLE Implementation for Ottoman

Open AV25242 opened this issue 4 years ago • 3 comments

We will need encryption feature carried over from Node.js SDK to Ottoman. This ticket address both Implementation and Documentation needs.

Documentation for Encryption can be found here : https://docs.couchbase.com/nodejs-sdk/current/howtos/encrypting-using-sdk.html

Documentation guidance for how to can be found here : https://www.npmjs.com/package/mongoose-encryption

Encryption should be a plugin

AV25242 avatar Apr 02 '21 16:04 AV25242

Proposal:

Configure encrypt in Ottoman

const keyBuffer = Buffer.from(
  '000102030405060708090a0b0c0d0e0f' +
  '101112131415161718191a1b1c1d1e1f' +
  '202122232425262728292a2b2c2d2e2f' +
  '303132333435363738393a3b3c3d3e3f',
  'hex'
);
 	
const config = [
  { 
    key: 'myKey', value: keyBuffer, encrypter: 'one'
  },
  { 
    key: 'myotherkey', value: keyBuffer, encrypter: 'two'
  },
  {
    key: 'three', value: 'keyBuffer', default: true  // encrypter name will be they equal to key if it isn't provided.
  }
];

const ottoman = new Ottoman({encrypt: {
  config,
  options: {
    encryptedFieldPrefix: '__crypt_' // default value -> encrypted$
  }
});

Encryption will be configured at Ottoman's instance level and can be used for every Schema and Model.

To setting fields to encrypt will be in the Schema. Ottoman will provide a new property encrypt

const personSchema = new Schema({
    name: String,
    password: {type: String, encrypt: true} // will be use the default encrypter
    addresses: [{
        houseName: {type: String, encrypt: 'one'},
        street: {
            firstLine: String,
            secondLine: {type: String, encrypt: 'two'}
        }
    }]
})

encrypt property can be set to true or string value.

  • when set to true it will use the default encrypter
  • when set to a string value it will be handled as the encrypter name previously defined in the configuration

With this schema definition, every time Ottomans save a person (save, store, replace, findOneAndUpdate, ...) the field mark with encrypt will be encrypted and decrypted when retrieving(find, findOne, findById, ...) Ottoman will handle it under the hood.

Maybe we can add some sort of flag to skip encryption while using and specific action to store or retrieve. Retrieve example:

PersonModel.find({}, {skipDecrypt: true});

Store example:

PersonModel.store(doc, {skipEncrypt: true});

Maybe the skipEncrypt doesn't have sense, but skipDecrypt can be helpful for some cases.

gsi-alejandro avatar Feb 20 '22 23:02 gsi-alejandro

Hey @gsi-alejandro, Ideally Ottoman should follow the Couchbase SDK specificiation that describes how field-level encryption should work. This will allow it to be compatible with other SDKs (or the Node.js SDK without Ottoman). This RFC can be found here: https://github.com/couchbaselabs/sdk-rfcs/blob/master/rfc/0064-sdk3-field-level-encryption.md Cheers, Brett

brett19 avatar Feb 28 '22 20:02 brett19

hi, @brett19 we'll use the Nodejs SDK implementation under the hood.

gsi-alejandro avatar Mar 01 '22 14:03 gsi-alejandro