serde-encrypt icon indicating copy to clipboard operation
serde-encrypt copied to clipboard

Published 20 hours ago verified publisher icon laysakura

How to tag only certain fields of a struct as encrypted?

Open gitmalong opened this issue 2 years ago • 2 comments

In such a common scenario as outlined below I only want to store the password as encrypted value. How can I achieve that?

struct DatabaseConfig {
  hostname: String,
  user: String,
  password: String
}

gitmalong avatar Aug 11 '22 19:08 gitmalong

@gitmalong Not directly supported.

You may achieve it by the following workaround, for example.

struct DatabaseConfig {
  hostname: String,
  user: String,
  password: EncryptedMessage,  // https://docs.rs/serde-encrypt/latest/serde_encrypt/struct.EncryptedMessage.html
}

#[derive(Serialize, Deserialize)]
struct Password(String);

impl SerdeEncryptSharedKey for Password {
    type S = BincodeSerializer<Self>;
}

laysakura avatar Aug 13 '22 21:08 laysakura

What I would like to see is a similar concept like seen in jasypt. It doesn't require to tag fields/structs as encrypted but identifies fields as encrypted when a field's value is wrapped in ENC e.g. ENC(example_encrypted_string).

gitmalong avatar Mar 19 '23 09:03 gitmalong