Skip to content

Latest commit

 

History

History
120 lines (100 loc) · 4.66 KB

encryption.md

File metadata and controls

120 lines (100 loc) · 4.66 KB
id title
encryption
Encryption

Overview

The reSolve framework includes a mechanism that allows you to use an arbitrary encryption algorithm to encrypt the stored events and Read Model state data. You can use this functionality to store user data in compliance with General Data Protection Regulation (GDPR).

Encryption is defined in a file that exports a factory function of the following format:

Aggregate Encryption:

// common/aggregates/encryption.js
const createEncryption = (aggregateId, context) => {
  ...
  // Returns an object that contains 'encrypt' and 'decrypt' functions
  return {
    encrypt: (data) => ..., // A function that takes data and returns its encrypted version
    decrypt: (blob) => ..., // A function that takes an encrypted blob and returns unencrypted data
  }
}
export default createEncryption

Read Model Encryption:

// common/read-models/encryption.js
const createEncryption = (event, context) => {
  ...
  // Returns an object that contains 'encrypt' and 'decrypt' functions
  return {
    encrypt: (data) => ..., // A function that takes data and returns its encrypted version
    decrypt: (blob) => ..., // A function that takes an encrypted blob and returns unencrypted data
  }
}
export default createEncryption

You can assign encryption to aggregates and read models in the application's configuration file as shown below:

const appConfig = {
  aggregates: [
    {
      name: 'user-profile',
      commands: 'common/aggregates/user-profile.commands.js',
      projection: 'common/aggregates/user-profile.projection.js',
      encryption: 'common/aggregates/encryption.js', // The path to a file that defines aggregate encryption
    },
    ...
  ]
  readModels: [
    {
      name: 'user-profiles',
      connectorName: 'default',
      projection: 'common/read-models/user-profiles.projection.js',
      resolvers: 'common/read-models/user-profiles.resolvers.js',
      encryption: 'common/read-models/encryption.js', // The path to a file that defines Read Model encryption
    },
    ...
  ],
  ...
}

Storing Secrets

The reSolve framework implements a secrets manager that you can use to get, set or delete secrets based on their unique IDs. In an encryption factory function, you can access the secrets manager through the reSolve context object:

// common/aggregates/encryption.js
import { generate } from 'generate-password'

const createEncryption = (aggregateId, context) => {
  const { secretsManager } = context
  let aggregateKey = await secretsManager.getSecret(aggregateId)
  if (!aggregateKey) {
    aggregateKey = generate({
      length: 20,
      numbers: true,
    })
    await secretsManager.setSecret(aggregateId, aggregateKey)
  }
  ...
}

The secretsManager object contains the following functions:

Function Name Description
getSecret Takes a unique ID as an argument and returns a promise that resolves to a string if a secret was found or null if a secret was not found.
setSecret Takes a unique ID and a secret string as arguments and returns a promise that resolves if the secret was successfully saved.
deleteSecret Takes a unique ID as an argument and returns a promise that resolves if the secret was successfully deleted.

:::caution The unique ID of an existing or deleted secret cannot be reused. If you pass a previously used ID to the setSecret function, an exception is raised. :::

The secrets manager stores secrets in the 'secrets' table within the event store. To change the table name, use the event store adapter's secretsTableName option:

// config.prod.js
const prodConfig = {
  eventstoreAdapter: {
    module: '@resolve-js/eventstore-lite',
    options: {
      databaseFile: 'data/event-store.db',
      secretsTableName: 'usersecrets',
    },
  },
}

Example

The personal-data example demonstrates how to store encrypted user data. In this example, the encryption logic is implemented in a separate common/encryption-factory.js file and reused on both the read and write sides.