Feature #103624
open
Allow the encryption of single fields in the model
0%
Description
Confidential data should be encrypted in the database.
I wish to have an easy API to encrypt/decrypt single fields of my model in the database.
I have written a test-Extension, which show how it could work.
https://extensions.typo3.org/extension/fieldencryption
The disadvantage of the extension: I have no idea, how to encrypt data in rendering cases with typoscript. I havn't currently tested it.
Updated by Garvin Hicking 4 months ago
- Category set to Security
I tend to say that this concept should probably not be offered by the Core, but is a good idea for an extension. PSR event usage should allow to also influence typoscript en/decoding from the TypoScript parser.
I want to state though that encryption within the PHP ecosystem is a game of hide and seek and "security by obscurity". Since keys for decryption are always readable to the PHP process, attackers would be able to decode this information. So the main use case for me would be to hide sensitive data from editors - in that case though I wonder if they should access encrypted fields at all?