MindLake.Cryptor
In MindLake, it is essential to encrypt all private data and store it as ciphertext. This ensures that only the data owner and authorized users can decrypt the data and access the plaintext.
Each specific combination of user, table, and column has a unique key that is used to encrypt and decrypt the data in that column. The column-specific keys are further protected by encrypting them with the user's account key. This ensures that only authorized users with access to the account key can access the column keys and decrypt the data.
1. encrypt() Method
This method is employed for encrypting data. When using the data with insertion, the target column must be specified. When the data is a constant value and utilized for querying, the appropriate data type should be specified.
Parameters
data
-any
: the sensitive data to be encrypted.column | dataType
-string | MindLake.DataType
:When employing this method for data insertion, the parameter must be designated as a
column
instring
format. This string representation serves to identify the target column for data insertion. To define the parameter, concatenate the table name and column name using a dot as the separator. The proper format for specifying a column is: "TableName.ColumnName".When utilizing this method for querying and the data is a constant value, this parameter specifies the data type according to the
MindLake.DataType
enumeration.
Returns
An object of Promise<
>
. For more information.
result
-string
: the encrypted result is represented as a hex-formatted string.
Example
2. decrypt() Method
Decrypt the cipher data with the corresponding key. The decryption key is handled automatically by parsing the header info of the cipher data, without requiring the user to manually designate the key or the column.
Parameters
cipher
-string
: the encrypted cipher represented as a hex-formatted string
Returns
An object of Promise<
>
. For more information.
result
-any
: the decrypted result.
Example
Last updated