My application has a requirement that we need to encrypt index fields. Right now the encryption/decryption is handled at the application level. I want to move the encryption process away from the application layer so I don’t have to manually encrypt data in model or in the query.
I want to decorate the model with attributes to determine if the field should be encrypted or not. I was looking at using IDocumentConversionListener to handle the conversion to and from a document. Is this the best place to handle this? If so, how do I encrypt/decrypt only the fields with attributes in a complex model? Below is an example of the model with two fields that need to be encrypted.
public class User
{
public string Id { get; set; }
[EncryptAttribute]
public string Name { get; set; }
public Contact PhoneNumber { get; set; }
public class Contact
{
public string Type { get; set; }
[EncryptAttribute]
public string Value { get; set; }
}
}
public class SecureFieldListener : IDocumentConversionListener
{
public void EntityToDocument(object entity, RavenJObject document, RavenJObject metadata)
{
}
public void DocumentToEntity(object entity, RavenJObject document, RavenJObject metadata)
{
}
}
As for how to store documents encrypted, look here: http://daniellang.net/document-level-encryption-in-ravendb/
Encrypting the indexes at a high level (above lucene) has a lot of severe problems and I’m pretty sure that you don’t want to do that. Range queries wouldn’t work, ordering would be broken, full-text search impossible, etc.
Please note that by default, raven stores fields inside lucene without field storage. That means, while you can use them in queries, you can’t actually retrieve their value back as a search result. However, I understand that in very secure environments this might not be sufficient, as it could be possible to extract them somehow though.
So if you really need such high security, I suggest you go for one of the following option: