Download & Extend
Webform » Issues

AES encrypt webform submissions

Posted by brakzilla on May 5, 2008 at 6:32pm
Project:Webform
Version:6.x-3.x-dev
Component:Code
Category:feature request
Priority:normal
Assigned:Unassigned
Status:active

Issue Summary

How can I have personal / confidential data submitted to a webform automatically AES encrypted when it gets stored to the database and decrypted when it gets viewed in results or CVS download?

I am trying to do this because the business has a policy that all personal data stored in the DB to be encrypted in case the DB gets compromised somehow...

Any ideas?

Login or register to post comments

Comments

#1

Posted by quicksketch on May 6, 2008 at 2:48am

This currently is not possible with webform. Though it sounds interesting I doubt the level of demand for such a feature. I'd have to review any potential patches for such a feature before supporting it in the module.

#2

Posted by rdonalds on May 6, 2008 at 3:22am

I would also need this, it is something I have been searching for and would truly enable Drupal sites safe storage of form data.

#3

Posted by brakzilla on May 7, 2008 at 7:06pm

Thanks for the response, that is reasonable.

As a work around, I've tried to implement your method described here: http://drupal.org/node/239493 to delete results from the DB, but still allow continued use of the module. This will allow the business to still get email results, but not store data in the DB. However, I have implemented this PHP code on the confirmation page (making sure that I'm using PHP input method) and the submissions are not being deleted. There is no warning message being given either. What do you think is going on?

#4

Posted by quicksketch on September 21, 2008 at 4:15am
Category:support request» feature request

Just moving to feature request.

#5

Posted by akucharski on November 11, 2009 at 7:57pm
Version:5.x-1.9» 6.x-2.x-dev

we would like to see if we can help develop this... has there been any more interest for the encryption feature?

#6

Posted by quicksketch on February 14, 2010 at 11:05pm
Version:6.x-2.x-dev»

Moving to the 3.x version, no new features are being added to 2.x. There has been no work on this feature; if there had been work it would be documented here.

In the 3.x version, we now have much better APIs, including submission hooks that would allow submissions to be modified before they are saved or after they have been loaded. This means that (at least in theory), submissions could be encrypted on presave and then decrypted on load. However there would need to be some kind of way to actually enter the encryption password somewhere to "unlock" the encryption. Since storing the password in the database is not safe (since then the data could be decrypted), we'd need to store this password some where else, perhaps the user's cookie, though that's not real secure either. But at least this would make it difficult to combine the two, since the user's cookie is stored in the browser, independent from the server if it were to be compromised.

I'm not planning on working on this functionality, just dumping my ideas out there in case some one is interested in giving this a shot.

#7

Posted by akucharski on February 18, 2010 at 7:11pm

thanks for the update - this helps

#8

Posted by giorgio79 on May 8, 2010 at 3:30am
Version:» 6.x-3.x-dev
Status:active» fixed

I believe this fixes it for you guys:
http://drupal.org/project/encrypt

I guess we can set it as fixed as well.

#9

Posted by quicksketch on May 8, 2010 at 3:39am
Status:fixed» active

It would be nice if that module solved the problem, but all it does is provide a mechanism for encryption. Installing it doesn't encrypt anything at all, the module storing the data is still responsible for encrypting/decrypting the information on storage and retrieval. While encrypt module might be useful for Webform's implementation, alone it doesn't accomplish the desired task.

#10

Posted by snorkers on June 9, 2010 at 10:35pm

There's also a client side encryption module at http://drupal.org/project/cse... but is proving difficult to leverage for encrypting Webform submissions.

I like the idea of storing the key outside the webroot (as recommended by Encrypt), but I can think of requiring multiple keys needed for each Drupal site - a pair generated for each webform node created.

#11

Posted by new_B on March 3, 2011 at 4:38pm

subscribe

#12

Posted by quicksketch on March 12, 2012 at 9:57pm

A project was released not to long ago that I just became aware of that might help with this need: http://drupal.org/project/webform_encrypt

Though encryption is per-component. Still an interesting option.

#13

Posted by Alan D. on March 19, 2012 at 1:19pm

@quicksketch What are your thoughts on the webform_encrypt project?

We have a client coming back to us after getting a third party developer to work on the site and they overrode a hacked webform with an encrypted field component and added this project in its place. From first look at the code from webform_encrypt, it doesn't appear possible to integrate 100% with webform, rather a solution similar to #335833: Credit Card Number Component is better.

I have a sandbox version at http://drupal.org/sandbox/aland/1489666 based on the encrypt project (for D6)

Currently, over 80% of the functionality of webform_encrypt doesn't work on the latest dev version with our current webform setup. Data is entered and encrypted, but view / edit / table / etc are all broken (thus little faith in this project).

nobody click here