Hi all,

Consider the following scenario:
- System has some sensitive data stored in DB
- This sensitive data is encrypted using aes_encrypt, and then saved to DB
- aes key changes
- Sensitive data is gone :S

How about creating a hook_aes_key_change (better naming is welcome, this is just to explain the idea). This hook would provide both the old key, and the new key, and who this key belongs to. This would allow us to decrypt, and then re-encrypt the data with the new key. Thus avoiding losing the data.

Feedback?

Comments

Version:7.x-1.x-dev» 8.x-2.x-dev
Assigned:Unassigned» dpovshed
Issue summary:View changes
Parent issue:» #2228373: [meta] Port the module to Drupal 8

Will be implemented in 8.x