search

ZenHarbinger / grails-jasypt

Grails Jasypt Plugin
Apache License 2.0
21 stars 3 forks source link

How can encrypt data that is already in the database? #7

Closed Viroide closed 8 years ago

Viroide commented 8 years ago

I have some fields in my DB populated, for example lastName, that I want to handle with this plugin, but if I add lastName type: GormEncryptedStringType I have this error: 

Line | Method
->>  974 | decrypt     in org.jasypt.encryption.pbe.StandardPBEByteEncryptor
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
|    725 | decrypt     in org.jasypt.encryption.pbe.StandardPBEStringEncryptor
|    143 | nullSafeGet in org.jasypt.hibernate4.type.AbstractEncryptedAsStringType
|     45 | nullSafeGet in DefaultParametersUserType.groovy
|    428 | findAll . . in org.grails.datastore.gorm.GormStaticApi
|     19 | list        in EncryptationController.groovy
|    198 | doFilter .  in PageFragmentCachingFilter.java
|     63 | doFilter    in AbstractFilter.java
|     53 | doFilter .  in GrailsAnonymousAuthenticationFilter.java
|    108 | doFilter    in RestAuthenticationFilter.groovy
|     49 | doFilter .  in RequestHolderAuthenticationFilter.java
|     82 | doFilter    in MutableLogoutFilter.java
|     63 | doFilter .  in RestLogoutFilter.groovy
|   1145 | runWorker   in java.util.concurrent.ThreadPoolExecutor
|    615 | run . . . . in java.util.concurrent.ThreadPoolExecutor$Worker
^    745 | run         in java.lang.Thread

I supposed that is because this field is not null, and is not yet encrypted. So my question is, how can I encrypt this fields with the same config as the plugin but without using it?

dtanner commented 8 years ago

There isn't a seamless way to migrate data built into the library. You'll need to build a migration yourself. e.g. Maybe something like add a column called lastNameEncrypted, which is mapped to the encrypted field. Then write some code that will populate the encrypted property from the unencrypted property's value and save the entity.

Viroide commented 8 years ago

There was so much fields that what I did was to make a "temporal" table were I clone de real table. Ones this was done I truncate original table and make the fields as encrypt type fields. Then I populate the original with the temp one. And now all is working just fine!

Thanks for all, your plugin is great. (You can close the issue)

dtanner commented 8 years ago

great - good to hear.