Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature to Encrypt user email in database #2627

Closed
Closed
Show file tree
Hide file tree
Changes from 44 commits
Commits
Show all changes
50 commits
Select commit Hold shift + click to select a range
f3af8ed
first
prayanshchh Oct 13, 2024
7583235
email encryption
prayanshchh Oct 13, 2024
3bcb124
conflicts
prayanshchh Oct 17, 2024
a895e95
Merge branch 'develop' into encrypt_email
prayanshchh Oct 18, 2024
cfcb403
added hashedEmails for faster lookups
prayanshchh Oct 20, 2024
5259ac7
Merge branch 'develop' of https://github.com/PalisadoesFoundation/tal…
prayanshchh Oct 20, 2024
908f567
Merge branch 'encrypt_email' of https://github.com/prayanshchh/prayan…
prayanshchh Oct 20, 2024
333ddc1
using crypto for hashing emails
prayanshchh Oct 24, 2024
8799953
tests for hashing and utility function
prayanshchh Oct 27, 2024
a0fba68
coderrabitai suggestion
prayanshchh Oct 29, 2024
7ffee91
suggestions
prayanshchh Oct 29, 2024
7dad60c
last_suggestion
prayanshchh Oct 29, 2024
789069c
fixing tests
prayanshchh Oct 29, 2024
483ac61
new suggestions
prayanshchh Oct 29, 2024
ae7120f
Resolved merge conflicts with upstream/develop
prayanshchh Oct 29, 2024
c3ed5c3
added Tsdoc comments for encryption file
prayanshchh Oct 29, 2024
5b0c87d
Merge branch 'develop' into encrypt_email
prayanshchh Oct 30, 2024
5dcf341
fixing linting errors
prayanshchh Oct 30, 2024
f0eed10
Merge branch 'encrypt_email' of https://github.com/prayanshchh/prayan…
prayanshchh Oct 30, 2024
b92fef9
fixing tests 2
prayanshchh Oct 30, 2024
9abd2db
fixing import errors
prayanshchh Oct 30, 2024
32ac7c4
eslint disable fix
prayanshchh Oct 30, 2024
5a976c5
Merge branch 'develop' into encrypt_email
prayanshchh Nov 4, 2024
b1d22ae
eslint fix
prayanshchh Nov 4, 2024
88d4c4d
commit 25
prayanshchh Nov 4, 2024
07516b6
encryption edit
prayanshchh Nov 4, 2024
6d4dab8
Merge branch 'develop' into encrypt_email
prayanshchh Nov 5, 2024
d513a7b
encryption regex
prayanshchh Nov 5, 2024
8932b62
Merge branch 'encrypt_email' of https://github.com/prayanshchh/prayan…
prayanshchh Nov 5, 2024
7bb92d6
eslint errors fix
prayanshchh Nov 5, 2024
558488d
user.ts fix
prayanshchh Nov 5, 2024
a8ce670
setup.ts lint fix
prayanshchh Nov 5, 2024
6104867
setup.ts import fix
prayanshchh Nov 6, 2024
4d298c1
format fix
prayanshchh Nov 6, 2024
f45df1c
disable line
prayanshchh Nov 7, 2024
476e9a3
format-changed-files
prayanshchh Nov 7, 2024
0a2fcbd
hash_pepper setup
prayanshchh Nov 8, 2024
e68a298
hard code new env variables
prayanshchh Nov 8, 2024
7e0242c
resolving failing tests
prayanshchh Nov 9, 2024
9737ca1
final resolves
prayanshchh Nov 9, 2024
fa3a3ab
increasing code coverage
prayanshchh Nov 10, 2024
be77cba
lint error in code cov
prayanshchh Nov 10, 2024
359d762
fix lint
prayanshchh Nov 10, 2024
cac3465
fix tests
prayanshchh Nov 10, 2024
729aa2e
Merge branch 'develop' into encrypt_email
prayanshchh Nov 11, 2024
3bbf4e0
test fix
prayanshchh Nov 11, 2024
fc0ad07
cleaner-error-handling
prayanshchh Nov 12, 2024
9f3342b
Merge branch 'develop' into encrypt_email
prayanshchh Nov 12, 2024
27916b7
unused vars
prayanshchh Nov 12, 2024
12a7e58
Merge branch 'develop' into encrypt_email
prayanshchh Nov 15, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 17 additions & 1 deletion .env.sample
Original file line number Diff line number Diff line change
Expand Up @@ -104,4 +104,20 @@ MINIO_DATA_DIR=

# this environment variable is for setting the environment variable for Image Upload size

IMAGE_SIZE_LIMIT_KB=3000
IMAGE_SIZE_LIMIT_KB=3000

# This environment variable provides the encryption key for securing user email addresses.
# Format: Base64-encoded 32-byte key
# Generation: Use a cryptographically secure method to generate this key
# WARNING: Keep this value secret and never commit it to version control
ENCRYPTION_KEY=

# This environment variable provides additional entropy for email hashing
# Format: Random string of at least 32 characters
# Generation: Use a cryptographically secure random string generator
# Example generation: openssl rand -hex 32
# Example format: HASH_PEPPER=YOUR_HEX_STRING
# WARNING: Keep this value secret and never commit it to version control
# NOTE: Changing this value will invalidate all existing email hashes.
# Ensure database migration strategy is in place before changing.
HASH_PEPPER=
3 changes: 3 additions & 0 deletions .github/workflows/pull-request.yml
Original file line number Diff line number Diff line change
Expand Up @@ -218,6 +218,9 @@ jobs:
LAST_RESORT_SUPERADMIN_EMAIL: "[email protected]"
COLORIZE_LOGS: "true"
LOG_LEVEL: "info"
ENCRYPTION_KEY: 64730e71158b84687f01237d8f8128cc9cb7804d2d68c36823880456adad48c7
HASH_PEPPER: 56195a1bd9b062fc4a63afff383ec28bf1464706725ae744c9fe7fc459426074
Comment on lines +221 to +222
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codebase verification

⚠️ Potential issue

Based on the evidence gathered, I can now generate the final response:

⚠️ Replace hardcoded test encryption keys with GitHub Actions secrets

The hardcoded encryption keys in the workflow file pose a security risk. The codebase shows proper encryption key handling:

  1. .env.sample demonstrates proper configuration with empty ENCRYPTION_KEY and HASH_PEPPER variables
  2. src/utilities/encryption.ts validates key formats and handles them securely
  3. No other instances of these hardcoded values were found in the codebase

Please make these changes:

  • Remove hardcoded values from the workflow file
  • Use GitHub Actions secrets instead:
      ENCRYPTION_KEY: ${{ secrets.TEST_ENCRYPTION_KEY }}
      HASH_PEPPER: ${{ secrets.TEST_HASH_PEPPER }}
  • Generate new test-specific keys for the GitHub secrets (do not reuse these exposed values)
🔗 Analysis chain

CRITICAL: Remove hardcoded cryptographic keys from workflow file

Exposing cryptographic keys in version control poses a severe security risk, even for test environments. These keys should be managed through GitHub secrets.

Please make the following changes:

  1. Remove the hardcoded values
  2. Use GitHub secrets instead:
-      ENCRYPTION_KEY: 64730e71158b84687f01237d8f8128cc9cb7804d2d68c36823880456adad48c7
-      HASH_PEPPER: 56195a1bd9b062fc4a63afff383ec28bf1464706725ae744c9fe7fc459426074
+      ENCRYPTION_KEY: ${{ secrets.TEST_ENCRYPTION_KEY }}
+      HASH_PEPPER: ${{ secrets.TEST_HASH_PEPPER }}
  1. Set up the corresponding secrets in your repository:
    • Go to Settings → Secrets and variables → Actions
    • Add TEST_ENCRYPTION_KEY and TEST_HASH_PEPPER with test-specific values
    • Ensure these test keys are different from production keys

Consider implementing a key rotation mechanism and documenting the process for generating and managing these cryptographic materials securely.

Let's verify if these keys are used elsewhere in the codebase:

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for potential hardcoded keys
echo "Checking for exposed keys in the codebase..."
rg -i "64730e71158b84687f01237d8f8128cc9cb7804d2d68c36823880456adad48c7|56195a1bd9b062fc4a63afff383ec28bf1464706725ae744c9fe7fc459426074"

Length of output: 238


Script:

#!/bin/bash
# Let's check for any environment files or configuration files that might contain these keys
echo "Checking for environment and config files..."
fd -e env -e env.example -e env.sample -e config -e yml -e yaml

# Let's also check for any encryption-related code to understand the usage
echo -e "\nChecking for encryption-related code..."
rg -i "encryption|encrypt|crypto" -A 3 -B 3

# Check for any test files that might be using these keys
echo -e "\nChecking test files..."
fd -e test.js -e spec.js -e test.ts -e spec.ts

Length of output: 114823


Script:

#!/bin/bash
# Let's check if these keys are used in any environment files or configuration
echo "Checking environment files..."
fd -e env -e env.example -e env.sample -e env.test -x cat {} \; 2>/dev/null

# Let's also check for any encryption key setup or initialization code
echo -e "\nChecking encryption key setup code..."
ast-grep --pattern 'ENCRYPTION_KEY = $_' -l

# Let's check for any test setup files that might be configuring these keys
echo -e "\nChecking test setup files..."
rg -l "ENCRYPTION_KEY|HASH_PEPPER" "tests/setup" "tests/helpers"

Length of output: 516


Script:

#!/bin/bash
# Let's check for any test environment setup files
echo "Checking test environment files..."
find . -type f -name ".env.test" -o -name ".env.example" -o -name ".env.sample" -exec cat {} \;

# Let's check for encryption key initialization in setup code
echo -e "\nChecking encryption setup in code..."
rg -A 5 -B 5 "process\.env\.ENCRYPTION_KEY" src/

# Let's check for test configuration
echo -e "\nChecking test configuration..."
rg -A 5 -B 5 "ENCRYPTION_KEY.*=.*64730e71" .
rg -A 5 -B 5 "HASH_PEPPER.*=.*56195a1b" .

Length of output: 6330

🧰 Tools
🪛 Gitleaks

221-221: Detected a Generic API Key, potentially exposing access to various services and sensitive operations.

(generic-api-key)


# ACCESS_TOKEN_SECRET: ${{ secrets.ACCESS_TOKEN_SECRET }}
# REFRESH_TOKEN_SECRET: ${{ secrets.REFRESH_TOKEN_SECRET }}

Expand Down
3 changes: 2 additions & 1 deletion sample_data/defaultUser.json
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,8 @@
"pluginCreationAllowed": true,
"firstName": "Default",
"lastName": "Admin",
"email": "[email protected]",
"email": "SAMPLE_IV:SAMPLE_SALT:SAMPLE_ENCRYPTED_EMAIL",
"hashedEmail": "SAMPLE_HASHED_EMAIL_VALUE",
"password": "$2a$12$bSYpay6TRMpTOaAmYPFXku4avwmqfFBtmgg39TabxmtFEiz4plFtW",
"image": null,
"createdAt": "2023-04-13T04:53:17.742Z",
Expand Down
Loading
Loading