Try our conversational search powered by Generative AI!

AI OnAI Off

Use Symmetric as default technique to encrypt data

Fixed in

EPiServer.Forms 4.6.0

(Or a related package)

Created

Jun 08, 2017

Updated

Jun 30, 2017

Area

Built-in elements

State

Closed, Acceptance tests pass

Description

  • We use the symmetric algorithm to encrypt data.
  • The key of symmetric algorithm is stored at Azure KeyVault.
  • We support 3 key sizes for symmetric algorithm: 16, 24, and 32 bytes.
  • Session state must be enabled.
  • If a session expires, users must fill everything from the beginning.
  • For encryption mode, every field must have a data type of string, because data is encrypted.

Therefore, those fields with data type of int cannot receive data submitted by user. This has been fixed by changing the form structure in DDS so that columns must have the string data type.
This change impacts the sort functionality. Normally, you can sort data based on columns whose data type is Int. But in encryption mode, everything is a string, which means that the sort function no longer works in encryption mode.

See also: http://world.episerver.com/documentation/developer-guides/forms/encrypting-forms/

Regarding Azure keyvault, visit two sites below.

https://blogs.technet.microsoft.com/kv/2015/06/02/azure-key-vault-step-by-step/
https://docs.microsoft.com/en-us/azure/key-vault/key-vault-get-started