Skip to main content

Encryption-Process

Encrypting 'Report Ghosting' Data

Encrypting 'Report Ghosting' data before sending it to our servers is crucial for protecting the privacy and integrity of the information. This process uses the pluginKey provided in your account to encrypt the data following the AES-CBC encryption standard. Here's a step-by-step guide on how to do it.

tip

Ensure your encryption key is in the correct format (e.g., hex or base64) and matches the encryption algorithm requirements (32 bytes for AES-256).

Encryption Process

The encryption process involves a few key steps:

Prepare the Data: Format the data you want to encrypt as a JSON object. This object should include all the necessary information about the 'Report Ghosting' incident.

Example JSON Object:

{
  "email": "example@example.com",
  "reason": "No response after several follow-ups",
  "date": "2024-03-26"
}

Stringify the JSON Object: Convert the JSON object to a string using JSON.stringify(). This is necessary because encryption functions work with strings or byte data.

JavaScript Code

let jsonData = {
  "email": "example@example.com",
  "reason": "No response after several follow-ups",
  "date": "2024-03-26"
};
let jsonString = JSON.stringify(jsonData);

Generate an Initialization Vector (IV): For AES-CBC encryption, an IV is required. The IV should be randomly generated for each encryption operation to ensure security. The IV length should be 16 bytes (128 bits).

JavaScript Code to Generate IV:

const iv = crypto.randomBytes(16); // Generates a random 16-byte IV

Encrypt the Data: Use the pluginKey and the IV to encrypt the stringified JSON data. The encrypted data should then be combined with the IV for transmission because the IV is needed for decryption.

JavaScript Code to Encrypt

const crypto = require('crypto');
const key = Buffer.from(pluginKey, 'hex'); // Ensure the pluginKey is in the correct format

// Create an AES-CBC cipher using the pluginKey and IV
const cipher = crypto.createCipheriv('aes-256-cbc', key, iv);

// Encrypt the data
let encrypted = cipher.update(jsonString, 'utf8', 'base64');
encrypted += cipher.final('base64');

// Combine the IV and the encrypted data
const ivBase64 = iv.toString('base64');
const encryptedDataWithIv = `${ivBase64}:${encrypted}`;

Encode the Encrypted Data: Encode the combined encrypted data and IV as a base64 string for easy transmission over HTTP.

JavaScript Code to Encode

const base64EncodedData = Buffer.from(ivBase64 + ':' + encrypted).toString('base64');
console.log('Encrypted Data:', base64EncodedData);

warning

Never reuse the same IV with the same key for different encryption operations as it compromises security.