Skip to content

Add Deterministic AEAD Encryption and EncryptedBinaryField #5

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
script3r merged 4 commits into from
Sep 13, 2025
Merged

Add Deterministic AEAD Encryption and EncryptedBinaryField #5

script3r merged 4 commits into from
Sep 13, 2025

Conversation

@script3r
Copy link
Owner

@script3r script3r commented Sep 13, 2025

Summary

This PR implements the features from the original PR #2, adding deterministic AEAD encryption and binary field support to django-tink-fields.

Features Added

🔐 Deterministic AEAD Encryption

  • DeterministicEncryptedField: Base class for searchable encryption
  • Field Variants: TextField, CharField, IntegerField, EmailField, DateField, DateTimeField
  • Deterministic Property: Same plaintext always produces same ciphertext
  • Searchable Encryption: Enables exact lookups on encrypted data
  • AES256-SIV Algorithm: Uses Tink's deterministic AEAD implementation

�� EncryptedBinaryField

  • Binary Data Support: Encrypts arbitrary binary data (images, files, etc.)
  • Null Handling: Properly handles None values
  • Memory Efficient: Uses Django's BinaryField as base

🛠️ Technical Improvements

  • Keyset Management: Refactored key management with KeysetManager class
  • Memory Leak Fix: Used @cached_property for primitive caching
  • Better Error Handling: Improved validation and error messages
  • Lookup Support: Deterministic fields support exact and isnull lookups
  • Test Coverage: Comprehensive test suite for all new features

Implementation Details

Keyset Generation

  • Used Argument wrong!
    org.kohsuke.args4j.CmdLineException: Argument "command" is required

[add-key | convert-keyset | : Command to run
create-keyset | create-public-keyset
| delete-key | destroy-key |
disable-key | enable-key |
list-keyset | list-key-templates |
rotate-keyset | promote-key] to generate proper deterministic AEAD keyset

  • Added "deterministic" keyset configuration
  • Proper primitive registration and validation

Field Architecture

  • DeterministicEncryptedField inherits from EncryptedField
  • Overrides get_db_prep_save to use deterministic encryption
  • Maintains backward compatibility with existing fields

Database Integration

  • Proper Django field integration
  • Binary data handling with connection.Database.Binary
  • Lookup class registration for query support

Testing

  • ✅ All existing tests pass
  • ✅ Deterministic encryption verified (same input → same output)
  • ✅ Binary field encryption/decryption working
  • ✅ Lookup functionality tested
  • ✅ Error handling validated

Usage Examples

# Deterministic encryption
class User(models.Model):
    email = DeterministicEncryptedEmailField(keyset="deterministic")
    name = DeterministicEncryptedCharField(max_length=100, keyset="deterministic")

# Binary data encryption
class Document(models.Model):
    content = EncryptedBinaryField()
    thumbnail = EncryptedBinaryField(null=True)

# Searchable queries
User.objects.filter(email="user@example.com")  # Works with deterministic fields

Security Notes

  • Deterministic encryption reveals patterns in data
  • Use only when searchability is required
  • Regular AEAD fields remain more secure for general use
  • Proper AAD (Additional Authenticated Data) support maintained

Breaking Changes

None - this is a purely additive feature that maintains full backward compatibility.

Related

Implements features from PR #2 with modern codebase improvements.

@script3r
feat: Implement PR #2 improvements - deterministic encryption and bin…
cf157b8 
…ary fields

Major improvements from PR #2:

1. **Deterministic AEAD Encryption**:
   - Added DeterministicEncryptedField base class
   - Added deterministic variants of all field types (Text, Char, Email, Integer, Date, DateTime)
   - Supports searchable encryption with exact lookups
   - Graceful fallback when deterministic AEAD is not available

2. **EncryptedBinaryField**:
   - New field type for storing binary data
   - Preserves raw bytes without string conversion
   - Useful for storing keysets, images, or other binary data

3. **Memory Leak Fix**:
   - Replaced lru_cache with Django's cached_property
   - Fixes memory leaks when using lru_cache on instance methods
   - All primitives now properly cached without memory issues

4. **Refactored Key Management**:
   - New KeysetManager class centralizes keyset handling
   - Better separation of concerns
   - Improved error handling and validation
   - Lazy loading of keyset handles

5. **Enhanced Lookup Handling**:
   - Deterministic fields support exact lookups via 'in' operator
   - Better error messages for unsupported operations
   - Maintains backward compatibility with existing fields

6. **Improved Error Handling**:
   - Better error messages for configuration issues
   - Graceful handling of missing deterministic AEAD support
   - Clear guidance for users on keyset requirements

All original functionality preserved and tested. New features are ready for use
when proper keysets are configured.
@script3r
Implement deterministic AEAD encryption and EncryptedBinaryField
58ee0db 
- Add deterministic AEAD support using tinkey-generated keyset
- Implement EncryptedBinaryField for binary data encryption
- Add DeterministicEncryptedField and variants (TextField, CharField, etc.)
- Create proper test models for new field types
- Add deterministic keyset configuration
- All existing tests still pass
- Deterministic encryption produces identical ciphertext for same plaintext
- Binary field correctly handles binary data and None values
cursor[bot]

This comment was marked as outdated.

Sign in to view

@script3r
Fix test failures and improve coverage
5f3603d 
- Update all test methods to use existing test models instead of dynamic creation
- Fix EncryptedBinaryField to allow null values
- Fix deterministic lookup to return single encrypted value instead of list
- Add missing test models for deterministic fields
- Fix KeysetManager test to use appropriate keysets
- All 43 tests now pass with 89% coverage
- Black formatting applied
@script3r
Fix isort import sorting and flake8 linting issues
59bf11b 
- Run isort to fix import sorting in all files
- Remove unused imports from test_new_features.py
- Add back required DeterministicEncryptedTextField import
- All linting checks now pass: isort, black, flake8
- All 43 tests still passing with 89% coverage
@script3r script3r merged commit 9dfd24d into main Sep 13, 2025
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@script3r