[wp-trac] [WordPress Trac] #61706: Support for storing and getting encrypted options

WordPress Trac noreply at wordpress.org
Tue Feb 18 16:19:01 UTC 2025 

#61706: Support for storing and getting encrypted options
-------------------------------------------+------------------------------
 Reporter:  vedjain                        |       Owner:  (none)
     Type:  enhancement                    |      Status:  new
 Priority:  normal                         |   Milestone:  Awaiting Review
Component:  Security                       |     Version:
 Severity:  normal                         |  Resolution:
 Keywords:  reporter-feedback 2nd-opinion  |     Focuses:
-------------------------------------------+------------------------------
Changes (by johnbillion):

 * keywords:   => reporter-feedback 2nd-opinion


Comment:

 Thanks for the ticket @vedjain. Do you have ideas about how best to
 implement two-way encryption of data? The main stumbling block for such a
 mechanism is that it needs to be backed by a secret key that's not stored
 in the database and doesn't change. The security keys and salts in wp-
 config.php aren't sufficient for this because they can be rotated.

 In a tightly-controlled environment it's possible to use environment
 variables or a secrets management solution for such a key, but this likely
 isn't applicable to many sites.

 [https://felix-arntz.me/blog/storing-confidential-data-in-wordpress/ Felix
 Arntz wrote a good article covering this topic].
 [https://github.com/google/site-kit-
 wp/blob/develop/includes/Core/Storage/Data_Encryption.php The
 `Data_Encryption` class in Site Kit by Google] is essentially a wrapper
 for `openssl_encrypt()` but depends on a fixed constant being set for its
 secret key. The fact that it falls back to `LOGGED_IN_KEY` means that
 there's a risk of data loss because the encrypted data cannot be decrypted
 if this key changes.

 If we were to implement a data encryption mechanism in WordPress it would
 need to be backed by a secret key that is not subject to change like the
 current secret key and salts.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/61706#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list