Version: 7.0

Server-side encryption

Server-side encryption provides an additional layer of data protection. All data is encrypted on the server before writing to the database, regardless of client-side encryption status.

Overview

Purpose

Scenario	Protection
Database leak	Data encrypted with server key
Backups	Backups contain only ciphertext
Physical server access	Data unreadable without key
CSE disabled	Server encryption always works

How it works

Data from client
       ↓
[Server encryption AES-256-CFB]
       ↓
Database (ciphertext)

Encryption algorithm

Parameters

Parameter	Value
Algorithm	AES-256-CFB
Key length	256 bits
Mode	CFB (Cipher Feedback)
IV	128 bits, random per encryption
Library	OpenSSL (via PHP)

CFB mode

CFB (Cipher Feedback) mode characteristics:

Converts block cipher to stream cipher
No padding required
Each block depends on previous
IV must be unique for each encryption

Encrypted data structure

[IV (128 bits)] + [Ciphertext]

IV is stored in plaintext with the ciphertext and used for decryption.

Server encryption key

Key generation

Key is generated once during system installation:

Parameter	Value
Size	256 bits
Source	Cryptographically secure generator
Entropy	256 bits
Storage format	`base64:{base64_encoded_key}`

Key storage

Key can be stored in two ways:

Method 1: In file (default)

Parameter	Value
Default path	`{PROJECT_DIR}/init/encryption_key`
Path override	Environment variable `ENCRYPTION_KEY_PATH`
Format	`base64:{base64_encoded_key}`

Method 2: In environment variable

Key can be passed directly via environment variable, bypassing file.

Access permissions setup

When storing key in file, mandatory access permission setup:

# Owner — application user (e.g., www-data)
chown www-data:www-data /path/to/encryption_key

# Read-only for owner
chmod 400 /path/to/encryption_key

Elevated storage requirements

If your organization has strict security policies or regulatory requirements for cryptographic key storage (HSM, external secret stores, certified solutions), contact Passwork technical support to discuss integration options.

Key integrity verification

Key integrity is verified on application startup:

Load key from file
Compute SHA-512 hash of key
Compare with stored hash in database
On mismatch — startup error

This prevents using incorrect key and data corruption.

What is encrypted on server

Server key encrypts the following data:

Record data (passwords, custom fields, attachments)
Vault keys
Record keys
External link data
LDAP integration passwords
SMTP server passwords

Encryption is performed automatically before database save, decryption — on read.

Configuration

Environment variables

Variable	Description	Default value
`ENCRYPTION_KEY_PATH`	Key file path	`%init_dir%/encryption_key`
`ENCRYPTION_CIPHER`	Encryption algorithm	`AES-256-CFB`

Cipher configuration

Supported algorithms

The system supports any encryption algorithm available in OpenSSL on the server. This allows choosing an algorithm according to your organization's or regulatory requirements.

Supported algorithm examples:

Type	Algorithms
AES (256 bit)	AES-256-CFB (default), AES-256-GCM, AES-256-CBC, AES-256-CTR
AES (128 bit)	AES-128-GCM, AES-128-CBC, AES-128-CTR
ChaCha20	ChaCha20-Poly1305
National standards	Camellia, ARIA, GOST (if supported by OpenSSL)

Full list of available algorithms depends on OpenSSL version installed on server.

Viewing available algorithms

To view all algorithms available on server:

php bin/console app:cipher-methods:list

Command outputs list of all supported cipher methods and their aliases from OpenSSL.

Changing algorithm

Method 1: Via configuration file

Create or edit init/config.env:

ENCRYPTION_CIPHER=AES-256-GCM

Method 2: Via environment variable

export ENCRYPTION_CIPHER="AES-256-GCM"

Algorithm change

Algorithm change requires re-encryption of all data (similar to key rotation)
Create backup before changing
Plan maintenance window for large databases

Algorithm validation

System validates algorithm correctness on first encryption. If unsupported algorithm specified, operation fails with error.

To check algorithm availability:

// Check algorithm support
in_array('AES-256-GCM', openssl_get_cipher_methods())

Interaction with client-side encryption

Two-level model

Data flow with CSE enabled:

User enters password
Client (browser) encrypts data with record key (AES-256-CBC) — Level 1 (CSE)
Server receives already encrypted data
Server encrypts with server key (OpenSSL AES-256-CFB) — Level 2 (Server-side)
Database stores double ciphertext

With CSE disabled:

Data arrives in plaintext
Only server encryption applies
Database stores one encryption level

Security guarantees

Scenario	CSE enabled	CSE disabled
Database leak	Two protection levels	Server encryption
Server compromise	CSE protects data	⚠️ Data accessible
Database administrator	Cannot read	Sees ciphertext

LLM version

Overview​

Purpose​

How it works​

Encryption algorithm​

Parameters​

CFB mode​

Encrypted data structure​

Server encryption key​

Key generation​

Key storage​

Access permissions setup​

Key integrity verification​

What is encrypted on server​

Configuration​

Environment variables​

Cipher configuration​

Supported algorithms​

Viewing available algorithms​

Changing algorithm​

Algorithm validation​

Interaction with client-side encryption​

Two-level model​

Security guarantees​