String Encryption: How to Encrypt a String in 5 Minutes

Ready to get started with string encryption? Using Evervault, you can encrypt a string in less than 5 minutes.

Here’s how to do it!

You can watch a video version of this tutorial here.

Prerequisites

We need access to two things before we get started:

1. Your terminal (I’m using iTerm2)
2. An Evervault account (you can sign up for a free account here)

How to Encrypt a String

Let's start by going to requestbin.com/r and creating a new RequestBin. RequestBin is a free service that lets you generate temporary API endpoints, making it easy to inspect HTTPS requests that we'll be sending via cURL.

You’ll be brought to the RequestBin Inspector, which will look like this:

Copy the endpoint provided; you'll need it for the cURL request that you send from your terminal:

1curl -X POST https://<your pipedream endpoint>.m.pipedream.net --header 'Content-Type: application/json' --data '{"String": "This is my first string"}'

Hit enter in your terminal, refresh your RequestBin webpage, and you’ll see the request come through in the left-hand panel. Select it, and you should see something like this in the panel on the right:

Now that we have the endpoint set up, we’ll use Relay (Evervault's transparent encryption proxy) to encrypt the data before it hits the endpoint.

Switch over to your Evervault Dashboard here.

Switch to the Inbound Relay tab in the dashboard and hit ‘Create Inbound Relay.’

We will use the RequestBin endpoint as the destination to forward all requests to.

Once you’ve created an Inbound Relay, you’ll be given a Relay Domain which we can now send requests to. You can test it out by running the following cURL command:

1curl -X POST https://your_relay_domain.relay.evervault.com --header 'Content-Type: application/json' --data '{"String": "This is my first string"}'

You’ll see the requests come through on your RequestBin.

The main difference is that the number of HTTP headers in your request has increased. Evervault appends a few headers when a request goes through the encryption proxy.

You’ve probably noticed that the body of your request (your JSON string) is unencrypted. We will change that by adding a field to encrypt in our Dashboard. You can easily do this by going to the Encrypted Fields section the Dashboard and clicking Configure using Relay's Traffic.

Save and confirm the fields that you want to encrypt, and you’re good to go.

Send the same request:

1curl -X POST https://your_relay_domain.relay.evervault.com --header 'Content-Type: application/json' --data '{"String": "This is my first string"}'

Now check your RequestBin - you’ll see the body of the request has been encrypted!

Update your cURL to the following and you’ll see that unencrypted and encrypted fields can come through in the same request:

1curl -X POST 'https://your_relay_domain.relay.evervault.com --header 'Content-Type: application/json' --data '{"String": "This is my first string", "Name": "Your name"}'

Ready for String Encryption at Scale?

We’ve got just the thing. Evervault uses an invisible encryption proxy to automatically intercept and encrypt selected sensitive fields before they touch your server with minimal changes to your existing code.

Ready to get started? Create your free Evervault account today.