How to encrypt a string in less than 5 minutes

September 28, 2022 byShane Curran

Using Evervault, you can start encrypting in less than 5 minutes.

Here’s how to do it!

You can watch a video version of this tutorial here.

Prerequisites

We need access to two things before we get started:

  1. Your terminal (I’m using iTerm2)
  2. An Evervault account (you can sign up for a free account here)

Walkthrough

Let's start by going to requestbin.com/r and creating a new RequestBin. RequestBin is a free service that lets you generate temporary API endpoints, making it easy to inspect HTTPS requests that we'll be sending via cURL.

You’ll be brought to the RequestBin Inspector, which will look like this:

Copy the endpoint provided; you'll need it for the cURL request that you send from your terminal:

1curl -X POST https://<your pipedream endpoint>.m.pipedream.net --header 'Content-Type: application/json' --data '{"String": "This is my first string"}'

Hit enter in your terminal, refresh your RequestBin webpage, and you’ll see the request come through in the left-hand panel. Select it, and you should see something like this in the panel on the right:

Now that we have the endpoint set up, we’ll use Relay (Evervault's transparent encryption proxy) to encrypt the data before it hits the endpoint.

Switch over to your Evervault Dashboard here.

Switch to the Inbound Relay tab in the dashboard and hit ‘Create Inbound Relay.’

We will use the RequestBin endpoint as the destination to forward all requests to.

Once you’ve created an Inbound Relay, you’ll be given a Relay Domain which we can now send requests to. You can test it out by running the following cURL command:

1curl -X POST https://your_relay_domain.relay.evervault.com --header 'Content-Type: application/json' --data '{"String": "This is my first string"}'

You’ll see the requests come through on your RequestBin.

The main difference is that the number of HTTP headers in your request has increased. Evervault appends a few headers when a request goes through the encryption proxy.

You’ve probably noticed that the body of your request (your JSON string) is unencrypted. We will change that by adding a field to encrypt in our Dashboard. You can easily do this by going to the Encrypted Fields section the Dashboard and clicking Configure using Relay's Traffic.

Save and confirm the fields that you want to encrypt, and you’re good to go.

Send the same request:

1curl -X POST https://your_relay_domain.relay.evervault.com --header 'Content-Type: application/json' --data '{"String": "This is my first string"}'

Now check your RequestBin - you’ll see the body of the request has been encrypted!

Update your cURL to the following and you’ll see that unencrypted and encrypted fields can come through in the same request:

1curl -X POST 'https://your_relay_domain.relay.evervault.com --header 'Content-Type: application/json' --data '{"String": "This is my first string", "Name": "Your name"}'

If you’re ready to get started, you can create your free Evervault account today.