Add support for database encryption

[J0WI]

Is your feature request related to a problem? Please describe.
The NextCloud database contains sensitive/personal data about users. Sensitive data could be leaked due a vulnerability in NextCloud. On most installations, the database is hosted on a third parity infrastructure, that could also leak data.

Describe the solution you'd like
PostgreSQL, MariaDB and MySQL all support symmetric and asymmetric encryption of columns natively.
It would be great to have the ability to optionally encrypt sensitive/personal content of the database.
Similar to the file encryption module, this can be done with a master key and/or user specific keys.
This will make it much harder to steal useful data, because you'd also need all user keys to decrypt the content.

Describe alternatives you've considered
MariaDB does also support database encryption:
https://mariadb.com/resources/blog/table-and-tablespace-encryption-on-mariadb-10-1/
https://mariadb.com/kb/en/library/why-encrypt-mariadb-data/
But this would not protect users if data is leaked due a vulnerability in NextCloud (e.g. SQLI).

[tflidd]

There was a request for the calendar: #5927

[J0WI]

Nextcloud should probably encrypt the data before sending them to a database: doctrine/orm#1744 (comment)

[intika]

Quote from nextcloud/spreed#1437 (comment)

Or do the encryption to the whole db, and encrypt/decrypt on each call...
I guess that such implementation would implicate adding an interface to manage the db in an un-encrypted manner
Or create a secondary db that would be un-encrypted and it would get generated/deleted with a button on the settings panel. (in the case of a full encrypted db of course)

[blu-IT]

Even SQLite extension does offer database enryption now:

https://www.zetetic.net/sqlcipher/

https://github.com/sqlcipher/sqlcipher

[summersab]

I'm going to pitch in my support for this idea. In conjunction with the following PR, it would be nice to be able to use per-user encryption keys to encrypt private data in the database:
#27929

I tried to write middleware to perform the encryption of JSON data set during PUT and POST requests, but this won't work because the controllers often perform input validation (as they should). I then thought about writing some sort of middleware for Doctrine, but I would have to know which fields to encrypt and which to leave alone. I'm sure there's a way to approach this problem, but I'm not sure how.

Any thoughts? I'd be happy to work on it if someone could provide a little direction.

[rosa2]

I am also interested in this. We have sensible data in the database and would like to encrypt. Thanks a lot :)