CipherStash Docs
StackLatestDrizzleFunctions

encryptedType

API reference for encryptedType

@cipherstash/stack

Function: encryptedType()

function encryptedType<TData>(name, config?): PgCustomColumnBuilder<{
  name: string;
  dataType: "custom";
  columnType: "PgCustomColumn";
  data: TData;
  driverParam: string;
  enumValues: undefined;
}>;

Defined in: .tmp-stack/packages/stack/src/drizzle/index.ts:89

Creates an encrypted column type for Drizzle ORM with configurable searchable encryption options.

When data is encrypted, the actual stored value is an EQL v2 encrypted composite type which includes any searchable encryption indexes defined for the column. Importantly, the original data type is not known until it is decrypted. Therefore, this function allows specifying the original data type via the dataType option in the configuration. This ensures that when data is decrypted, it can be correctly interpreted as the intended TypeScript type.

Type Parameters

TData

TData

The TypeScript type of the data stored in the column

Parameters

name

string

The column name in the database

config?

EncryptedColumnConfig

Optional configuration for data type and searchable encryption indexes

Returns

PgCustomColumnBuilder<{ name: string; dataType: "custom"; columnType: "PgCustomColumn"; data: TData; driverParam: string; enumValues: undefined; }>

A Drizzle column type that can be used in pgTable definitions

Searchable Encryption Options

  • dataType: Specifies the original data type of the column (e.g., 'string', 'number', 'json'). Default is 'string'.
  • freeTextSearch: Enables free text search index. Can be a boolean for default options, or an object for custom configuration.
  • equality: Enables equality index. Can be a boolean for default options, or an array of token filters.
  • orderAndRange: Enables order and range index for sorting and range queries.
  • searchableJson: Enables searchable JSON index for JSONB path queries on encrypted JSON columns.

See EncryptedColumnConfig.

Example

Defining a drizzle table schema for postgres table with encrypted columns.

import { pgTable, integer, timestamp } from 'drizzle-orm/pg-core'
import { encryptedType } from '@cipherstash/stack/drizzle'

const users = pgTable('users', {
  email: encryptedType('email', {
    freeTextSearch: true,
    equality: true,
    orderAndRange: true,
  }),
  age: encryptedType('age', {
    dataType: 'number',
    equality: true,
    orderAndRange: true,
  }),
  profile: encryptedType('profile', {
    dataType: 'json',
  }),
})

createEncryptionOperators

Create Drizzle query operators (`eq`, `lt`, `gt`, etc.) that work with encrypted columns. The returned operators encrypt query values before passing them to ...

extractEncryptionSchema

Extract a CipherStash encryption schema from a Drizzle table definition. Inspects columns created with encryptedType and builds the equivalent `encryptedTab...

On this page

Function: encryptedType()Type ParametersTDataParametersnameconfig?ReturnsSearchable Encryption OptionsExample