Field-level encryption

[danyhiol]

What are the recommendations of encrypting/decrypting field (definition and input).
let's uppose the following type:

type Person { name: String @encrypt, ...other field }
Now I want to encrypt values of person.name.
My directive template:

...
class EncryptedString extends GraphQLScalarType {
  constructor(config: SomeType) {
      const { name = 'SomeName' } = config;
      const cipher = new AesCipher({ key: config.key, iv: config.iv }); // Some util for encryption
      super({
        name,
        description: 'description',
        serialize(value: string) {
          return cipher.encrypt(value);
        },
        parseValue(value: any) {
          return cipher.decrypt(value);
        },
        parseLiteral(ast: ValueNode) {
          if (ast.kind === 'StringValue') return cipher.encrypt(ast.value);
          return null;
        },
      });
    }
}
...
[MapperKind.OBJECT_FIELD]: (fieldConfig, schem) => {
      const encryptedDirective = getDirective(schema, fieldConfig, directiveName)?.[0];
      if (encryptedDirective) {
        const { resolve = defaultFieldResolver } = fieldConfig;

        fieldConfig.resolve = async function (source, args, context, info) {
          const keyManager = KeyManagerService.secureGetKeyForTenant(context.userId); // From DB
          const result = await resolve(source, args, context, info);  

         if (typeof result === 'string' && keyManager?.key) {
            const newResult = new EncryptedType({ key: keyManager.key });

            return newResult;
          }

          return result;
          return resolve(source, args, context, info);
        };
        return fieldConfig;
      }
}
...

The above code produces an error. EncryptedString returns its name.
I need to resolve the fieldConfig here because I need the userId. On the other hand, I need EncryptedString-Scalar because I want to perform some encryption based on whether it's parsedValue, serialize, or parseLiteral.

From my guess, const newResult = new EncryptedType({ key: keyManager.key }); return a type not a value. this may be the reson the code is breaking.
Is there a way to call parsedValue, serialize, and parseLiteral directly inside fieldConfig.resolve? Or is there a way to access apollo context (userId) outside of fieldConfig.resolve?