fynn-digital / doctrine-encrypt-bundle
Encrypted symfony entity's by verified and standardized libraries
Requires
- php: ^7.2
- doctrine/orm: ^2.5
- paragonie/halite: ^4.6
- paragonie/sodium_compat: ^1.5
- symfony/config: ^4.1|^5.0
- symfony/dependency-injection: ^4.1|^5.0
- symfony/http-kernel: ^4.1|^5.0
- symfony/property-access: ^4.1|^5.0
- symfony/yaml: ^4.1|^5.0
Requires (Dev)
- defuse/php-encryption: ^2.1
- phpunit/phpunit: ^6.5
Suggests
- ext-sodium: Required to use halite encryption library.
- defuse/php-encryption: Alternative for halite for use with older php-versions
README
Introduction
This is a fork from the original bundle created by ambta which can be found here: ambta/DoctrineEncryptBundle
This bundle has updated security by not rolling it's own encryption and using verified standardized library's from the field.
Using Halite
All deps are already installed with this package
// Config.yml ambta_doctrine_encrypt: encryptor_class: Halite
Using Defuse
You will need to require Defuse yourself
composer require "defuse/php-encryption ^2.0"
// Config.yml ambta_doctrine_encrypt: encryptor_class: Defuse
Secret key
The secret key should be a max 32 byte hexadecimal string ([0-9a-fA-F]).
Secret key is generated if there is no key found. This is automatically generated and stored in the folder defined in the configuration
// Config.yml ambta_doctrine_encrypt: secret_directory_path: '%kernel.project_dir%' # Default value
Filename example: .DefuseEncryptor.key or .HaliteEncryptor.key
Do not forget to add these files to your .gitignore file, you do not want this on your repository!
Own secret key file path
To use your own secret key file path use following config:
// Config.yml ambta_doctrine_encrypt: secret_key_file_path: '%kernel.project_dir%/my.key'