joacir / cake-aes
Encrypt and decrypt fields using AES-256 plugin for CakePHP
Installs: 4
Dependents: 0
Suggesters: 0
Security: 0
Stars: 2
Watchers: 1
Forks: 2
Open Issues: 0
Type:cakephp-plugin
Requires
- php: >=7.4
- cakephp/cakephp: ^5.0.0
Requires (Dev)
- cakephp/cakephp-codesniffer: ^4.5
- phpstan/phpstan: @stable
- phpunit/phpunit: ^9.5
This package is not auto-updated.
Last update: 2024-04-19 19:20:07 UTC
README
CakePHP plugin to encrypt/decrypt table fields using AES-256 algorithm on MySQL/MariaDB databases. This branch is for use with CakePHP 4.2+
Install
Install it as require dependency:
composer require joacir/CakeAes
Setup
Enable the plugin in your Application.php or call
bin/cake plugin load CakeAes
Configure a new security hash in app_local.php:
'Security' => [
'key' => '34601affc03a12d4b963b6123ab3afcb',
],
- This will be the key used by the plugin for encryption.
- NEVER use the same key for different apps.
- Once generated, NEVER change the key.
- The key must contain at least 32 digits in hexadecimal.
Change the type field of the fields you want to encrypt on your tables to a binary type:
char(20) -> blob
vachar(200) -> varbinary(200)
text -> blob
- Only string types works. Use only VarBinary or Blob types.
Load the behavior on your table initialize() method:
$this->addBehavior('CakeAes.Encrypt', [
'fields' => ['name', 'card', 'phone']
]);
Usage
To encrypt fields
Nothing is necessary, the EncryptBehavior do the encryption automatically when you set the fields in settings.
To decrypt fields, conditions, order and contain
The find() ou get() works without changes, in complex queries you can use decryptField() or decryptString().
$new = $this->Temps->get($temp->id, ['fields' => [
'id',
'name' => $this->Temps->decryptField('Temps.name')
]]);
$temp = $this->Temps->find()
->select(['name' => $this->Temps->decryptField('Temps.name')])
->where(['id' => 2])
->first();
You can use decryptEq() in conditions:
$temp = $this->Temps->find()
->select(['name' => $this->Temps->decryptField('Temps.name')])
->where([$this->Temps->decryptEq('Temps.name', $name)])
->first();
$temp = $this->Temps->find()
->select([
'id',
'name' => $this->Temps->decryptField('Temps.name')
])
->where([$this->Temps->decryptLike('Temps.name', '%Sa%')])
->first();
In updateAll() you can use encrypt() to encrypt:
$name = $this->Temps->encrypt("José");
$fields = ['name' => $name];
$conditions = [
$this->Temps->decryptEq('Temps.name', 'Maria')
];
$this->Temps->updateAll($fields, $conditions);
To encrypt/decrypt a file
$imageFile = dirname(__FILE__) . DS . 'imagem.jpg';
$Temps->encryptFile($imageFile);
$imageFile = dirname(__FILE__) . DS . 'imagem_crypted.jpg';
$Temps->decryptFile($imageFile);
To decrypt a file in a controller
Load de Encrypt Component:
public function initialize(): void
{
$this->loadComponent('CakeAes.Encrypt');
}
To decrypt and render the content:
$imageFile = dirname(__FILE__) . DS . 'imagem_encrypted.jpg';
return $this->Encrypt->decryptRender($imageFile);
To decrypt and download a file:
$imageFile = dirname(__FILE__) . DS . 'imagem_encrypted.jpg';
return $this->Encrypt->decryptDownload($imageFile);