matt9mg / doctrine-encryption-bundle
Doctrine encryption bundle for Symfony to aid with GDPR and general field encryption
Installs: 6 781
Dependents: 0
Suggesters: 0
Security: 0
Stars: 1
Watchers: 3
Forks: 2
Open Issues: 0
Type:symfony-bundle
Requires
- php: >=7
This package is auto-updated.
Last update: 2024-05-05 17:29:11 UTC
README
With GDPR becoming business critical here's a bundle that handles the data encryption layer.
Installation
composer require matt9mg/doctrine-encryption-bundle dev-master
app/AppKernel.php public function registerBundles() { $bundles = [ ... new Matt9mg\Encryption\DoctrineEncryptionBundle(), ... ]; }
Configuration
Basic
Basic configuration will take advantage of the encryption library provided
matt9mg_doctrine_encryption: key: 'an encryption key' iv: 'an encryption iv' suffix: 'an encryption suffix'
Full
matt9mg_doctrine_encryption: key: 'an encryption key' iv: 'an encryption iv' suffix: 'an encryption suffix' method: 'AES-256-CBC' // This is the default setting class: 'Full\Namespace\To\Your\Encryptor' // If not supplied will use the default
Usage
Using the encryption service in controller
use Matt9mg\Encryption\Bridge\Bridge; $this->get(Bridge::class)->encrypt($string) $this->get(Bridge::class)->decrypt($string);
Entity Annotation
use Matt9mg\Encryption\Annotation\Encrypted; class User { /** * @Encrypted() */ private $firstname; }
The above will auto encrypt on prePersist
and preUpdate
Twig
{{ user.firstname | decrypt }}
Design decision
You'll notice there is no postLoad event to convert back to decrypted. Experience with doctrine is that as the entity is changed it adds it to the queue to be flushed. Say if you have an account with 1000 users each user would be decrypted meaning re saved.
How to add a custom Encryptor
Create a class that extends Matt9mg\Encryption\Encryptor\EncryptorInterface
. Then register as mentioned in the above config.
Tests
Yes there a loads of lovely unit tests :)
Roadmap
- Form inputs
- Command line util
- Travis integration