minvws / laravel-crypto
Laravel provider for crypto functionality
Installs: 2 578
Dependents: 0
Suggesters: 0
Security: 0
Stars: 2
Watchers: 13
Forks: 1
Open Issues: 4
Requires
- php: ^8.0||^8.1||^8.2
- laravel/framework: ^8.0||^9.0
Requires (Dev)
- mockery/mockery: ^1.4.3
- orchestra/testbench: ^6.0
- phpstan/phpstan: ^1.4
- phpunit/phpunit: ^9.5
- squizlabs/php_codesniffer: ^3.6
- vimeo/psalm: ^4.4 || ^5.0
Suggests
- ext-openssl: Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations.
- ext-sodium: Install the sodium extension in order to use the Sealbox Service.
README
To learn more about the crypto used in the projects, please take a look at our crypto doc.
Requirements
- PHP >= 8.0
- Laravel >= 8.0
Installation
- Install the package via composer:
composer require minvws/laravel-crypto
- If you are running Laravel 5.5 or higher (the package will be auto-discovered), skip
this step. Find the
providers
array key inconfig/app.php
and register the Laravel Crypto Service Provider:
'providers' => [ ... MinVWS\Laravel\Providers\CryptoServiceProvider::class, ];
Usage
This section describes the usage of the different crypto functionalities
CMS Crypto
CMS crypto allows you to easily encrypt (and possibly decrypt) data.
Usage:
class UserController { protected CmsCryptoInterface $service; function index() { $cipherText = $this->service->encrypt('plaintext'); return new JsonResponse(['data' => $cipherText]); } }
Sealbox Crypto
class UserController { protected SealboxCryptoInterface $service; function index() { $cipherText = $this->service->encrypt('plaintext'); return new JsonResponse(['data' => $cipherText]); } }
Signatures
class UserController { protected SignatureCryptoInterface $service; function index() { $sig = $this->service->sign('foobar', false); return new JsonResponse(['signature' => $sig]); } }
Laravel HTTP Middleware
Step 1: Add to app/Http/Kernel.php
:
/*/ Package Middleware /*/ ... 'cms_sign' => \MinVWS\Crypto\Laravel\Http\Middleware\CmsSignature::class,
Step 2: Add your middleware to your routes:
Route::middleware('cms_sign')->post( '/my/route', [RouteController::class, 'index'] );
Environment vars
# OpenSSL CMS encryption
CMS_ENCRYPTION_CERT_PATHS A comma separated list of x509 certificate paths that are used for encrypting data
CMS_DECRYPTION_CERT_PATH A certificate file path that is used for decrypting data (optional)
CMS_DECRYPTION_CERT_KEY_PATH The key file for the cert that is used for decrypting data (optional)
# LibSodium sealbox
CMS_SEAL_PRIVKEY Our own private X25519 key
CMS_SEAL_RECIPIENT_PUBKEY Public X25519 key of the recipient
# OpenSSL CMS signing
CMS_SIGN_X509_CERT The certificate file to sign the data
CMS_SIGN_X509_KEY The key file to sign the data
CMS_SIGN_X509_PASS Optional passphrase for the key file
CMS_SIGN_X509_CHAIN Optional chain of certificates to be added to the signed data
Running tests
Tests are run based on your PHP version. On PHP7, openssl functionality that is not available, will not be tested.
Running tests when you don't have PHP8 (but have docker):
You can still test PHP8 functionality when running PHP7 by using the PHP8 docker image:
docker run -ti -w /app -v $PWD:/app php:8-cli php /app/vendor/bin/phpunit
Using code coverage on PHP8:
docker run -ti -w /app -v $PWD:/app php:8-cli phpdbg -qrr /app/vendor/bin/phpunit --coverage-html=./html