muffin/crypt

Installs: 590

Dependents: 1

Suggesters: 0

Security: 0

Stars: 5

Watchers: 3

Forks: 5

Type:cakephp-plugin

0.1.0 2017-09-13 08:56 UTC

This package is auto-updated.

Last update: 2024-09-28 01:16:46 UTC


README

Build Status Coverage Total Downloads License

CakePHP 3 behavior to allow (a)symmetric encryption/decryption of data by the ORM.

Special thanks to security experts @ircmaxell & @voodooKobra for reviewing the work.

USE AT YOUR OWN RISK.

Install

Using Composer:

composer require muffin/crypt

You then need to load the plugin. You can use the shell command:

bin/cake plugin load Muffin/Crypt

or by manually adding statement shown below to bootstrap.php:

Plugin::load('Muffin/Crypt');

Usage

By default, the behavior will use the Cake\Utility\Security and not decrypt every find operation. Both configuration could be overridden when setting up the behavior:

$this->addBehavior('Muffin/Crypt.Crypt', [
    'fields' => ['cc_number', 'cc_cvv'],
    'strategy' => '\Muffin\Crypt\Model\Behavior\Strategy\AsymmetricStrategy',
    'implementedEvents' => [
        'Model.beforeSave' => 'beforeSave',
        'Model.beforeFind' => 'beforeFind',
    ]
]);

If the fields you are encrypting are of a specific type (i.e. POINT), and if specified when configuring the behavior, the behavior will take care of transforming the data back and forth. If using a custom type, make sure it is added to your table.

$this->addBehavior('Muffin/Crypt.Crypt', [
    'fields' => ['location' => 'point'],
]);

Patches & Features

  • Fork
  • Mod, fix
  • Test - this is important, so it's not unintentionally broken
  • Commit - do not mess with license, todo, version, etc. (if you do change any, bump them into commits of their own that I can ignore when I pull)
  • Pull request - bonus point for topic branches

To ensure your PRs are considered for upstream, you MUST follow the CakePHP coding standards.

Bugs & Feedback

http://github.com/usemuffin/crypt/issues

License

Copyright (c) 2017, Use Muffin and licensed under The MIT License.