studio201 / doctrine-encrypt-bundle
Encrypted symfony entity's by verified and standardized libraries
Installs: 9 948
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 3
Forks: 225
Type:symfony-bundle
Requires
- php: >=7.1
- doctrine/orm: ^2.5
- paragonie/halite: ^1.6|^3|^4.6
- paragonie/sodium_compat: ^1.5
Requires (Dev)
- phpunit/phpunit: ^6.5
Suggests
- defuse/php-encryption: Alternative for halite for use with older php-versions
This package is auto-updated.
Last update: 2024-03-28 14:29:50 UTC
README
This is an fork from the original bundle created by ambta which can be found here: ambta/DoctrineEncryptBundle
This bundle has updated security by not rolling it's own encryption and using verified standardized library's from the field.
ambta/DoctrineEncryptBundle is not secured, It uses old crypto functions and programming mistakes like supplying a IV in ECB mode (which does nothing)
Using Halite
All deps are already installed with this package
// Config.yml studio201_doctrine_encrypt: encryptor_class: Halite
Using Defuse
You will need to require Defuse yourself
composer require "defuse/php-encryption ^2.0"
// Config.yml studio201_doctrine_encrypt: encryptor_class: Defuse
Secret key
Secret key is generated if there is no key found. This is automatically generated and stored in the folder defined in the configuration
// Config.yml studio201_doctrine_encrypt: secret_directory_path: '%kernel.project_dir%' # Default value
Filename example: .DefuseEncryptor.key or .HaliteEncryptor.key
Do not forget to add these files to your .gitignore file, you do not want this on your repository!