codelieutenant/laravel-crypto
Composer 安装命令:
composer require codelieutenant/laravel-crypto
包简介
Laravel Crypto is a package that provides a simple and easy to use API for encrypting, decrypting, hashing, and signing data using the latest PHP and Laravel features.
README 文档
README
Laravel Crypto provides a simple and easy-to-use API for encrypting, decrypting, hashing, and signing data using modern cryptographic algorithms powered by libsodium.
Why Laravel Crypto?
- Modern Algorithms: Support for XChaCha20-Poly1305, AES-256-GCM, AEGIS-128L, AEGIS-256, XSalsa20-Poly1305, Blake2b, and EdDSA.
- Per-User Encryption: Secure data using keys derived from and unique to each user, ensuring data privacy even if the
APP_KEYis compromised. - Performance: High-performance cryptographic operations utilizing hardware acceleration where available.
- Drop-in Replacement: Seamlessly replaces Laravel's default
EncryptionServiceProvider. - Comprehensive: Includes support for hashing, signing (symmetric and asymmetric), file encryption, Eloquent casting for encrypted files, and various data encoders (JSON, MessagePack, Igbinary).
Requirements
- PHP: 8.4 or higher
- Extensions:
ext-sodium - Laravel: 10.x, 11.x, or 12.x
Getting Started
1. Installation
composer require codelieutenant/laravel-crypto
2. Service Provider Registration
In order to activate the package, you need to replace Laravel's default EncryptionServiceProvider with CodeLieutenant\LaravelCrypto\ServiceProvider.
Laravel 11.x & 12.x
In bootstrap/providers.php, replace the default provider:
return [ App\Providers\AppServiceProvider::class, // Illuminate\Encryption\EncryptionServiceProvider::class, // Remove or comment out CodeLieutenant\LaravelCrypto\ServiceProvider::class, // Add this ];
Laravel 10.x
In config/app.php, replace Illuminate\Encryption\EncryptionServiceProvider::class in the providers array:
'providers' => [ // ... // Illuminate\Encryption\EncryptionServiceProvider::class, CodeLieutenant\LaravelCrypto\ServiceProvider::class, // ... ],
3. Configuration
Publish the configuration file:
php artisan vendor:publish --provider="CodeLieutenant\LaravelCrypto\ServiceProvider"
Update your cipher in config/app.php:
'cipher' => 'Sodium_AES256GCM', // Options: Sodium_AES256GCM, Sodium_XChaCha20Poly1305, Sodium_AEGIS256GCM, Sodium_AEGIS128LGCM, Sodium_SecretBox
4. Generating Keys
Generate the necessary cryptographic keys:
php artisan crypto:keys
This will update your .env file with the required keys and generate an EdDSA key pair in storage/keys/.
Usage Overview
Encryption
Uses the standard Laravel Crypt facade but with Sodium algorithms.
use Illuminate\Support\Facades\Crypt; $encrypted = Crypt::encryptString('Hello Sodium'); $decrypted = Crypt::decryptString($encrypted);
File Encryption
Securely encrypt large files using chunked streaming.
use Illuminate\Support\Facades\Crypt; // Encrypt a file Crypt::encryptFile('path/to/input.txt', 'path/to/output.enc'); // Decrypt a file Crypt::decryptFile('path/to/output.enc', 'path/to/decrypted.txt');
Hashing
High-performance hashing using Blake2b.
use CodeLieutenant\LaravelCrypto\Facades\Hashing; $hash = Hashing::hash('data');
Signing
Symmetric (HMAC) and Asymmetric (EdDSA) signing.
use CodeLieutenant\LaravelCrypto\Facades\Sign; // HMAC $sig = Sign::sign('message'); // EdDSA $sig = Sign::eddsaSign('message');
Eloquent Casting
Store files securely by automatically encrypting and decrypting them on-the-fly via an Eloquent caster.
use CodeLieutenant\LaravelCrypto\Casts\EncryptedFileCast; use Illuminate\Database\Eloquent\Model; class Document extends Model { protected $casts = [ 'file' => EncryptedFileCast::class, ]; } // Accessing the file decrypts it to a temporary location $content = $document->file->contents(); // Modifying the content and saving the model re-encrypts the file $document->file->putContents('Secret Data'); $document->save();
User Encryption
Securely encrypt user data using their own unique encryption key.
use CodeLieutenant\LaravelCrypto\Casts\UserEncryptedWithIndex; use Illuminate\Database\Eloquent\Model; class UserSecret extends Model { protected function casts(): array { return [ 'ssn' => UserEncryptedWithIndex::class . ':ssn_index', ]; } }
For more details on setting up and using per-user encryption, see the User Encryption documentation.
Performance
Benchmarks conducted on various data sizes (PHP 8.5.1, Sodium extension enabled) on a Macbook M4 Pro 48GB RAM.
1 KiB Payload
| Algorithm | Encryption | Decryption |
|---|---|---|
| Laravel AES-256-CBC | 8.09 μs | 9.98 μs |
| Laravel AES-256-GCM | 3.37 μs | 5.33 μs |
| Sodium AES-256-GCM | 2.39 μs | 2.58 μs |
| Sodium AEGIS-128L | 2.03 μs | 2.14 μs |
| Sodium AEGIS-256 | 2.06 μs | 2.27 μs |
| Sodium XChaCha20-Poly1305 | 3.41 μs | 3.58 μs |
32 KiB Payload
| Algorithm | Encryption | Decryption |
|---|---|---|
| Laravel AES-256-CBC | 151.01 μs | 181.81 μs |
| Laravel AES-256-GCM | 35.81 μs | 81.98 μs |
| Sodium AES-256-GCM | 26.93 μs | 29.22 μs |
| Sodium AEGIS-128L | 18.23 μs | 20.68 μs |
| Sodium AEGIS-256 | 18.86 μs | 21.82 μs |
| Sodium XChaCha20-Poly1305 | 58.40 μs | 60.90 μs |
1 MiB Payload
| Algorithm | Encryption | Decryption |
|---|---|---|
| Laravel AES-256-CBC | 5.02 ms | 7.57 ms |
| Laravel AES-256-GCM | 1.31 ms | 3.94 ms |
| Sodium AES-256-GCM | 1.11 ms | 1.88 ms |
| Sodium AEGIS-128L | 0.90 ms | 1.60 ms |
| Sodium AEGIS-256 | 0.82 ms | 1.65 ms |
| Sodium XChaCha20-Poly1305 | 2.21 ms | 2.90 ms |
Sodium-based algorithms provide more consistent performance and are significantly faster for decryption of large payloads compared to Laravel's default implementations. AEGIS algorithms offer top-tier performance on modern hardware.
Documentation
For detailed information, please refer to the following documentation:
License
The MIT License (MIT). Please see License File for more information.
codelieutenant/laravel-crypto 适用场景与选型建议
codelieutenant/laravel-crypto 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 164 次下载、GitHub Stars 达 17, 最近一次更新时间为 2024 年 02 月 27 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「security」 「cryptography」 「encryption」 「hashing」 「crypto」 「signing」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 codelieutenant/laravel-crypto 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 codelieutenant/laravel-crypto 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 codelieutenant/laravel-crypto 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
DUKPT implementation in PHP
A simple PHP class to encrypt a string and decrypt an encrypted string
A package for automatically encrypting and decrypting Eloquent attributes in Laravel 5.5+, based on configuration settings.
Provide a way to secure accesses to all routes of an symfony application.
Encryption with AES-256 and HMAC-SHA256
Allows installation of Laravel where the PHP Mcrypt extension is not available. Provides encryption using OpenSSL, or by disabling encryption entierly.
统计信息
- 总下载量: 164
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 18
- 点击次数: 22
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2024-02-27