承接 ifabula/sevola-sdk-php 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

ifabula/sevola-sdk-php

Composer 安装命令:

composer require ifabula/sevola-sdk-php

包简介

PHP SDK for Sevola encryption service - Format-preserving and AES-GCM encryption

README 文档

README

PHP SDK for format-preserving and AES-GCM encryption via Sevola service.

Features

  • AES "transit" and "rest" encryption for arbitrary payloads
  • FF1 format-preserving encryption for data at rest
  • Key retrieval from Sevola API
  • PHP 7.3+ compatibility
  • Thread-safe operations
  • Configurable timeout and base URL
  • Comprehensive error handling

Installation

Via Composer

composer require ifabula/sevola-sdk-php

Or add to your composer.json:

{
    "require": {
        "ifabula/sevola-sdk-php": "^1.0.0"
    },
    "repositories": [
        {
            "type": "path",
            "url": "./sevola-sdk-php"
        }
    ]
}

Then run:

composer install

Quick Start

1. Basic Usage

<?php

require 'vendor/autoload.php';

use Ifabula\Sevola\EncryptClient;

// Create client with API key
$client = EncryptClient::new('your-api-key');

// Encrypt data at rest
$plaintext = 'Hello, World!';
$encrypted = $client->encryptData($plaintext);

// Decrypt data
$decrypted = $client->decryptData($encrypted);

echo "Original: $plaintext\n";
echo "Encrypted: $encrypted\n";
echo "Decrypted: $decrypted\n";

Compatibility note

Namespace resmi untuk raw SDK adalah:

use Ifabula\Sevola\EncryptClient;
use Ifabula\Sevola\EncryptClientOptions;

Versi ini juga menyediakan alias kompatibilitas untuk contoh awal yang memakai Ifabula\SevolaInterceptor\EncryptClient. Jadi kode lama seperti ini tetap akan diarahkan ke client SDK:

use Ifabula\SevolaInterceptor\EncryptClient;

$sdk = new EncryptClient([
    'apiKey' => 'your-api-key',
    'baseUrl' => 'https://your-sevola-server.com',
    'timeout' => 60,
]);

Untuk implementasi baru, tetap gunakan namespace resmi Ifabula\Sevola.

2. Advanced Configuration

<?php

require 'vendor/autoload.php';

use Ifabula\Sevola\EncryptClient;
use Ifabula\Sevola\EncryptClientOptions;

// Create client with custom options
$options = new EncryptClientOptions(
    'your-api-key',
    'https://your-sevola-server.com',
    60
);
$client = EncryptClient::newWithOptions($options);

// Use transit encryption for data in motion
$encrypted = $client->encryptTransit('sensitive data');
$decrypted = $client->decryptTransit($encrypted);

echo "Transit encrypted: $encrypted\n";
echo "Transit decrypted: $decrypted\n";

3. FF1 Format-Preserving Encryption

<?php

require 'vendor/autoload.php';

use Ifabula\Sevola\EncryptClient;

$client = EncryptClient::new('your-api-key');

// Encrypt with FF1
$requests = [
    [
        'template' => 'numeric',
        'data' => '1234-5678-9012'
    ]
];

$results = $client->encryptDataFF1($requests);
foreach ($results as $result) {
    echo "Status: {$result['status']}\n";
    echo "Value: {$result['value']}\n";
}

// Decrypt with FF1
$decryptRequests = [
    [
        'template' => 'numeric',
        'value' => $results[0]['value']
    ]
];

$decryptResults = $client->decryptDataFF1($decryptRequests);
foreach ($decryptResults as $result) {
    echo "Status: {$result['status']}\n";
    echo "Data: {$result['data']}\n";
}

Interop Test With Python SDK

Run this from the PHP SDK repository to validate FF1 at-rest compatibility with the Python SDK:

cd /Users/anggitsy/Documents/myproject/ENCRYPT/sevola-sdk-php
python3 tests/interop/test_ff1_interop_with_python.py --use-docker

To validate specifically with PHP 7.3, build the local test image first:

docker build -t sevola-php73-test -f docker/php73/Dockerfile .
python3 tests/interop/test_ff1_interop_with_python.py --use-docker --php-docker-image sevola-php73-test

The test validates both directions:

  • Python encrypts numeric and alphanumeric payloads, PHP decrypts them.
  • PHP encrypts the same payloads, Python decrypts them.

If PHP and Composer are installed locally, you can run without Docker after composer install:

python3 tests/interop/test_ff1_interop_with_python.py

API Reference

Types

EncryptClientOptions

class EncryptClientOptions {
    public $apiKey;        // Required: API key for authentication
    public $baseURL;       // Optional: Base URL (default: "http://localhost:8082")
    public $timeout;       // Optional: Timeout in seconds (default: 30)
    public $logger;        // Optional: Enable debug logging (default: false)
    public $enableCaching; // Optional: Enable key caching for non-dynamic keys (default: false)
    public $cacheTTL;      // Optional: Cache TTL in seconds for non-dynamic keys (default: 300)
}

Caching behaviour:

  • Dynamic keys (used by encryptTransitDynamic / decryptTransitDynamic) are always cached for 1 minute regardless of enableCaching.
  • Regular REST/transit keys are only cached when enableCaching: true, using cacheTTL (default 5 minutes).
  • Call clearCache() to evict all cached keys, or getCacheSize() to inspect the cache.

Functions

EncryptClient::new(string $apiKey): EncryptClient

Creates a new client with default settings.

EncryptClient::newWithOptions(EncryptClientOptions $options): EncryptClient

Creates a new client with custom configuration.

Methods

encryptData(string $plaintext): string

Encrypts data using "rest" key type (for data at rest).

decryptData(string $cipherText): string

Decrypts data using "rest" key type.

encryptTransit(string $plaintext): string

Encrypts data using "transit" key type (for data in transit).

decryptTransit(string $cipherText): string

Decrypts data using "transit" key type.

encryptTransitDynamic(string $plaintext): string

Encrypts data using dynamic transit keys.

decryptTransitDynamic(string $cipherText): string

Decrypts data using dynamic transit keys.

encryptDataFF1(array $requests): array

Encrypts data using FF1 format-preserving encryption. Each request should have:

  • template: "numeric", "alfanum", or "alphanumeric"
  • data: The data to encrypt

Returns an array of results with status and value keys.

decryptDataFF1(array $requests): array

Decrypts data using FF1 format-preserving encryption. Each request should have:

  • template: "numeric", "alfanum", or "alphanumeric"
  • value: The encrypted value to decrypt

Returns an array of results with status and data keys.

clearCache(): void

Removes all cached encryption keys, forcing the next operation to fetch fresh keys from the server.

getCacheSize(): int

Returns the number of currently cached keys (useful for debugging/monitoring).

Short-String Handling (Magic Markers)

FF1 requires a minimum input length (4 chars for alfanum, 6 digits for numeric). The SDK transparently handles shorter inputs using a magic-marker scheme so callers never need to worry about length constraints.

How it works

Encryption: before passing the cleaned string to FF1, encryptDataFF1 calls escapeAndWrap:

  • If the input contains the base marker → append the escape marker (collision prevention).
  • If the input is shorter than the minimum → append the padding marker, the original length as a single digit, then random chars to reach the minimum.
  • Otherwise the input is passed through unchanged.

Decryption: after FF1 decryption and special-char restoration, decryptDataFF1 calls unwrapAndUnescape:

  • If the result ends with the escape marker → strip it.
  • If the result contains the padding marker → read the length digit and return the original prefix.
  • Otherwise the result is returned unchanged.

Marker reference

TemplateBase markerPadding markerEscape markerMin length
alfanumZ9YZ9YXZ9YZ4
numeric907890780907816

Testing

Run the test suite:

# Run all tests
composer test

# Run tests with coverage
composer test -- --coverage

Building

Build the module:

# Install dependencies
composer install

# Run tests
composer test

Publishing

1. Tag a Release

# Tag the release
git tag v1.0.0
git push origin v1.0.0

2. Composer Package Repository

The package can be installed via Composer once published to a repository:

# Users can install with:
composer require ifabula/sevola-sdk-php

Dependencies

  • PHP 7.3+ - Required for the library
  • guzzlehttp/guzzle - HTTP client for API requests
  • phpseclib/phpseclib - Big integer and AES primitives for FF1
  • ext-openssl - OpenSSL extension for cryptographic operations
  • ext-json - JSON extension for API responses
  • ext-mbstring - Multibyte string handling for FF1 payloads

Examples

See the examples/ directory for more usage examples.

License

MIT © PT Ifabula Digital Kreasi

Support

For issues and questions:

  • Create an issue on GitLab
  • Email: kasfi.tamiya@ifabula.com

ifabula/sevola-sdk-php 适用场景与选型建议

ifabula/sevola-sdk-php 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 31 次下载、GitHub Stars 达 0, 最近一次更新时间为 2025 年 11 月 10 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「sdk」 「encryption」 「format-preserving」 「fpe」 「sevola」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 ifabula/sevola-sdk-php 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 ifabula/sevola-sdk-php 我们能提供哪些服务?
定制开发 / 二次开发

基于 ifabula/sevola-sdk-php 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 31
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 36
  • 依赖项目数: 1
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 0
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2025-11-10