x69420/doctrine-encrypt-bundle
Composer 安装命令:
composer require x69420/doctrine-encrypt-bundle
包简介
Symfony 5 bundle which allows to encrypt data in database with some encrypt algorithm, this fork make use of open ssl
README 文档
README
#DoctrineEncryptBundle version 3.0
Bundle allows to create doctrine entities with fields that will be protected with help of some encryption algorithm in database and it will be clearly for developer, because bundle is uses doctrine life cycle events
This is an fork from the original bundle created by vmelnik-ukrain (Many thanks to him) which can be found here: vmelnik-ukraine/DoctrineEncryptBundle this is again a fork from the bundle nepda/doctrine-encrypt from Marcel van Nuil.
goal of this fork
My main goal is to improve the Encryptor : multiple existed but they where base on mcrypt and had flaws. I replaced them with an openssl alternative, found partly from this fork (again!) : https://github.com/nepda/doctrine-encrypt/blob/master/src/DoctrineEncrypt/Encryptors/OpenSslEncryptor.php If the author accept to merge my change, I will probably close this fork.
I also borrowed the "SensitiveValue" and "Mask" class from the great payum library in order to prevent the secret key to be printed (for more information, see payum doc).
I added a twig extension in case of the need to decode the data only on display. (need additional work to be fully satisfying, like optionally do ont decode in the entity)
The encryptor also throw verbose errors and handle a simple integrity check (the length of the data is stored with the data in a json string, and is verified on the decrypt side).
scope of this fork
The rest of this file anf of the doc will probably remain the forked content. Exept for the namespaces and the authors list that I changed (the search & replace way).
###What does it do exactly
It gives you the opportunity to add the @Encrypt annotation above each string property
/** * @var string * @ORM\Column(name="host", type="string", length=255) * @Encrypted */ private $host; /** @var string store the decryptedVersion of $host */ private $hostDecrypted; /** * Set host * * You MUST assign null to the decryped var * * * @param string $host * * @return ItopUser */ public function setHost($host) { $this->host = $host; $this->hostDecrypted = null;//mandatory if you want your host to be encoded again! return $this; } /** * Get host * * You MUST return the decryped var if it is set * * @return string */ public function getHost() { if (!empty($this->hostDecrypted)) { return $this->hostDecrypted; } return $this->host; } /** * INTERNAL * Set hostDecrypted * * @param string $host * * @return ItopUser */ public function setHostDecrypted($hostDecrypted) { $this->hostDecrypted = $hostDecrypted; return $this; } /** * INTERNAL * Get hostDecrypted * * @return string */ public function getHostDecrypted() { return $this->hostDecrypted; }
The bundle uses doctrine his life cycle events to encrypt the data when inserted into the database and decrypt the data when loaded into your entity manager. It is only able to encrypt string values at the moment, numbers and other fields will be added later on in development. You NEED to add the *Decrypt field, it MUST not be persisted, the gettter/setter MUST exists and have standard names, the getter/setter of the encrypted propterties must follow the pattern above
this verstion 3.0 drop support from many functionnalities of the 2.0 :
many unused features was removed for the sake of performance and readability :
- EmbeddedAnnotation are no more supported (I don't ever know what it is so... if you'r curious, google for
Doctrine\ORM\Mapping\Embedded) - the annotation only mode is no more tested, use it knowing the risk ;)
an almost total rework of the event listener has been done, it now use a cache for most of the time consuming operations and listen to many less events. It do no more need an update on each flush.
###Advantages and disadvantaged of an encrypted database
####Advantages
- Information is stored safely
- Not worrying about saving backups at other locations
- Unreadable for employees managing the database
####Disadvantages
- Can't use ORDER BY on encrypted data
- In SELECT WHERE statements the where values also have to be encrypted
- When you lose your key you lose your data (Make a backup of the key on a safe location)
###Documentation
This bundle is responsible for encryption/decryption of the data in your database. All encryption/decryption work on the PHP's server side.
The following documents are available:
###License
This bundle is under the MIT license. See the complete license in the bundle
###Versions
I'm using Semantic Versioning like described here
x69420/doctrine-encrypt-bundle 适用场景与选型建议
x69420/doctrine-encrypt-bundle 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 7 次下载、GitHub Stars 达 0, 最近一次更新时间为 2021 年 12 月 24 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「symfony」 「bundle」 「doctrine」 「openssl」 「encrypt」 「aes256」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 x69420/doctrine-encrypt-bundle 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 x69420/doctrine-encrypt-bundle 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 x69420/doctrine-encrypt-bundle 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
2lenet/EasyAdminPlusBundle
The bundle for easy using json-rpc api on your project
Provide a way to secure accesses to all routes of an symfony application.
DMS Meetup API Bundle, enables Meetup API clients in services
Make pimcore migration simple
Bundle Symfony DaplosBundle
统计信息
- 总下载量: 7
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 4
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2021-12-24