Skip to content

wdavis/ciphersweet-for-laravel

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
config
config
 
 
src
src
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
Makefile
Makefile
 
 
composer.json
composer.json
 
 
composer.lock
composer.lock
 
 
contributing.md
contributing.md
 
 
phpunit.xml
phpunit.xml
 
 
readme.md
readme.md
 
 
tag.sh
tag.sh
 
 

Repository files navigation

CipherSweet for Laravel

A Laravel implementation of Paragon Initiative Enterprises CipherSweet searchable field level encryption.

Make sure you have some basic understanding of CipherSweet before continuing.

Installation

Install the package using composer:

composer require bjorn-voesten/ciphersweet-for-laravel

The package will then automatically register itself.

Encryption key

In your .env file you should add:

CIPHERSWEET_KEY=

And then generate an encryption key:

php artisan ciphersweet:key

Config file

Publish the config file:

php artisan vendor:publish --tag=ciphersweet-config

Usage

Define encryption

Add the BjornVoesten\CipherSweet\Concerns\WithAttributeEncryption trait to your model
and add the BjornVoesten\CipherSweet\Casts\Encrypted cast to the attributes you want to encrypt.

<?php

use Illuminate\Database\Eloquent\Model;
use BjornVoesten\CipherSweet\Concerns\WithAttributeEncryption;
use BjornVoesten\CipherSweet\Casts\Encrypted;

class User extends Model
{
    use WithAttributeEncryption;
    
    protected $fillable = [
        'social_security_number',
    ];

    protected $casts = [
        'social_security_number' => Encrypted::class,
    ];
}

By default, the index column name is generated using the name suffixed by _index.
So social_security_number will use social_security_number_index.

Using custom indexes

Alternatively you can define multiple indexes per attribute and and define more options.

<?php

use Illuminate\Database\Eloquent\Model;
use BjornVoesten\CipherSweet\Concerns\WithAttributeEncryption;
use BjornVoesten\CipherSweet\Casts\Encrypted;
use BjornVoesten\CipherSweet\Contracts\Attribute;
use BjornVoesten\CipherSweet\Contracts\Index;

class User extends Model
{
    // ...

    /**
     * Encrypt the social security number.
     *
     * @param \BjornVoesten\CipherSweet\Contracts\Attribute $attribute
     * @return void
     */
    public function encryptSocialSecurityNumberAttribute(Attribute $attribute): void
    {
        $attribute->index('social_security_number_last_four_index', function (Index $index) {
            $index
                ->bits(16)
                ->transform(new LastFourDigits());
        });
    }
}

Encrypt and decrypt

Attributes will be automatically encrypted and decrypted when filling and retrieving attribute values.

Note Because the package uses Laravel casts it is not possible to combine the Encrypted cast and accessors/mutators.

Searching

Note When searching with the equal to operator models will be returned when the value is found in one of all available or defined indexes. When searching with the not equal to operator all models where the value is not found in any of the available or the defined indexes are returned.

Note Because of the limited search possibilities in CipherSweet only the = and != operators are available when searching encrypted attributes.

whereEncrypted

 User::query()
    ->whereEncrypted('social_security_number', '=', '123-456-789')
    ->get();

orWhereEncrypted

 User::query()
    ->whereEncrypted('social_security_number', '=', '123-456-789')
    ->orWhereEncrypted('social_security_number', '=', '456-123-789')
    ->get();

Contributing

Please see contributing.md for details and a todolist.

Security

If you discover any security related issues, please email [email protected] instead of using the issue tracker.

Testing

make test

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages

  • PHP 98.9%
  • Other 1.1%