swisnl/laravel-encrypted-data

Laravel Utilities for Encrypted Data

2.2.0 2024-10-24 19:38 UTC

README

Latest Version on Packagist Software License Buy us a tree Build Status Coverage Status Quality Score Total Downloads Made by SWIS

This package contains several Laravel utilities to work with encrypted data.

Install

Via Composer

$ composer require swisnl/laravel-encrypted-data

N.B. Using Laravel 6-8? Please use version 1.x of this package.

Usage

Models

Warning

Laravel supports encrypted casts since version 8.12, so new projects should use that instead of the models provided by this package.

We aim to provide a migration path to encrypted casts. See issue #1 for more information.

Extend \Swis\Laravel\Encrypted\EncryptedModel in your model and define the encrypted fields. Make sure your database columns are long enough, so your data isn't truncated!

protected $encrypted = [
    'secret',
];

You can now simply use the model properties as usual and everything will be encrypted/decrypted under the hood!

Filesystem

Configure the storage driver in config/filesystems.php.

'disks' => [
    'local' => [
        'driver' => 'local-encrypted',
        'root' => storage_path('app'),
    ],
],

You can now simply use the storage methods as usual and everything will be encrypted/decrypted under the hood!

Known issues/limitations

Due to the encryption, some issues/limitations apply:

  1. Encrypted data is — depending on what you encrypt — roughly 30-40% bigger.

Models

  1. You can't query or order columns that are encrypted in your SQL-statements, but you can query or sort the results using collection methods;
  2. All data is being serialized before it is encrypted — and unserialized after it is decrypted — so everything is stored exactly as how Laravel would insert it into the database. You can use Eloquent Mutators as you normally would.

Filesystem

  1. You can't use the public disk as that will download the raw encrypted files, so using Storage::url() and Storage::temporaryUrl() does not make sense;
  2. You can use streams with this disk, but internally we will always convert those to strings because the entire file contents need to be encrypted/decrypted at once.

Change log

Please see CHANGELOG for more information on what has changed recently.

Testing

$ composer test

Contributing

Please see CONTRIBUTING and CODE_OF_CONDUCT for details.

Security

If you discover any security related issues, please email security@swis.nl instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see License File for more information.

This package is Treeware. If you use it in production, then we ask that you buy the world a tree to thank us for our work. By contributing to the Treeware forest you’ll be creating employment for local families and restoring wildlife habitats.

SWIS ❤️ Open Source

SWIS is a web agency from Leiden, the Netherlands. We love working with open source software.