Wallogit.com
2017 © Pedro Peláez
Doctrine encryption bundle for Symfony to aid with GDPR and general field encryption
With GDPR becoming business critical here's a bundle that handles the data encryption layer., (*1)
composer require brandoriented/doctrine-encryption-bundle dev-master, (*2)
app/AppKernel.php
public function registerBundles()
{
$bundles = [
...
new BrandOriented\Encryption\DoctrineEncryptionBundle(),
...
];
}
Basic, (*3)
Basic configuration will take advantage of the encryption library provided, (*4)
doctrine_encryption: key: 'an encryption key' iv: 'an encryption iv' suffix: 'an encryption suffix'
Full, (*5)
doctrine_encryption: key: 'an encryption key' iv: 'an encryption iv' suffix: 'an encryption suffix' method: 'AES-256-CBC' // This is the default setting class: 'Full\Namespace\To\Your\Encryptor' // If not supplied will use the default
use BrandOriented\Encryption\Bridge\Bridge; $this->get(Bridge::class)->encrypt($string) $this->get(Bridge::class)->decrypt($string);
use BrandOriented\Encryption\Annotation\Encrypted;
class User {
/**
* @Encrypted()
*/
private $firstname;
}
The above will auto encrypt on prePersist and preUpdate, (*6)
{{ user.firstname | decrypt }}
You'll notice there is no postLoad event to convert back to decrypted. Experience with doctrine is that as the entity is changed it adds it to the queue to be flushed. Say if you have an account with 1000 users each user would be decrypted meaning re saved., (*7)
Create a class that extends BrandOriented\Encryption\Encryptor\EncryptorInterface. Then register as mentioned in the above config., (*8)
Yes there a loads of lovely unit tests :), (*9)
Doctrine encryption bundle for Symfony to aid with GDPR and general field encryption
MIT
orm bundle doctrine symfony encryption gdpr
Doctrine encryption bundle for Symfony to aid with GDPR and general field encryption
MIT
orm bundle doctrine symfony encryption gdpr