Wallogit.com
2017 © Pedro Peláez
Doctrine encryption bundle for Symfony to aid with GDPR and general field encryption
, (*1)
With GDPR becoming business critical here's a bundle that handles the data encryption layer., (*2)
composer require matt9mg/doctrine-encryption-bundle dev-master, (*3)
app/AppKernel.php
public function registerBundles()
{
$bundles = [
...
new Matt9mg\Encryption\DoctrineEncryptionBundle(),
...
];
}
Basic, (*4)
Basic configuration will take advantage of the encryption library provided, (*5)
matt9mg_doctrine_encryption: key: 'an encryption key' iv: 'an encryption iv' suffix: 'an encryption suffix'
Full, (*6)
matt9mg_doctrine_encryption: key: 'an encryption key' iv: 'an encryption iv' suffix: 'an encryption suffix' method: 'AES-256-CBC' // This is the default setting class: 'Full\Namespace\To\Your\Encryptor' // If not supplied will use the default
use Matt9mg\Encryption\Bridge\Bridge; $this->get(Bridge::class)->encrypt($string) $this->get(Bridge::class)->decrypt($string);
use Matt9mg\Encryption\Annotation\Encrypted;
class User {
/**
* @Encrypted()
*/
private $firstname;
}
The above will auto encrypt on prePersist and preUpdate, (*7)
{{ user.firstname | decrypt }}
You'll notice there is no postLoad event to convert back to decrypted. Experience with doctrine is that as the entity is changed it adds it to the queue to be flushed. Say if you have an account with 1000 users each user would be decrypted meaning re saved., (*8)
Create a class that extends Matt9mg\Encryption\Encryptor\EncryptorInterface. Then register as mentioned in the above config., (*9)
Yes there a loads of lovely unit tests :), (*10)
Doctrine encryption bundle for Symfony to aid with GDPR and general field encryption
MIT
orm bundle doctrine symfony encryption gdpr matt9mg