Download the PHP package carnage/doctrine-encrypted-column without Composer
On this page you can find all versions of the php package carnage/doctrine-encrypted-column. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download carnage/doctrine-encrypted-column
More information about carnage/doctrine-encrypted-column
Files in carnage/doctrine-encrypted-column
Package doctrine-encrypted-column
Short Description Provides a secure way of transparently encrypting data in doctrine ORM
License MIT
Informations about the package doctrine-encrypted-column
Doctrine Encryted Column
Motivation
Currently there are about a dozen encrypted column extensions for doctrine. None of them are very well implemented and are thus insecure (eg using Pop-art mode (ECB) or auto decrypting data on load) most also are tied to a framework making them useless unless you use that framework.
This lib intends to resolve these two issues and provide an obvious choice library for anyone needing to encrypt data they are storing through doctrine ORM.
Every endeavour will be taken to ensure that future versions of this library will be able to read data encrypted with older versions and re-encrypt to take advantage of any security fixes or improvements. In the event that this isn't possible automatically, guidance will be provided to allow you to migrate your data manually, to ensure that this process is as smooth as possible, we suggest making a note of the versions of lib sodium, halite and this library that you initially install.
Features
- Encrypted column type for doctrine
- Functionally similar to object column type
- Transparent to end user
- Uses proxies to avoid decrypting data that isn't needed
- Best in class cryptography (LibSodium)
Pull requests
I will accept pull requests for the following:
- New serialisation support (JMS is desirable here)
- Support for doctrine ODM
- Support for different crypto backends which use a good implementation (eg Zend crypt, defuse, easyrsa)
- bug fixes
I will not accept:
- Integration into << your favorite framework >> create a lib for that which uses this and PR a link for the readme
- Support for poor crypto implementations (eg anything using mcrypt)
Security issues
You can use my keys from keybase https://keybase.io/carnage to contact me regarding any security issues.
All versions of doctrine-encrypted-column with dependencies
doctrine/orm Version ^2.5
ocramius/proxy-manager Version ^1.0.2
paragonie/halite Version ^2.0
psr/container Version ^1.0
phpseclib/phpseclib Version ~2.0