Download the PHP package delatbabel/elocryptfive without Composer

On this page you can find all versions of the php package delatbabel/elocryptfive. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package elocryptfive

Eloquent Encryption/Decryption for Laravel 5

Build Status StyleCI Latest Stable Version Total Downloads

Automatically encrypt and decrypt Laravel 5 Eloquent values.

READ THIS FIRST

Encrypted values are usually longer than plain text values. Sometimes much longer. You may find that the column widths in your database tables need to be extended to store the encrypted values.

If you are encrypting long strings such as JSON blobs then the encrypted values may be longer than a VARCHAR field can support, and you may need to extend your column types to TEXT or LONGTEXT.

What Does This Do?

This encrypts and decrypts columns stored in database tables in Laravel applications transparently, by encrypting data as it is stored in the model attributes and decrypting data as it is recalled from the model attributes.

All data that is encrypted is prefixed with a tag (default __ELOCRYPT__:) so that encrypted data can be easily identified.

This supports columns that store either encrypted or non-encrypted data to make migration easier. Data can be read from columns correctly regardless of whether it is encrypted or not but will be automatically encrypted when it is saved back into those columns.

Requirements and Recommendations

Contributors

This is Darren Taylor's Laravel 4 "elocrypt" package, ported to Laravel 5. I have made the following additions/changes:

The original Laravel 4 package is here: https://github.com/dtisgodsson/elocrypt

Thanks to Brandon Surowiec for some extensive refactoring of the internal methods.

Installation

This package can be installed via Composer by adding the following to your composer.json file:

You must then run the following command:

Once composer update has finished, then add the service provider to the providers array in your application's config/app.php file:

Configuration

Publish the config file with:

You may then change the default prefix tag string in your .env config file:

or alternatively you can change the default right in the config/elocrypt.php file:

Usage

Simply reference the Elocrypt trait in any Eloquent Model you wish to apply encryption to and define an $encrypts array containing a list of the attributes to encrypt.

For example:

You can combine $casts and $encrypts to store encrypted arrays. An array will first be converted to JSON and then encrypted.

For example:

How it Works?

By including the Elocrypt trait, the setAttribute() and getAttributeFromArray() methods provided by Eloquent are overridden to include an additional step. This additional step simply checks whether the attribute being set or get is included in the $encrypts array on the model, and either encrypts/decrypts it accordingly.

Summary of Methods in Illuminate\Database\Eloquent\Model

This surveys the major methods in the Laravel Model class as of Laravel v 5.1.12 and checks to see how those models set attributes and hence how they are affected by this trait.

Keys and IVs

The key and encryption algorithm used are as per the Laravel Encrypter service, and defined in config/app.php as follows:

I recommend generating a random 32 character string for the encryption key, and using AES-256-CBC as the cipher for encrypting data. If you are encrypting long data strings then AES-256-CBC-HMAC-SHA1 will be better.

The IV for encryption is randomly generated.

FAQ

Manually Encrypting Data

You can manually encrypt or decrypt data using the encryptedAttribute() and decryptedAttribute() functions. An example is as follows:

Encryption and Searching

You will not be able to search on encrypted data, because it is encrypted. Comparing encrypted values would require a fixed IV which introduces security issues.

If you need to search on data then either:

You could store both a hashed and an encrypted value, use the hashed value for searching and retrieve the encrypted value for other uses.

Encryption and Authentication

The same problem with searching applies for authentication because authentication requires a user search.

If you have an authentication table where you encrypt the user data including the login data (for example the email), this will prevent Auth::attempt from working. For example this code will not work:

As for searching, comparing the encrypted email will not work, because it would require a fixed IV which introduces security issues.

What you will need to do instead is to hash the email address using a well known hash function (e.g. SHA256 or RIPE-MD160) rather than encrypt it, and then in the Auth::attempt function you can compare the hashes.

If you need access to the email address then you could store both a hashed and an encrypted email address, use the hashed value for authentication and retrieve the encrypted value for other uses (e.g. sending emails).


All versions of elocryptfive with dependencies

PHP Build Version
Package Version
Requires php Version >=5.6.0
illuminate/contracts Version ^5.0
illuminate/support Version ^5.0
illuminate/encryption Version ^5.0
illuminate/container Version ^5.0
illuminate/config Version ^5.0
illuminate/console Version ^5.0
paragonie/random_compat Version ^1.1|^2.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package delatbabel/elocryptfive contains the following files

Loading the files please wait ....