Download the PHP package jsq/doctrine-cache-encrypter without Composer
On this page you can find all versions of the php package jsq/doctrine-cache-encrypter. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download jsq/doctrine-cache-encrypter
More information about jsq/doctrine-cache-encrypter
Files in jsq/doctrine-cache-encrypter
Package doctrine-cache-encrypter
Short Description An encrypting decorator for instances of Doctrine\Common\Cache\Cache
License Apache-2.0
Informations about the package doctrine-cache-encrypter
Doctrine Cache Encrypter
Having to encrypt your data at rest shouldn't keep you from using the open-source
tools you know and love. If you have data that needs a higher degree of security
than the rest of your cache, you can store and access it via an
EncryptingDecorator
.
Caveats
Encryption and decryption are both expensive operations, and frequent reads from an encrypted data store can quickly become a bottleneck in otherwise performant applications. Use encrypted caches sparingly (i.e., do not use an encrypting decorator around your Doctrine Annotations cache).
Usage
This package provides two cache decorators, one that encrypts data using a pass phrase and one that does so with public and private keys. The implementation using a pass phrase is the more performant of the two but requires that you securely deploy a plaintext password.
First, create your Doctrine-based cache as you normally would:
Second, wrap your cache with an encrypting decorator:
Then use your $cache
and $encryptedCache
like you normally would:
Though your regular cache and encrypted cache share a storage layer and a
keyspace, they will not be able to read each other's data. The $encryptedCache
will return false
if asked to read unencrypted data, and the regular $cache
will return gibberish if asked to read encrypted data.
Encrypting your cache without sharing secrets
If you'd rather not rely on a shared password, the EnvelopeEncryption\Decorator
can secure your sensitive cache entries using a public/private key pair.
The certificate can be a valid x509 certificate, a path to a PEM-encoded certificate file (the path must be prefaced with
file://
), or a PEM-encoded certificate string. The private key can be a path to a PEM-encoded private key file (the path must be prefaced withfile://
), or a PEM-encoded certificate string.
All versions of doctrine-cache-encrypter with dependencies
ext-openssl Version *
doctrine/cache Version ~1.0
jsq/iron-php Version ^0.1.1