Download the PHP package taitava/silverstripe-encrypt-at-rest without Composer

On this page you can find all versions of the php package taitava/silverstripe-encrypt-at-rest. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package silverstripe-encrypt-at-rest

IMPORTANT! Use madmatt/silverstripe-encrypt-at-rest instead of this one! This is just a fork with some new, untested features!

silverstripe-encrypt-at-rest

This module allows data to be encrypted in the database, but be decrypted when extracted from the database, using a secret key (hopefully) known only by the web server.

Note: This does not provide significant protection except in the case of database compromise. It should be used as part of a layered security strategy. This is because the key is still available on the web server, so if remote code execution is achieved by an attacker, they will be able to read both the database and the encryption key, thereby decrypting the content.

Note: This module is not yet ready for real use, it's currently v0.0.1 material.

Usage

In your DataObject, use EncryptedDBField, to have it encrypted. At this point, everything is stored as text.

Set a key in your _ss_environment file.

DataObject specific encryption keys

Another, optional and advanced way to define the key is to create an optional method in your DataObject class:

This way you can have multiple keys and you are able to decide which key to use in which situation. You are allowed to return either a Defuse\Crypto\Key object or a plain string presentation of the key. You can also return just null, if you want to stick with the default key defined in the ENCRYPT_AT_REST_KEY constant. The latter is also used if you do not create the provideEncryptionKey() method at all.

$field_name and $field_type arguments can be used to get to know which field is being currently encrypted/decrypted. The latter argument tells the data type class of the field, for example EncryptedText.

TODO


All versions of silverstripe-encrypt-at-rest with dependencies

PHP Build Version
Package Version
Requires silverstripe/framework Version ^3.4.5
defuse/php-encryption Version 2.0.x
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package taitava/silverstripe-encrypt-at-rest contains the following files

Loading the files please wait ....