{"id":15045041,"url":"https://github.com/geekcell/sodium-bundle","last_synced_at":"2025-04-03T09:30:26.306Z","repository":{"id":151625923,"uuid":"624536424","full_name":"geekcell/sodium-bundle","owner":"geekcell","description":"A Symfony bundle to interact with PHP's Sodium extension for encryption and decryption.","archived":false,"fork":false,"pushed_at":"2025-01-25T19:11:29.000Z","size":98,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-03-28T10:16:35.018Z","etag":null,"topics":["decryption","encryption","libsodium","libsodium-php","php","sodium","symfony","symfony-bundle"],"latest_commit_sha":null,"homepage":"https://www.geekcell.io","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/geekcell.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-04-06T17:32:32.000Z","updated_at":"2025-01-25T19:11:17.000Z","dependencies_parsed_at":null,"dependency_job_id":"6004c67c-2691-4e10-a6e0-d693a5200824","html_url":"https://github.com/geekcell/sodium-bundle","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/geekcell%2Fsodium-bundle","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/geekcell%2Fsodium-bundle/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/geekcell%2Fsodium-bundle/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/geekcell%2Fsodium-bundle/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/geekcell","download_url":"https://codeload.github.com/geekcell/sodium-bundle/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246752604,"owners_count":20827987,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["decryption","encryption","libsodium","libsodium-php","php","sodium","symfony","symfony-bundle"],"created_at":"2024-09-24T20:51:22.843Z","updated_at":"2025-04-03T09:30:25.900Z","avatar_url":"https://github.com/geekcell.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# geekcell/sodium-bundle\n\n[![Unit tests workflow status](https://github.com/geekcell/sodium-bundle/actions/workflows/tests.yaml/badge.svg)](https://github.com/geekcell/sodium-bundle/actions/workflows/tests.yaml) [![Coverage](https://sonarcloud.io/api/project_badges/measure?project=geekcell_sodium-bundle\u0026metric=coverage)](https://sonarcloud.io/summary/new_code?id=geekcell_sodium-bundle) [![Bugs](https://sonarcloud.io/api/project_badges/measure?project=geekcell_sodium-bundle\u0026metric=bugs)](https://sonarcloud.io/summary/new_code?id=geekcell_sodium-bundle) [![Maintainability Rating](https://sonarcloud.io/api/project_badges/measure?project=geekcell_sodium-bundle\u0026metric=sqale_rating)](https://sonarcloud.io/summary/new_code?id=geekcell_sodium-bundle) [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=geekcell_sodium-bundle\u0026metric=alert_status)](https://sonarcloud.io/summary/new_code?id=geekcell_sodium-bundle)\n\nA Symfony bundle to interact with [PHP's Sodium](https://www.php.net/manual/de/book.sodium.php) extension.\n\n## Installation\n\nTo use this package, require it in your Symfony project with Composer.\n\n```bash\ncomposer require geekcell/sodium-bundle\n```\n\nVerify that the bundle has been enabled in `config/bundles.php`\n\n```php\n\u003c?php\n\nreturn [\n    // other bundles ...\n    GeekCell\\SodiumBundle\\GeekCellSodiumBundle::class =\u003e ['all' =\u003e true],\n];\n```\n\n## Limitations\n\nAt this point in time, this bundle only supports [libsodium's](https://doc.libsodium.org/) [anonymous](https://doc.libsodium.org/public-key_cryptography/sealed_boxes) and [authenticated](https://doc.libsodium.org/public-key_cryptography/authenticated_encryption) public-key encryption.\n\n## Configuration\n\nCreate a config file `config/packages/geek_cell_sodium.yaml` where you configure your base64-encoded public and private/secret keys for encryption and decryption. It is very strongly recommended to not store them as plain text, but read them from your `.env.local`, which is added to your `.gitignore` file.\n\n```yaml\ngeek_cell_sodium:\n    public_key: '%env(SODIUM_PUBLIC_KEY)%'\n    private_key: '%env(SODIUM_PRIVATE_KEY)%'\n```\n\nOnly the `public_key` field is mandatory, if you only plan for anonymous (shared) public-key encryption in your app. For both authenticated and anonymous decryption, a `private_key` must also be configured, or an exception is thrown during runtime.\n\nThis bundle ships with a console command `sodium:generate-keys` to generate a set of public/private keys for you.\n\n```\n❯ bin/console sodium:generate-keys\nGenerating a new set of public and private keys...\n\nPublic Key:  cqJZXt1dhZtyYZ0NcOmwkgcyvW2t9w2Wdwe/Wk6zegk=\nPrivate Key: G3XKnSunNpN1LHKY34LFen7XI2dmu6xBk9UeTQIxNwY=\n\nPlease add or update the following environment variables in your .env.local file:\n\nSODIUM_PUBLIC_KEY=cqJZXt1dhZtyYZ0NcOmwkgcyvW2t9w2Wdwe/Wk6zegk=\nSODIUM_PRIVATE_KEY=G3XKnSunNpN1LHKY34LFen7XI2dmu6xBk9UeTQIxNwY=\n\nDone!\n```\n\n## Usage\n\nSimply typehint the `GeekCell\\SodiumBundle\\Sodium\\Sodium` service in your code and make use of its `encrypt` and `decrypt` methods:\n\n### Anonymous encryption\n\nThe example below demonstrates _anonymous_ encryption using only a shared public key. In order to decrypt a message, the receiver needs both public and corresponding private/secret key.\n\n```php\n\u003c?php\n\n// Sender\n\nnamespace Alice\\Service;\n\nuse GeekCell\\SodiumBundle\\Sodium\\Sodium;\n\nclass AnonymousEncryptionService\n{\n    public function __construct(\n        private readonly Sodium $sodium,\n    ) {}\n\n    public function encryptMessage(string $message): string\n    {\n        return $this-\u003esodium\n            -\u003ewith('box')\n            -\u003eencrypt($message)\n        ;\n    }\n}\n```\n\n```php\n\u003c?php\n\n// Receiver\n\nnamespace Bob\\Service;\n\nuse GeekCell\\SodiumBundle\\Sodium\\Sodium;\n\nclass AnonymousDecryptionService\n{\n    public function __construct(\n        private readonly Sodium $sodium,\n    ) {}\n\n    public function decryptMessage(string $message): string\n    {\n        return $this-\u003esodium\n            -\u003ewith('box')\n            -\u003edecrypt($message)\n        ;\n    }\n}\n```\n\n### Authenticated encryption\n\nAlternatively you can use _authenticated_ public-key encyption to encrypt specifically encrypt messages by using a recipient's public key and a nonce. When received, the recipient can then decrypt a cipher using the sender's public key and nonce.\n\n```php\n// Sender\n\nnamespace Alice\\Service;\n\nuse GeekCell\\SodiumBundle\\Sodium\\Sodium;\n\nclass AuthenticatedEncryptionService\n{\n    public function __construct(\n        private readonly Sodium $sodium,\n    ) {}\n\n    public function encryptMessage(string $message, string $recipientPublicKey, $string $nonce): string\n    {\n        return $this-\u003esodium\n            -\u003ewith('box')\n            -\u003efor($recipientPublicKey)\n            -\u003eencrypt($message, $nonce)\n        ;\n    }\n}\n```\n\n```php\n\u003c?php\n\n// Receiver\n\nnamespace Bob\\Service;\n\nuse GeekCell\\SodiumBundle\\Sodium\\Sodium;\n\nclass AuthenticatedDecryptionService\n{\n    public function __construct(\n        private readonly Sodium $sodium,\n    ) {}\n\n    public function decryptMessage(string $message, string $senderPublicKey, string $nonce): string\n    {\n        return $this-\u003esodium\n            -\u003ewith('box')\n            -\u003efrom($senderPublicKey)\n            -\u003edecrypt($message, $nonce)\n        ;\n    }\n}\n```\n\n### Facade\n\nFor situations where you cannot inject `GeekCell\\SodiumBundle\\Sodium\\Sodium` via Symfony's DIC (for example if you want to directly encrypt or decrypt fields of your Doctine entity), you can use a [container-facade](https://github.com/geekcell/container-facade) for your convenience:\n\n```php\n\u003c?php\n\nnamespace App\\Entity;\n\nuse Doctrine\\ORM\\Mapping as ORM;\nuse GeekCell\\SodiumBundle\\Support\\Facade\\Sodium;\n\n#[ORM\\Entity]\nclass DiaryEntry\n{\n    #[ORM\\Id]\n    #[ORM\\GeneratedValue]\n    private ?int $id;\n\n    #[ORM\\Column(type: 'datetime')]\n    private \\DateTimeInterface $date;\n\n    #[Column(type: 'text')]\n    private string $encryptedEntry;\n\n    public function setEntry(string $entry): void\n    {\n        $this-\u003eencryptedEntry = Sodium::with('box')-\u003eencrypt($entry);\n    }\n\n    // ...\n}\n```\n\nFor more information, check out [geekcell/container-facade](https://github.com/geekcell/container-facade).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgeekcell%2Fsodium-bundle","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgeekcell%2Fsodium-bundle","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgeekcell%2Fsodium-bundle/lists"}