{"id":15026248,"url":"https://github.com/rkeet/zf-doctrine-encrypt","last_synced_at":"2025-10-03T23:32:33.415Z","repository":{"id":62536207,"uuid":"161897929","full_name":"rkeet/zf-doctrine-encrypt","owner":"rkeet","description":"Provides encryption and hashing with Zend Framework 3 \u0026 Doctrine 2 - provides default adapters using Halite / Sodium","archived":true,"fork":false,"pushed_at":"2020-03-26T15:21:05.000Z","size":29,"stargazers_count":7,"open_issues_count":0,"forks_count":12,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-01-10T20:49:43.624Z","etag":null,"topics":["doctrine-orm","doctrine2","encryption","event","gdpr","hashing","php","php72","sodium","zend-framework3"],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rkeet.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-12-15T11:22:39.000Z","updated_at":"2023-01-28T12:56:08.000Z","dependencies_parsed_at":"2022-11-02T16:01:27.573Z","dependency_job_id":null,"html_url":"https://github.com/rkeet/zf-doctrine-encrypt","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rkeet%2Fzf-doctrine-encrypt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rkeet%2Fzf-doctrine-encrypt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rkeet%2Fzf-doctrine-encrypt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rkeet%2Fzf-doctrine-encrypt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rkeet","download_url":"https://codeload.github.com/rkeet/zf-doctrine-encrypt/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":235204448,"owners_count":18952326,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["doctrine-orm","doctrine2","encryption","event","gdpr","hashing","php","php72","sodium","zend-framework3"],"created_at":"2024-09-24T20:04:08.751Z","updated_at":"2025-10-03T23:32:28.112Z","avatar_url":"https://github.com/rkeet.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Zend Framework 3 \u0026 Doctrine Encrypt Module\n\nProvides a Zend Framework 3 \u0026 Doctrine 2 encryption module.\n\n# Installation\n\n    composer require rkeet/zf-doctrine-encrypt\n    \n# Requirements\n\n * PHP 7.2 or greater (must have Sodium extension enabled)\n \nIf you're on Windows, using Xampp, the PHP 7.2 installation might not automatically enable the Sodium extension. If this\nthe case, you'll get an error (`'This is not implemented, as it is not possible to securely wipe memory from PHP'`). \nEnable Sodium for PHP by adding this to your `php.ini` file:\n\n    extension = C:\\xampp\\php\\ext\\php_sodium.dll\n\nThis might also be applicable ot other local installations.  \n\n# Configuration\n\n## Zend Framework\n\nMake sure to add the module to you application configuration. In your `modules.config.php` make sure to include \n`Keet\\\\Encrypt`.\n\n### Additional\n\nThe configuration which is used makes use of aliases, such as `hashing_service` and `encryption_adapter`. You may override these with your own config to implement your own Service and/or Adapter classes. These will automatically be used by this module if the correct Interface classes are implemented. Make sure to read through the code before you do any of this though.\n\n## Module\n\n`*.dist` files are provided. Copy these (remove extension) to your application and fill in the required key/salt values. \nIf these are filled in, it works out of the box using [Halite](https://github.com/paragonie/halite) for encryption. \n\nHowever, must be said, at the moment of writing this ReadMe, the Halite module contains duplicate `const` declarations,\nas such, you must disable your `E_NOTICE` warnings in your PHP config :(\n\n## Annotation Examples\n\n### Encryption\n\nSimple, consider that you have an `Address` Entity, which under the [EU GDPR regulation](https://www.eugdpr.org/)\nrequires parts of the address, such as the street, to be encrypted. This uses the key \u0026 salt required for the config\nby default\n\nTo encrypt a street name, add `@Encrypted` like so: \n\n    /**\n     * @var string\n     * @ORM\\Column(name=\"street\", type=\"text\", nullable=true)\n     * @Encrypted\n     */\n    protected $street;\n    \nBy default the Encryption service assumes that the data to be encrypted is of the type `string`. However, you could have\na requirement to encrypt another type of data, such as a house number. Non-string types are supported, but the type of data\nmust be provided if not a string. You can do this like so:\n\n    /**\n     * @var int\n     * @ORM\\Column(name=\"house_number\", type=\"text\", nullable=false)\n     * @Encrypted(type=\"int\")\n     */\n    protected $houseNumber;\n    \nSupported types are [found here](http://php.net/settype).\n\n### Cyphertext representation\n\nThe cypher text always results in a string with varying length always longer than 255 chars.\nTherefore you should use a datatype capable of representing the full length of it. \nBe aware that any non-string property will be handled as a string representation in the database.\n\n### Hashing\n\nSay you'd like to store a password, it should work in much of the same way as the above. However, it is data that should\nnot be de-cryptable (and there's no need for it to ever be decrypted), thus you should hash it instead.\n\nTo hash something, like a password, add the `@Hashed` Annotation. See the example below.\n\n    /**\n     * @var string\n     * @ORM\\Column(name=\"password\", type=\"text\", nullable=false)\n     * @Hashed\n     */\n    protected $password;\n    \n**Note** that, unlike `@Encrypted`, there aren't options to give a type. As we can't decrypt the data (it's one-way), \nthere's no need to know what the original type was. The response will always be string value.\n\n## Controller Examples\n\n### Hashing\n\nA `HashingService` is provided. This service also uses the `HashingAdapter` but provides functionality that \ncan be used in Controllers and other classes, such as plugins. The service is registered under the alias 'hashing_service'.\nYou can override 'hasing_service' in your own project to provide your own implementation. \n\nThe `HashingService` provides the ability to hash and verify strings. These are two separate operations, one one-way \nhashes a string. The other does the same (requires the hashed string) and then verifies that both strings are \nexactly the same (thus verifying).\n\nIn a Controller, to hash a string, simply do:\n\n    $secret = $this-\u003egetHashingService()-\u003ehash('correct horse battery staple');\n    \nTo verify that your dealing the same string a next time, for example to compare passwords on login, do:\n\n    $verified = $this-\u003egetHashingService()-\u003everify('correct horse battery staple', $secret);\n    \n`$verified` will be set to a boolean value. \n\nTo not store any entered data longer than you must, you could compare directly from form data, like so:\n\n    if($form-\u003eisValid() \u0026\u0026 $this-\u003egetHashingService()-\u003everify($form-\u003egetData()['password_field'], $user-\u003egetPassword()) {\n        // do other things\n    }\n \n### Encryption\n \nAn `EncryptionService` is also provided and works in much the same way as the `HashingService`. It provides functionality to encrypt and to decrypt data. \n\nTo encrypt data, do:\n\n    $encrypted = $this-\u003egetEncryptionService()-\u003eencrypt('correct horse battery staple');\n    \nTo decrypt data, do: \n\n    $decrypted = $this-\u003egetEncryptionService()-\u003edecrypt($string);\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frkeet%2Fzf-doctrine-encrypt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frkeet%2Fzf-doctrine-encrypt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frkeet%2Fzf-doctrine-encrypt/lists"}