PHPackages bespredel/encryption-form - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. bespredel/encryption-form ActiveLibrary[Security](/categories/security) bespredel/encryption-form ========================= A Laravel package to securely encrypt form fields on the client-side using public key encryption and decrypt them on the server-side using the private key. v1.2.1(3mo ago)131MITPHPPHP >=8.0 Since Dec 19Pushed 3mo ago1 watchersCompare [ Source](https://github.com/BespredeL/encryption-form)[ Packagist](https://packagist.org/packages/bespredel/encryption-form)[ RSS](/packages/bespredel-encryption-form/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (9)Dependencies (3)Versions (11)Used By (0) Encryption Form =============== [](#encryption-form) [![Readme EN](https://camo.githubusercontent.com/2e56ca214ef4d8d00bb5d7aa4ec232fc666ccba95fab518ecc19ef1c0aeaa1d6/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f524541444d452d454e2d626c75652e737667)](https://github.com/bespredel/encryption-form/blob/master/README.md)[![Readme RU](https://camo.githubusercontent.com/9cc74b00b88d39864ca5656899377d910ba6cc1474e523d99f254eea0f1f6fd5/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f524541444d452d52552d626c75652e737667)](https://github.com/bespredel/encryption-form/blob/master/README_RU.md)[![GitHub license](https://camo.githubusercontent.com/c8d21d6e069c319a1600e80cb1f98c211df3911b71f23aac373822690a19128d/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d3435386137622e737667)](https://github.com/bespredel/encryption-form/blob/master/LICENSE)[![Downloads](https://camo.githubusercontent.com/5405aab64b5626cf0eb6e4bc834e14a9d904e09c8d4d14e49076ec75513083af/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f62657370726564656c2f656e6372797074696f6e2d666f726d2e737667)](https://packagist.org/packages/bespredel/encryption-form) [![Latest Version](https://camo.githubusercontent.com/38ba882d78d2f7cdbcc450e265b3c65c9ce17b4240e11c1b4d8e5728cae8ce4c/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f762f72656c656173652f62657370726564656c2f656e6372797074696f6e2d666f726d3f6c6f676f3d676974687562)](https://github.com/bespredel/encryption-form/releases)[![Latest Version Packagist](https://camo.githubusercontent.com/7260ff0d6b9892059ce300665e0dace97788d71d71959128605d4cd7e42bcd41/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f62657370726564656c2f656e6372797074696f6e2d666f726d2e7376673f6c6f676f3d7061636b6167697374266c6f676f436f6c6f723d776869746526636f6c6f723d463238443141)](https://packagist.org/packages/bespredel/encryption-form)[![PHP from Packagist](https://camo.githubusercontent.com/4711cae8a962a7028a978b9ff1739786b2ae588190cc5edf07b6b34c0332bd78/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f7068702d762f62657370726564656c2f656e6372797074696f6e2d666f726d2e7376673f6c6f676f3d706870266c6f676f436f6c6f723d776869746526636f6c6f723d373737424234)](https://php.net)[![Laravel Version](https://camo.githubusercontent.com/a99328a468e05a37a1e35f4f4196ccfc30dba1344db97671b30a69d2da77fe10/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c61726176656c2d253345253344392d4646324432303f6c6f676f3d6c61726176656c)](https://laravel.com) A Laravel package to securely encrypt form fields on the client-side using public key encryption and decrypt them on the server-side using the private key. This package integrates seamlessly with Laravel Blade templates and requires minimal configuration. --- Features -------- [](#features) - **RSA Encryption**: Uses `JSEncrypt` for secure RSA encryption. - **HTML Attribute Control**: Specify which fields to encrypt using `data-encrypt="true"`. - **Flexible Form Encryption**: Target specific forms using `data-encrypt-form` attribute. - **Blade Directive**: Automatically inject encryption scripts with `@encryptFormScripts`. - **Simple Key Management**: Easily configure keys via `.env` or generate new keys via artisan commands. - **Zero Dependencies**: No NPM required; all scripts are included in the package. Installation ------------ [](#installation) 1. **Install the Package**: ``` composer require bespredel/encryption-form ``` 2. **Publish Config and Scripts**: ``` php artisan vendor:publish --tag=encryption-form ``` 3. **Add RSA Keys to `.env`**: ``` ENCRYPTION_FORM_PUBLIC_KEY="-----BEGIN PUBLIC KEY-----...-----END PUBLIC KEY-----" ENCRYPTION_FORM_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----" ``` If you don't have keys, you can generate them using the following commands: ``` php artisan encryption-form:generate-keys ``` 4. **Include the Blade Directive in Your Template**: Add `@encryptFormScripts` to your layout file or specific views where forms are encrypted. Usage ----- [](#usage) ### Middleware [](#middleware) For auto decryption of form data, add the `DecryptRequestFields` middleware to your `Kernel`: ``` Add the middleware to your Kernel protected $middleware = [ // Other middleware \Bespredel\EncryptionForm\Middleware\DecryptRequestFields::class ] ``` or use it in a route: ``` Route::middleware('decrypt-form')->group(function () { // Your code }) ``` ### HTML Form Example [](#html-form-example) In your Blade template: ``` @encryptFormStyles @encryptFormScripts Submit ``` - Add `data-encrypt-form` to the `` tag to enable encryption for this form. All supported form fields will be encrypted. - Use `data-encrypt="true"` for fields that require encryption. All other fields will not be encrypted. - Use `data-encrypt="false"` for fields that do not require encryption. All other fields will be encrypted. **Types of Fields Available for Encryption:** - **Input Fields:** - Supported types: `text`, `email`, `password`, `number`, `date`, and similar. - Exceptions: `file`, `checkbox`, `radio`, `select`. - **Textarea:** - Fully supported. **!!! It is important to note that the encrypted value will be longer than the original value, which may affect data length constraints.** ### Manual decrypting data on the server [](#manual-decrypting-data-on-the-server) Use the `Decryptor` class to decrypt data on the server: ``` use Bespredel\EncryptionForm\Services\Decryptor; $decryptor = new Decryptor(); $value = $request->input('name'); // Example for 'name' field $privateKey = config('encryption-form.private_key'); $prefix = config('encryption-form.prefix', 'ENCF:'); $decryptedValue = $decryptor->decryptValue($value, $privateKey, $prefix); ``` Or use dependency injection: ``` use Bespredel\EncryptionForm\Services\Contracts\DecryptorInterface; public function __construct(DecryptorInterface $decryptor) { $this->decryptor = $decryptor; } // In your method: $value = $request->input('name'); $privateKey = config('encryption-form.private_key'); $prefix = config('encryption-form.prefix', 'ENCF:'); $decryptedValue = $this->decryptor->decryptValue($value, $privateKey, $prefix); ``` Or use the `openssl_private_decrypt` function to decrypt data on the server: ``` $privateKey = config('encryption-form.private_key'); $encryptedData = $request->input('name'); // Example for 'name' field $decryptedData = null; $decodedValue = base64_decode((string)str($encryptedData)->after('ENCF:'), true); openssl_private_decrypt($decodedValue, $decryptedData, $privateKey); echo $decryptedData; // Output the decrypted value ``` Commands -------- [](#commands) ### Generate New RSA Keys [](#generate-new-rsa-keys) To generate a new pair of RSA keys: ``` php artisan encryption-form:generate-keys ``` This will update the keys in your `.env` file. Configuration ------------- [](#configuration) ### Config File: [](#config-file) `config/encryption-form.php` ``` return [ 'public_key' => env('ENCRYPTION_FORM_PUBLIC_KEY'), // Public key, required 'private_key' => env('ENCRYPTION_FORM_PRIVATE_KEY'), // Private key, required 'prefix' => env('ENCRYPTION_FORM_PREFIX', 'ENCF:'), // Field value prefix, needed for optimization to find encrypted values, default: 'ENCF:' 'key_rotation' => [ // Key automatic rotation configuration 'enabled' => env('ENCRYPTION_FORM_KEY_ROTATION_ENABLED', false), // Enable key rotation 'cron_expression' => '0 0 * * *', // Cron expression for key rotation ], 'skip_for_ips' => [ // Skip encryption for specific IP addresses //'127.0.0.1', ], ]; ``` Key Rotation via Scheduler -------------------------- [](#key-rotation-via-scheduler) You can schedule automatic key rotation via the `key_rotation` key in the config file.: ``` return [ ... 'key_rotation' => [ 'enabled' => env('ENCRYPTION_FORM_KEY_ROTATION_ENABLED', false), 'cron_expression' => '0 0 * * *', ], ]; ``` Contributing ------------ [](#contributing) 1. Fork the repository. 2. Create your feature branch: `git checkout -b feature/my-feature`. 3. Commit your changes: `git commit -m 'Add some feature'`. 4. Push to the branch: `git push origin feature/my-feature`. 5. Open a pull request. Security -------- [](#security) PLEASE DON'T DISCLOSE SECURITY-RELATED ISSUES PUBLICLY. If you discover any security related issues, please email [hello@bespredel.name](hello@bespredel.name) instead of using the issue tracker. Acknowledgements ---------------- [](#acknowledgements) I would like to thank the authors and contributors of the [JSEncrypt](https://github.com/travist/jsencrypt) library for providing a secure RSA encryption solution for client-side data encryption. License ------- [](#license) This package is open-source software licensed under the MIT license. ### Health Score 39 — LowBetter than 86% of packages Maintenance81 Actively maintained with recent releases Popularity9 Limited adoption so far Community7 Small or concentrated contributor base Maturity50 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~52 days Recently: every ~98 days Total 9 Last Release 99d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/9eef72f851d43a1dfcd242a67bcec5667b85196ffa60438381e84be38a3ff912?d=identicon)[BespredeL](/maintainers/BespredeL) --- Top Contributors [![BespredeL](https://avatars.githubusercontent.com/u/3052150?v=4)](https://github.com/BespredeL "BespredeL (110 commits)") --- Tags client-side-encryptiondata-privacyencryptionform-encryptionlaravelopen-sourcephpprivacy-protectionrsa-encryptionsecuritylaravelsecurityencryptionopenssldata privacyrsa-encryptionprivacy-protectionclient-side-encryptionform-encryption ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/bespredel-encryption-form/health.svg) ``` [![Health](https://phpackages.com/badges/bespredel-encryption-form/health.svg)](https://phpackages.com/packages/bespredel-encryption-form) ``` ### Alternatives [defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[tzsk/otp A secure, database-free One-Time Password (OTP) generator and verifier for PHP and Laravel. 241641.4k1](/packages/tzsk-otp)[ercsctt/laravel-file-encryption Secure file encryption and decryption for Laravel applications 642.6k](/packages/ercsctt-laravel-file-encryption) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)