PHPackages                             gtt/crypt-bundle - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. gtt/crypt-bundle

ActiveSymfony-bundle[Security](/categories/security)

gtt/crypt-bundle
================

Provides symfony encryptor/decryptor services based on various cryptographic components

4.0.0(7y ago)61903[3 issues](https://github.com/GlobalTradingTechnologies/crypt-bundle/issues)MITPHPPHP ~7.2CI failing

Since Dec 29Pushed 6y ago6 watchersCompare

[ Source](https://github.com/GlobalTradingTechnologies/crypt-bundle)[ Packagist](https://packagist.org/packages/gtt/crypt-bundle)[ RSS](/packages/gtt-crypt-bundle/feed)WikiDiscussions master Synced yesterday

READMEChangelog (1)Dependencies (8)Versions (17)Used By (0)

CryptBundle
===========

[](#cryptbundle)

[![Build Status](https://camo.githubusercontent.com/76497a4a6d15064069674730f88e259c41e3ab85ecb33b8b68e240189ef06659/68747470733a2f2f7472617669732d63692e6f72672f476c6f62616c54726164696e67546563686e6f6c6f676965732f63727970742d62756e646c652e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/GlobalTradingTechnologies/crypt-bundle)[![Latest Stable Version](https://camo.githubusercontent.com/6f3cbf48a58869e4c8dae263aaa3b034b319ce5dd9ba3283594b0d8213083f9a/68747470733a2f2f706f7365722e707567782e6f72672f6774742f63727970742d62756e646c652f76657273696f6e)](https://packagist.org/packages/gtt/crypt-bundle)[![Latest Unstable Version](https://camo.githubusercontent.com/a36253978cdd882d906a2284890e74ec16bd5e6201aa202a013b56af47f0aa13/68747470733a2f2f706f7365722e707567782e6f72672f6774742f63727970742d62756e646c652f762f756e737461626c65)](//packagist.org/packages/gtt/crypt-bundle)[![License](https://camo.githubusercontent.com/a0545cb6d4b32474ebdcea9ce573fe418c421a71fa7f4fce5d028a7e1dee7bef/68747470733a2f2f706f7365722e707567782e6f72672f6774742f63727970742d62756e646c652f6c6963656e7365)](https://packagist.org/packages/gtt/crypt-bundle)

Provides a simple way to configure Symfony services for data encryption and decryption based on well-known encryption algorithms. With the help of this CryptBundle you can encrypt or decrypt your data as simple as operate with elementary [EncryptorInterface](https://github.com/GlobalTradingTechnologies/crypt-bundle/blob/master/Encryption/EncryptorInterface.php) or [DecryptorInterface](https://github.com/GlobalTradingTechnologies/crypt-bundle/blob/master/Encryption/DecryptorInterface.php):

```
use Gtt\Bundle\CryptBundle\Encryption\EncryptorInterface;
use Gtt\Bundle\CryptBundle\Encryption\DecryptorInterface;

class MyMagicService
{
    /**
     * Encryptor
     *
     * @var EncryptorInterface
     */
    protected $encryptor;

    /**
     * Decryptor
     *
     * @var DecryptorInterface
     */
    protected $decryptor;

    public function __construct(EncryptorInterface $encryptor, DecryptorInterface $decryptor)
    {
        $this->encryptor = $encryptor;
        $this->decryptor = $decryptor;
    }

    public function doSomeMagic()
    {
        $someStringData = "Crypt me!";
        $encrypted = $this->encryptor->encrypt($someStringData);
        $decrypted = $this->decryptor->decrypt($encrypted);

        return $someStringData == $decrypted;
    }
}
```

Implementations of [EncryptorInterface](https://github.com/GlobalTradingTechnologies/crypt-bundle/blob/master/Encryption/EncryptorInterface.php) or [DecryptorInterface](https://github.com/GlobalTradingTechnologies/crypt-bundle/blob/master/Encryption/DecryptorInterface.php) would be provided by CryptBundle. The choice of encryption algorithm is up to you - you can specify it in bundle config.

Requirements
============

[](#requirements)

Requires only PHP 5.6+ and symfony/framework-bundle.

Installation
============

[](#installation)

Bundle should be installed via composer

```
composer require gtt/crypt-bundle

```

After that you need to register the bundle inside your application kernel.

Also you probably need to install specific crypto libraries such as

```
composer install zendframework/zend-crypt
composer install defuse/php-encryption

```

(You can add the libraries that you need. All of them are optional)

Encryption
==========

[](#encryption)

Under the hood bundle provides bridges to well-known php components for encrypting data as implementations of [encryptor](https://github.com/GlobalTradingTechnologies/crypt-bundle/blob/master/Encryption/EncryptorInterface.php) and [decryptor](https://github.com/GlobalTradingTechnologies/crypt-bundle/blob/master/Encryption/DecryptorInterface.php) interfaces. This implementations are registered as a Symfony services that can be used by your code. See [Usage section](#Usage) for details.

Configuration
=============

[](#configuration)

Bundle configuration defines one or several cryptor-sections grouped by encryption-type (for now supported types are aes and rsa) and the name of the pair of encryptor and decryptor (*aes\_binary\_cryptor*, *aes\_log\_cryptor* and *rsa\_default\_cryptor* in example below). Each cryptor-section contains options for defining the pair of encryptor and decryptor of certain encryption type. Tou can turn on automatic encryption for database strings when using [doctrine/dbal](https://github.com/doctrine/dbal). You can see example that holds configs for 2 pairs of aes encryptor and decryptor and one pair of rsa encryptor and decryptor and uses *rsa\_default\_cryptor* for encrypting database values:

```
gtt_crypt:
    cryptors:
        aes:
            aes_binary_cryptor:
                key_size: 128
                key_path: "/tmp/keys/aes/first.key"
                binary_output: true
            aes_log_cryptor:
                key_size: 128
                key_path: "/tmp/keys/aes/second.key"
                binary_output: false
        rsa:
            rsa_default_cryptor:
                private_key: "/tmp/keys/rsa/priv.key"
                public_key: "/tmp/keys/rsa/pub.key"
                binary_output: false
                padding: 4
    doctrine:
        dbal:
            encrypted_string: rsa_default_cryptor
```

You can see reference of configuration options for supported encryption types:

### RSA

[](#rsa)

- private\_key - path to RSA private key
- pass\_phrase - RSA private key passphrase
- public\_key - path to RSA public key
- binary\_output - should be result of encryption encoded with base64 algorithm or should be input string base64-decoded before decryption
- padding - number of distinct practices which all include adding data to the message prior to encryption. Should be one of constants from list below: -- OPENSSL\_PKCS1\_PADDING -- OPENSSL\_SSLV23\_PADDING -- OPENSSL\_NO\_PADDING -- OPENSSL\_PKCS1\_OAEP\_PADDING

### AES

[](#aes)

- key\_size - AES key size. Should be 128 for 1.x or 256 for 2.x version of [defuse/php-encryption](https://github.com/defuse/php-encryption/)
- key\_path - path to AES private key. Can be generated by built in [crypt:aes:generate-key](https://github.com/GlobalTradingTechnologies/crypt-bundle/blob/master/Command/GenerateKeyCommand.php) command
- binary\_output - should be result of encryption encoded with base64 algorithm or should be input string base64-decoded before decryption

Usage
=====

[](#usage)

In order to use encryptos and decryptors in your code you have 3 availabilities:

### Tag your service (recommended)

[](#tag-your-service-recommended)

The prefered way to receive encryptor or decryptor in you service is to implement in the service's class very simple [EncryptorAwareInterface](https://github.com/GlobalTradingTechnologies/crypt-bundle/blob/master/Encryption/EncryptorAwareInterface.php) or [DecryptorAwareInterface](https://github.com/GlobalTradingTechnologies/crypt-bundle/blob/master/Encryption/DecryptorAwareInterface.php). You can also use traits in most cases if you are too lazy: [SingleDecryptorAwareTrait](https://github.com/GlobalTradingTechnologies/crypt-bundle/blob/master/Encryption/SingleDecryptorAwareTrait.php) and [SingleEncryptorAwareTrait](https://github.com/GlobalTradingTechnologies/crypt-bundle/blob/master/Encryption/SingleEncryptorAwareTrait.php). After that you should tag the service with `gtt.crypt.encryptor.aware` or `gtt.crypt.decryptor.aware` tag (depends on whether you want to get encryptor or decryptor) and specify cryptor name in tag attribute `cryptor_name`. For example if you use configuration such as in [Configuration section](#Configuration) the *cryptor\_name* attribute value can be one of *aes\_binary\_cryptor*, *aes\_log\_cryptor* or *rsa\_default\_cryptor*. The setter injection (setters are defined in EncryptorAwareInterface/DecryptorAwareInterface interfaces) would be done by [CryptorInjectorPass](https://github.com/GlobalTradingTechnologies/crypt-bundle/blob/master/DependencyInjection/Compiler/CryptorInjectorPass.php).

```
services:
    gtt_encryptor_holder:
        class: Your\Class\That\Wants\To\Receive\Encryptor
        tags:
            - { name: gtt.crypt.encryptor.aware, cryptor_name: "aes_binary_cryptor" }
    gtt_decryptor_holder:
        class: Your\Class\That\Wants\To\Receive\Decryptor
        tags:
            - { name: gtt.crypt.decryptor.aware, cryptor_name: "aes_binary_cryptor" }
```

### Inject cryptors directly by service id

[](#inject-cryptors-directly-by-service-id)

Each encryptor or decryptor configured by CryptBundle is a service with id constructed in accordance with the following pattern: `gtt.crypt.encryptor.` for encryptors and `gtt.crypt.decryptor.`, where holds corresponding cryptor name defined in bundle config. For example if you use configuration such as in [Configuration section](#Configuration) the value can be one of *aes\_binary\_cryptor*, *aes\_log\_cryptor* or *rsa\_default\_cryptor*. You can simply inject these services in DI-configs of your bundles.

### Use cryptor registry

[](#use-cryptor-registry)

Crypt-bundle also registers [CryptorRegistry](https://github.com/GlobalTradingTechnologies/crypt-bundle/blob/master/CryptorRegistry.php) service with id *gtt.crypt.registry* that collects all the encryptors and decryptors configured. You can use it to get cryptors by calling getEncryptor or getDecryptor methods with name of the encryptor or decryptor specified. For example if you use configuration such as in [Configuration section](#Configuration) the name can be one of *aes\_binary\_cryptor*, *aes\_log\_cryptor* or *rsa\_default\_cryptor*.

### Encrypting database values

[](#encrypting-database-values)

When database value encryption is enabled the `encrypted_string` dbal type is automatically registered. You can use this type inside doctrine entities or direct dbal queries.

```
use Gtt\Bundle\CryptBundle\Bridge\Doctrine\DBAL\Enum\TypeEnum;

$this->connection->executeQuery(
    'INSERT INTO something VALUES(:my_secret)',
    ['my_secret' => 'A very secret value'],
    ['my_secret' => TypeEnum::ENCRYPTED_STRING]
)
```

Supported encryption components
===============================

[](#supported-encryption-components)

- RSA (Based on [zendframework/zend-crypt](https://github.com/zendframework/zend-crypt))
- AES (Based on [defuse/php-encryption](https://github.com/defuse/php-encryption/))

###  Health Score

30

—

LowBetter than 62% of packages

Maintenance10

Infrequent updates — may be unmaintained

Popularity18

Limited adoption so far

Community18

Small or concentrated contributor base

Maturity66

Established project with proven stability

 Bus Factor1

Top contributor holds 69.6% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~79 days

Recently: every ~30 days

Total

16

Last Release

2653d ago

Major Versions

0.4.3 → 1.0.0-RC12016-07-08

1.x-dev → 2.0.02018-11-27

2.0.0 → 4.0.02018-11-30

2.x-dev → 3.x-dev2019-03-27

PHP version history (4 changes)0.1.0PHP &gt;=5.3

0.4.0PHP &gt;=5.5

4.0.0PHP ~7.2

2.x-devPHP &gt;=5.6

### Community

Maintainers

![](https://www.gravatar.com/avatar/aff38c7c201e49cb668c6f45e6577f009f9acc211fe41f3737368cdc5de2c5f0?d=identicon)[fduch](/maintainers/fduch)

![](https://www.gravatar.com/avatar/bb355559c0366ede2f505345c1063cec701c24f5c473cc6825a8b3b807970af9?d=identicon)[gtt](/maintainers/gtt)

---

Top Contributors

[![fduch](https://avatars.githubusercontent.com/u/1204137?v=4)](https://github.com/fduch "fduch (32 commits)")[![lisachenko](https://avatars.githubusercontent.com/u/640114?v=4)](https://github.com/lisachenko "lisachenko (5 commits)")[![timurib](https://avatars.githubusercontent.com/u/887973?v=4)](https://github.com/timurib "timurib (5 commits)")[![edefimov](https://avatars.githubusercontent.com/u/12027442?v=4)](https://github.com/edefimov "edefimov (3 commits)")[![berezuev](https://avatars.githubusercontent.com/u/695546?v=4)](https://github.com/berezuev "berezuev (1 commits)")

---

Tags

aesbundledecryptorencryptionencryptorrsasecuritysymfony-bundle

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/gtt-crypt-bundle/health.svg)

```
[![Health](https://phpackages.com/badges/gtt-crypt-bundle/health.svg)](https://phpackages.com/packages/gtt-crypt-bundle)
```

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
