PHPackages involix/elocryptseven - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Database & ORM](/categories/database) 4. / 5. involix/elocryptseven Abandoned → [involix/elocrypt](/?search=involix%2Felocrypt)Library[Database & ORM](/categories/database) involix/elocryptseven ===================== Easily encrypt/decrypt Eloquent attributes in Laravel 5/6/7/8 1.8(5y ago)16.5k1MITPHPPHP >=7.0.0 Since Sep 25Pushed 5y ago1 watchersCompare [ Source](https://github.com/involix/elocrypt)[ Packagist](https://packagist.org/packages/involix/elocryptseven)[ RSS](/packages/involix-elocryptseven/feed)WikiDiscussions master Synced 4w ago READMEChangelog (10)Dependencies (8)Versions (24)Used By (0) Eloquent Encryption/Decryption for Laravel 5/6/7/8 ================================================== [](#eloquent-encryptiondecryption-for-laravel-5678) Automatically encrypt and decrypt Laravel Eloquent values. READ THIS FIRST --------------- [](#read-this-first) Encrypted values are usually longer than plain text values. Sometimes much longer. You may find that the column widths in your database tables need to be extended to store the encrypted values. If you are encrypting long strings such as JSON blobs then the encrypted values may be longer than a VARCHAR field can support, and you may need to extend your column types to TEXT or LONGTEXT. What Does This Do? ------------------ [](#what-does-this-do) This encrypts and decrypts columns stored in database tables in Laravel applications transparently, by encrypting data as it is stored in the model attributes and decrypting data as it is recalled from the model attributes. All data that is encrypted is prefixed with a tag (default `__ELOCRYPT__:`) so that encrypted data can be easily identified. This supports columns that store either encrypted or non-encrypted data to make migration easier. Data can be read from columns correctly regardless of whether it is encrypted or not but will be automatically encrypted when it is saved back into those columns. Requirements and Recommendations -------------------------------- [](#requirements-and-recommendations) - Laravel 5+ - PHP > 7 - PHP [openssl extension](http://php.net/manual/en/book.openssl.php). - A working OpenSSL implementation on your OS. OpenSSL comes pre-built with most Linux distributions and other forms of Unix such as \*BSD. There may or may not be a working OpenSSL implementation on a Windows system depending on how your LA?P stack was built. I cannot offer support for installing or using ElocryptFive on systems that do not have an OpenSSL library. Contributors ------------ [](#contributors) This is Darren Taylor's Laravel 4 "elocrypt" package, ported to Laravel 6/7/8 by Eugene Cooper. Thanks to Brandon Surowiec for some extensive refactoring of the internal methods. Installation ------------ [](#installation) This package can be installed via Composer by adding the following to your `composer.json` file: ``` "require": { "involix/elocrypt": "^1.8" } ``` You must then run the following command: ``` composer update ``` Once `composer update` has finished, then add the service provider to the `providers` array in your application's `config/app.php` file: ``` 'providers' => [ ... Involix\Elocrypt\ElocryptServiceProvider::class, ], ``` Configuration ------------- [](#configuration) Publish the config file with: ``` php artisan vendor:publish --provider='Involix\Elocrypt\ElocryptServiceProvider' ``` You may then change the default prefix tag string in your `.env` config file: ``` ELOCRYPT_PREFIX=__encrypted__ ``` or alternatively you can change the default right in the `config/elocrypt.php` file: ``` return [ 'prefix' => env('ELOCRYPT_PREFIX', '__encrypted__') ] ``` Usage ----- [](#usage) Simply reference the Elocrypt trait in any Eloquent Model you wish to apply encryption to and define an `$encrypts` array containing a list of the attributes to encrypt. For example: ``` use Involix\Elocrypt\Elocrypt; class User extends Eloquent { use Elocrypt; /** * The attributes that should be encrypted on save. * * @var array */ protected $encrypts = [ 'address_line_1', 'first_name', 'last_name', 'postcode' ]; } ``` You can combine `$casts` and `$encrypts` to store encrypted arrays. An array will first be converted to JSON and then encrypted. For example: ``` use Involix\Elocrypt\Elocrypt; class User extends Eloquent { use Elocrypt; protected $casts = ['extended_data' => 'array']; protected $encrypts = ['extended_data']; } ``` How it Works? ============= [](#how-it-works) By including the Elocrypt trait, the setAttribute() and getAttributeFromArray() methods provided by Eloquent are overridden to include an additional step. This additional step simply checks whether the attribute being set or get is included in the `$encrypts` array on the model, and either encrypts/decrypts it accordingly. Summary of Methods in Illuminate\\Database\\Eloquent\\Model ----------------------------------------------------------- [](#summary-of-methods-in-illuminatedatabaseeloquentmodel) This surveys the major methods in the Laravel Model class as of Laravel and checks to see how those models set attributes and hence how they are affected by this trait. - constructor -- calls fill() - fill() -- calls setAttribute() which has been extended to encrypt the data. - hydrate() -- TBD - create() -- calls constructor and hence fill() - firstOrCreate -- calls constructor - firstOrNew -- calls constructor - updateOrCreate -- calls fill() - update() -- calls fill() - toArray() -- calls attributesToArray() - jsonSerialize() -- calls toArray() - toJson() -- calls toArray() - attributesToArray() -- calls getArrayableAttributes(). - getAttribute -- calls getAttributeValue() - getAttributeValue -- calls getAttributeFromArray() - getAttributeFromArray -- calls getArrayableAttributes() - getArrayableAttributes -- has been extended here to decrypt the data. - setAttribute -- has been extended here to encrypt the data. - getAttributes -- has been extended here to decrypt the data. Keys and IVs ------------ [](#keys-and-ivs) The key and encryption algorithm used are as per the Laravel Encrypter service, and defined in `config/app.php`as follows: ``` 'key' => env('APP_KEY', 'SomeRandomString'), 'cipher' => 'AES-256-CBC', ``` I recommend generating a random 32 character string for the encryption key, and using AES-256-CBC as the cipher for encrypting data. If you are encrypting long data strings then AES-256-CBC-HMAC-SHA1 will be better. The IV for encryption is randomly generated. FAQ === [](#faq) Manually Encrypting Data ------------------------ [](#manually-encrypting-data) You can manually encrypt or decrypt data using the `encryptedAttribute()` and `decryptedAttribute()` functions. An example is as follows: ``` $user = new User(); $encryptedEmail = $user->encryptedAttribute(Input::get("email")); ``` Encryption and Searching ------------------------ [](#encryption-and-searching) You will not be able to search on encrypted data, because it is encrypted. Comparing encrypted values would require a fixed IV which introduces security issues. If you need to search on data then either: - Leave it unencrypted, or - Hash the data and search on the hash instead of the encrypted value. Use a well known hash algorithm such as SHA256. You could store both a hashed and an encrypted value, use the hashed value for searching and retrieve the encrypted value for other uses. Encryption and Authentication ----------------------------- [](#encryption-and-authentication) The same problem with searching applies for authentication because authentication requires a user search. If you have an authentication table where you encrypt the user data including the login data (for example the email), this will prevent Auth::attempt from working. For example this code will not work: ``` $auth = Auth::attempt(array( "email" => Input::get("email"), "password" => Input::get("password"), ), $remember); ``` As for searching, comparing the encrypted email will not work, because it would require a fixed IV which introduces security issues. What you will need to do instead is to hash the email address using a well known hash function (e.g. SHA256 or RIPE-MD160) rather than encrypt it, and then in the Auth::attempt function you can compare the hashes. If you need access to the email address then you could store both a hashed and an encrypted email address, use the hashed value for authentication and retrieve the encrypted value for other uses (e.g. sending emails). ### Health Score 34 — LowBetter than 77% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity22 Limited adoption so far Community14 Small or concentrated contributor base Maturity68 Established project with proven stability Bus Factor1 Top contributor holds 60.3% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~89 days Recently: every ~62 days Total 22 Last Release 1997d ago PHP version history (3 changes)v1.0PHP >=5.4.0 v1.5.6PHP >=5.6.0 1.7PHP >=7.0.0 ### Community Maintainers ![](https://www.gravatar.com/avatar/75191f939aee64e753855a3601c2180ba3d8242fe06139929e1a431c67fd2cda?d=identicon)[eugenecooper](/maintainers/eugenecooper) --- Top Contributors [![delatbabel](https://avatars.githubusercontent.com/u/2335362?v=4)](https://github.com/delatbabel "delatbabel (47 commits)")[![eugenecooper](https://avatars.githubusercontent.com/u/8261869?v=4)](https://github.com/eugenecooper "eugenecooper (24 commits)")[![bjauy](https://avatars.githubusercontent.com/u/1352357?v=4)](https://github.com/bjauy "bjauy (2 commits)")[![BrandonSurowiec](https://avatars.githubusercontent.com/u/5625680?v=4)](https://github.com/BrandonSurowiec "BrandonSurowiec (2 commits)")[![jdforsythe](https://avatars.githubusercontent.com/u/286972?v=4)](https://github.com/jdforsythe "jdforsythe (2 commits)")[![sipimokus](https://avatars.githubusercontent.com/u/1633489?v=4)](https://github.com/sipimokus "sipimokus (1 commits)") --- Tags laravelencryptioneloquentencryptlaravel8laravel7laravel-encryptioneloquent encryptioneloquent aeselocryptlaravel aes ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/involix-elocryptseven/health.svg) ``` [![Health](https://phpackages.com/badges/involix-elocryptseven/health.svg)](https://phpackages.com/packages/involix-elocryptseven) ``` ### Alternatives [delatbabel/elocryptfive Automatically encrypt and decrypt Eloquent attributes with ease. 8493.0k](/packages/delatbabel-elocryptfive)[dolphiq/laravel-aescrypt AES encrypt and decrypt Eloquent attributes inspired by elocryptfive 171.7k](/packages/dolphiq-laravel-aescrypt)[laravel/passport Laravel Passport provides OAuth2 server support to Laravel. 3.4k85.0M526](/packages/laravel-passport)[tucker-eric/eloquentfilter An Eloquent way to filter Eloquent Models 1.8k4.8M26](/packages/tucker-eric-eloquentfilter)[roots/acorn Framework for Roots WordPress projects built with Laravel components. 9682.1M97](/packages/roots-acorn)[laravel-doctrine/orm An integration library for Laravel and Doctrine ORM 8425.3M86](/packages/laravel-doctrine-orm) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)