PHPackages lumensistemas/encryption-laravel - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. lumensistemas/encryption-laravel ActiveLibrary lumensistemas/encryption-laravel ================================ Sodium-based encryption, decryption, and blind indexing for Laravel applications. 00[1 PRs](https://github.com/lumensistemas/encryption-laravel/pulls)1PHPCI passing Since Mar 26Pushed 1mo agoCompare [ Source](https://github.com/lumensistemas/encryption-laravel)[ Packagist](https://packagist.org/packages/lumensistemas/encryption-laravel)[ RSS](/packages/lumensistemas-encryption-laravel/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (2)DependenciesVersions (1)Used By (1) Encryption Laravel ================== [](#encryption-laravel) [![Latest Version on Packagist](https://camo.githubusercontent.com/39d5936335b09169e290f2661d95616dd29b5f8c58444b3ce5633e5fb58c2971/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6c756d656e73697374656d61732f656e6372797074696f6e2d6c61726176656c2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/lumensistemas/encryption-laravel)[![Tests](https://camo.githubusercontent.com/8e115619b7d5aa69a15bc967ebff129dfc5e06e8ef3f69e766fcc1524336f826/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f616374696f6e732f776f726b666c6f772f7374617475732f6c756d656e73697374656d61732f656e6372797074696f6e2d6c61726176656c2f7061636b6167652d74657374732e796d6c3f6272616e63683d6d61696e266c6162656c3d7465737473267374796c653d666c61742d737175617265)](https://github.com/lumensistemas/encryption-laravel/actions/workflows/package-tests.yml)[![Total Downloads](https://camo.githubusercontent.com/f215064cce86b8aba2681a157f1b23582ab5d6d120ff640aadd84c9a537df6ca/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6c756d656e73697374656d61732f656e6372797074696f6e2d6c61726176656c2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/lumensistemas/encryption-laravel) Sodium-based encryption, decryption, and blind indexing for Laravel. Provides Eloquent casts for transparent field-level encryption with optional authorization hooks (e.g. LGPD/GDPR compliance). Installation ------------ [](#installation) ``` composer require lumensistemas/encryption-laravel ``` Publish the configuration file: ``` php artisan vendor:publish --tag=encryption-laravel-config ``` Generate key files: ``` php artisan encryption:generate-keys ``` This creates `storage/encryption.key` and `storage/authentication.key` with `0600` permissions. You can specify a custom directory: ``` php artisan encryption:generate-keys --path=/etc/secrets ``` Use `--force` to overwrite existing key files. Add the key file paths to `.env`: ``` ENCRYPT_ENC_KEY_PATH=/path/to/your/app/storage/encryption.key ENCRYPT_AUTH_KEY_PATH=/path/to/your/app/storage/authentication.key ``` > **Security:** Keys are read from files rather than environment variables. This prevents accidental exposure through `phpinfo()`, debug pages, logs, or process listings. Key files should have restrictive permissions (`600`) and be excluded from version control. Usage ----- [](#usage) ### Facade [](#facade) ``` use LumenSistemas\Encrypt\Facades\Encryption; use LumenSistemas\Encrypt\ValueObjects\SecretString; // Encrypt & decrypt $ciphertext = Encryption::encrypt(new SecretString('secret')); $plaintext = Encryption::decrypt($ciphertext)->get(); // 'secret' // Hash & verify (blind index) $hash = Encryption::hash(new SecretString('secret')); Encryption::verify(new SecretString('secret'), $hash); // true ``` ### Eloquent Casts [](#eloquent-casts) #### AsEncryptedString [](#asencryptedstring) Encrypts on write, decrypts on read: ``` use LumenSistemas\Encrypt\Casts\AsEncryptedString; class User extends Model { protected $casts = [ 'cpf' => AsEncryptedString::class, ]; } ``` #### AsBlindIndex [](#asblindindex) Stores a deterministic hash for searching encrypted columns: ``` use LumenSistemas\Encrypt\Casts\AsBlindIndex; use LumenSistemas\Encrypt\Casts\AsEncryptedString; class User extends Model { protected $casts = [ 'email_encrypted' => AsEncryptedString::class, 'email_index' => AsBlindIndex::class, ]; } // Query by blind index use LumenSistemas\Encrypt\Facades\Encryption; use LumenSistemas\Encrypt\ValueObjects\SecretString; $user = User::where('email_index', Encryption::hash(new SecretString($email)))->first(); ``` ### Authorization & Audit Hook [](#authorization--audit-hook) Register a callback to authorize and/or log access before decryption. This is useful for LGPD/GDPR compliance: ``` use LumenSistemas\Encrypt\Casts\AsEncryptedString; // In a ServiceProvider boot(): AsEncryptedString::authorizeUsing(function (Model $model, string $key) { // Log every access AuditLog::record(auth()->user(), $model, $key); // Deny or mask if (! auth()->user()->can('view-sensitive', $model)) { return '***.***.***-**'; // return masked value instead of decrypting } return true; // allow decryption }); ``` The callback receives `(Model $model, string $key, array $attributes)` and should: - Return `true` to allow decryption - Return a `string` to return a masked value (skips decryption entirely) - Throw an exception to deny access Testing ------- [](#testing) ``` composer test ``` Changelog --------- [](#changelog) Please see [CHANGELOG](CHANGELOG.md) for more information on what has changed recently. Security Vulnerabilities ------------------------ [](#security-vulnerabilities) Please review [our security policy](../../security/policy) on how to report security vulnerabilities. Credits ------- [](#credits) - [Lucas Vasconcelos](https://github.com/lumensistemas) - [All Contributors](../../contributors) License ------- [](#license) The MIT License (MIT). Please see [License File](LICENSE.md) for more information. ### Health Score 20 — LowBetter than 14% of packages Maintenance60 Regular maintenance activity Popularity0 Limited adoption so far Community10 Small or concentrated contributor base Maturity11 Early-stage or recently created project Bus Factor1 Top contributor holds 92.3% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/dfdf6591a8b2d844569545878fba113e9c8de3d9b9d48f5b25637c6f0353ffbd?d=identicon)[lucasvscn](/maintainers/lucasvscn) --- Top Contributors [![lucasvscn](https://avatars.githubusercontent.com/u/3482569?v=4)](https://github.com/lucasvscn "lucasvscn (12 commits)")[![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)](https://github.com/dependabot[bot] "dependabot[bot] (1 commits)") ### Embed Badge ![Health badge](/badges/lumensistemas-encryption-laravel/health.svg) ``` [![Health](https://phpackages.com/badges/lumensistemas-encryption-laravel/health.svg)](https://phpackages.com/packages/lumensistemas-encryption-laravel) ``` PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)