PHPackages                             psolutions/encrypt-bundle - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. psolutions/encrypt-bundle

ActiveSymfony-bundle[Security](/categories/security)

psolutions/encrypt-bundle
=========================

Bundle provides a service for encrypting values via attribute.

v5.0.0(1mo ago)029MITPHPPHP &gt;=8.2

Since May 15Pushed 1mo ago1 watchersCompare

[ Source](https://github.com/frizquierdo/EncryptBundle)[ Packagist](https://packagist.org/packages/psolutions/encrypt-bundle)[ Docs](https://github.com/frizquierdo/EncryptBundle)[ GitHub Sponsors](https://github.com/frizquierdo)[ RSS](/packages/psolutions-encrypt-bundle/feed)WikiDiscussions master Synced yesterday

READMEChangelog (2)Dependencies (14)Versions (3)Used By (0)

PSolutions Encrypt Bundle
=========================

[](#psolutions-encrypt-bundle)

A bundle to handle encoding and decoding of parameters using OpenSSL and Doctrine lifecycle events. It's a fork of

Features include:

- v1 is Symfony 6.4 and 7.0 compatible.
- Uses OpenSSL with **AES-256-GCM authenticated encryption** (since v2.1)
- Uses Event listeners
- Provides confidentiality AND authenticity (tamper-proof)

⚠️ IMPORTANT: Migration from Pre-v2.1 Versions
----------------------------------------------

[](#️-important-migration-from-pre-v21-versions)

**This bundle now uses AES-256-GCM instead of the old AES-256-CBC method.**

If you are currently using a previous version of this bundle and have data already encrypted in your database:

### **MIGRATION STEPS REQUIRED**

[](#migration-steps-required)

1. **Export your existing encrypted data using the OLD version** (v2.0.x):

    ```
    # With the old version installed, decrypt everything first:
    php bin/console encrypt:database decrypt
    ```
2. **Update the bundle to v2.1+**:

    ```
    composer update psolutions/encrypt-bundle
    ```
3. **Re-encrypt all data with the new GCM method**:

    ```
    php bin/console encrypt:database encrypt
    ```

**WARNING**: If you skip the migration step, the new version will NOT be able to decrypt data encrypted with the old CBC method. The two formats are incompatible.

### About AES-256-GCM

[](#about-aes-256-gcm)

- **Authenticated Encryption**: AES-GCM provides both encryption AND message authentication.
- **Tamper Detection**: Any modification to the encrypted data will be detected and will cause decryption to fail.
- **No Padding Oracle Vulnerabilities**: Unlike CBC mode, GCM is not vulnerable to padding oracle attacks.
- **Format**: Encrypted values are stored as `base64(IV . TAG . ciphertext) . ''`.

Features road map:

- Create a factory method to expand for different encryptors
- Create a twig function to decrypt encoded values
- Expand parameters to allow selection of encoding method
- Create CLI commands to encrypt and decrypt the entire database
- Handle DateTime data types via the bundle.

License
-------

[](#license)

This bundle is under the MIT license. See the complete license in the bundle:

```
Resources/meta/LICENSE

```

About
-----

[](#about)

EncryptBundle has been written for the [Parolla Plugins](https://plugins.parolla.ie) and [Parolla](https://www.parolla.ie) websites to encode users private data. The bundle is expanded in a larger [gdpr-bundle](https://github.com/mogilvie/GdprBundle).

Reporting an issue or a feature request
---------------------------------------

[](#reporting-an-issue-or-a-feature-request)

Issues and feature requests are tracked in the [Github issue tracker](https://github.com/frizquierdo/EncryptBundle/issues).

When reporting a bug, it may be a good idea to reproduce it in a basic project built using the [Symfony Standard Edition](https://github.com/symfony/symfony-standard)to allow developers of the bundle to reproduce the issue by simply cloning it and following some steps.

Installation
============

[](#installation)

Step 1: Install from package
----------------------------

[](#step-1-install-from-package)

Open a command console, enter your project directory and execute the following command to download the latest development version of this bundle:

```
$ composer require psolutions/encrypt-bundle

```

Step 2: Enable the bundle
-------------------------

[](#step-2-enable-the-bundle)

The receipe will create a package config file under config/packages/psolutions\_encrypt.yaml.

If required, enable the bundle by adding it to the list of registered bundles in the `config/bundles.php` file of your project:

```
