PHPackages                             spryker/propel-encryption-behavior - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. spryker/propel-encryption-behavior

ActivePropel-behavior[Security](/categories/security)

spryker/propel-encryption-behavior
==================================

Propel Behavior for seamless encryption/decryption of data columns

0.1.1(4y ago)061.4k↓36.8%1MITPHPPHP >=7.3

Since Jan 24Pushed 1y ago43 watchersCompare

[ Source](https://github.com/spryker/propel-encryption-behavior)[ Packagist](https://packagist.org/packages/spryker/propel-encryption-behavior)[ RSS](/packages/spryker-propel-encryption-behavior/feed)WikiDiscussions master Synced 1mo ago

READMEChangelog (2)Dependencies (4)Versions (3)Used By (1)

Spryker - PropelEncryptionBehavior
==================================

[](#spryker---propelencryptionbehavior)

[![Build Status](https://github.com/spryker/propel-encryption-behavior/workflows/CI/badge.svg?branch=master)](https://github.com/spryker/propel-encryption-behavior/actions?query=workflow%3ACI+branch%3Amaster)[![codecov](https://camo.githubusercontent.com/1f9ead82e0cde9912b5e7f8f84a562099e61b52f114a536cdaeffeb1313eed1b/68747470733a2f2f636f6465636f762e696f2f67682f737072796b65722f70726f70656c2d656e6372797074696f6e2d6265686176696f722f6272616e63682f6d61737465722f67726170682f62616467652e7376673f746f6b656e3d6c71324f413633716b4c)](https://codecov.io/gh/spryker/propel-encryption-behavior)[![Latest Stable Version](https://camo.githubusercontent.com/c542f72bd79564a7ac7b5f81b726cdfcb681ec0307d58ac2da148241fdc7acbd/68747470733a2f2f706f7365722e707567782e6f72672f737072796b65722f70726f70656c2d656e6372797074696f6e2d6265686176696f722f762f737461626c652e737667)](https://packagist.org/packages/spryker/propel-encryption-behavior)[![Minimum PHP Version](https://camo.githubusercontent.com/0e9ac047546796cfdbe1423d1f4d91c8f37d2fbb11614a7900bb7686aaa5401f/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f7068702d253345253344253230372e342d3838393242462e737667)](https://php.net/)[![PHPStan](https://camo.githubusercontent.com/f60d96f7c2579690ab6dfa8918f777fe93a02a92301c661eb38a85861a92b780/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048505374616e2d6c6576656c253230382d627269676874677265656e2e7376673f7374796c653d666c6174)](https://phpstan.org/)[![License](https://camo.githubusercontent.com/8ab5f9889e6ca788151f6cb6cb0435a0dc8f91c9fb17f004669dff630e9731ea/68747470733a2f2f706f7365722e707567782e6f72672f737072796b65722f70726f70656c2d656e6372797074696f6e2d6265686176696f722f6c6963656e7365)](https://packagist.org/packages/spryker/propel-encryption-behavior)

Seamlessly encrypt/decrypt Propel2 data fields. This library is a *plugin* for the [Propel2 ORM framework](http://propelorm.org/). The library is a fork of [Athens\\Encryption](https://github.com/AthensFramework/Encryption).

For example:

```
// schema.xml

```

```
// Before any database queries:

    use Spryker\PropelEncryptionBehavior\Cipher;
    Cipher::createInstance("mysecretpassphrase");

// In your application:

    $o = new MyClass();

    $o->setMyData("Some data that will remain as plain text.");
    $o->setMySecretData("Some data that will be encrypted.");

    $o->save();

// Later:

    $o = MyClassQuery::create()->findOneByMyData("Some data that will remain as plain text.");

    echo $o->getMySecretData();
    // "Some data that will be encrypted."

    // If you need to use different passphrases in different queries:

    use Spryker\PropelEncryptionBehavior\Cipher;

    Cipher::resetInstance();
    Cipher::createInstance("mysecretpassphrase_2");

    // ... read or write data with another passphrase

```

Given the table definition above, the string `"Some data that will be encrypted."` is encrypted in memory before being sent to the database. When we retrieve `MySecretData` later, the ciphertext is decrypted before being returned.

Note/Tradeoff
=============

[](#notetradeoff)

**spryker/propel-encryption-behavior** *breaks Propel's native search/find/sort* methods on the encrypted field(s). Because the plain-texts of encrypted fields are not available to the database, no database method of search or sort can operate on these fields. A search or sort can only be accomplished by *retrieving all rows*, decrypting all values, and performing a search/sort on those. If you have many rows and you need to search/sort on encrypted fields, this process may be impractically slow.

Installation
============

[](#installation)

```
composer require spryker/propel-encryption-behavior

```

Use
===

[](#use)

This client library provides a `Cipher` class and one Propel2 Behavior class.

To designate a field as encrypted in your Propel schema, set its type as `VARBINARY`, `LONGVARBINARY` or `BLOB` and include the `encryption` behavior. Parameters that define encrypted columns should contain `column_name_*` prefix in the name attribute. You may include multiple columns in the `encryption` behavior:

```

```

Then build your models and database as usual.

Before querying the database, you must initialize the Cipher class with your passphrase:

```
    // Intialize the cipher
    Cipher::createInstance($my_passphrase);

```

The argument `$my_passphrase` should be a string of random characters. A length of 32-64 characters is appropriate for your passphrase. Because the cipher is initialized with every page load, the passphrase must be stored on your server in a location accessible to PHP. However, the passphrase should *not* be in a file which is viewable to web-visitors, and it almost certainly should not be included in your source/version control (git, scm, etc.).

That's it! The class setters for `MySecretData` and `MySecretData2` now seamlessly encrypt their data before it is sent to the database. The class getters for `MySecretData` and `MySecretData2` seamlessly decrypt data after retrieving it from the database.

Remember that search/find and sort are now *broken* for `MySecretData` and `MySecretData2`, for reasons discussed above.

Filtering
---------

[](#filtering)

By default all encrypted columns are not searchable. It's possible to make all encrypted columns of a table searchable by setting a parameter `searchable` to `true`

```

```

It's also possible to make a particular column as searchable using `searchable_column_name_*` prefix

```

```

> **Be aware:** For the searchable columns will be used a fixed IV. It looses data security.

###  Health Score

29

—

LowBetter than 59% of packages

Maintenance29

Infrequent updates — may be unmaintained

Popularity28

Limited adoption so far

Community21

Small or concentrated contributor base

Maturity35

Early-stage or recently created project

 Bus Factor2

2 contributors hold 50%+ of commits

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~3 days

Total

2

Last Release

1572d ago

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/10738957?v=4)[Spryker Bot](/maintainers/spryker-bot)[@spryker-bot](https://github.com/spryker-bot)

---

Top Contributors

[![JASchilz](https://avatars.githubusercontent.com/u/6137968?v=4)](https://github.com/JASchilz "JASchilz (52 commits)")[![olehnovatskyi-spryker](https://avatars.githubusercontent.com/u/79862859?v=4)](https://github.com/olehnovatskyi-spryker "olehnovatskyi-spryker (48 commits)")[![oleksander-kiiashko](https://avatars.githubusercontent.com/u/80702205?v=4)](https://github.com/oleksander-kiiashko "oleksander-kiiashko (20 commits)")[![TimurSultanov](https://avatars.githubusercontent.com/u/7510284?v=4)](https://github.com/TimurSultanov "TimurSultanov (17 commits)")[![dereuromark](https://avatars.githubusercontent.com/u/39854?v=4)](https://github.com/dereuromark "dereuromark (16 commits)")[![spryker-release-bot](https://avatars.githubusercontent.com/u/26904324?v=4)](https://github.com/spryker-release-bot "spryker-release-bot (1 commits)")

###  Code Quality

TestsPHPUnit

Static AnalysisPHPStan

Type Coverage Yes

### Embed Badge

![Health badge](/badges/spryker-propel-encryption-behavior/health.svg)

```
[![Health](https://phpackages.com/badges/spryker-propel-encryption-behavior/health.svg)](https://phpackages.com/packages/spryker-propel-encryption-behavior)
```

###  Alternatives

[defuse/php-encryption

Secure PHP Encryption Library

3.9k162.4M214](/packages/defuse-php-encryption)[roave/security-advisories

Prevents installation of composer packages with known security vulnerabilities: no API, simply require it

2.9k97.3M6.4k](/packages/roave-security-advisories)[mews/purifier

Laravel 5/6/7/8/9/10 HtmlPurifier Package

2.0k16.7M113](/packages/mews-purifier)[robrichards/xmlseclibs

A PHP library for XML Security

41278.1M118](/packages/robrichards-xmlseclibs)[bjeavons/zxcvbn-php

Realistic password strength estimation PHP library based on Zxcvbn JS

86917.5M63](/packages/bjeavons-zxcvbn-php)[illuminate/encryption

The Illuminate Encryption package.

9229.7M280](/packages/illuminate-encryption)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)