bereznii/yii2-encrypter 问题修复 & 功能扩展

解决BUG、新增功能、兼容多环境部署,快速响应你的开发需求

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

bereznii/yii2-encrypter

Composer 安装命令:

composer require bereznii/yii2-encrypter

包简介

Openssl Encrypter for Yii2

README 文档

README

This extension is used for two-way encryption. The cypher method used is AES256.

The main difference from original package is usage of unique initialization vector for each operation. The main purpose is to provide additional level of security by randomization of resulting hash. Also, as it seems from threads on stackoverflow, publicly stored IV is a very bad practice. However, it is needed to decrypt value. Implemented idea is described below.

Step-by-step encryption:

  1. Passphrase (32 bytes length) is being stored as ENV constant;
  2. Unique IV is randomly generated for each encryption operation by openssl_random_pseudo_bytes() and is presented as 16 bytes length string;
  3. Input is encrypted with openssl_encrypt(). Result is encrypted byte-string;
  4. IV (16 bytes) is prepended in front of byte-string from previous step;
  5. Concatenated string is encoded with base64_encode() to avoid encoding problems when transferring over a network or storing in a database.
  6. Result is a securely encrypted and encoded string.

Step-by-step decryption:

  1. Fully encrypted string is decoded with base64_decode();
  2. First 16 bytes is retrieved for further decryption process. This is IV;
  3. Remaining part of string is decrypted with openssl_decrypt() using IV from previous step and passphrase from ENV;
  4. Result is the initial string.

Installation

The preferred way to install this extension is through composer.

Either run

composer require bereznii/yii2-encrypter

or add

"bereznii/yii2-encrypter": "*"

to the require section of your composer.json file.

Set Up

To use Encrypter component it needs to be registered in Components list of Yii2 Application.

'components' => [
    'encrypter' => [
        'class' => \bereznii\encrypter\components\Encrypter::class,
        'key' => getenv('ENCRYPTION_KEY'),
    ],
    ...
]

Basic Usage

Component

Encrypter can be used both from web and console.

To encrypt value manually in any part of the application encrypter can be used as follows:

Yii::$app->encrypter->encrypt('Hello World!');

or to decrypt:

Yii::$app->encrypter->decrypt('Hello World!');

Behavior

The extension also comes with a behavior class that can be easily attached to any ActiveRecord Model.

Use the following syntax to attach the behavior.

public function behaviors()
{
    return [
        'encryption' => [
            'class' => \bereznii\encrypter\behaviors\EncryptionBehavior::class,
            'attributes' => [
                'attributeName1',
                'attributeName2',
            ],
        ],
    ];
}

The behavior will automatically encrypt all the data before saving it on the database and decrypt it after the retrieve.

Keep in mind that the behavior will use the current configuration of the extension for the encryption.

Unit Testing

Original package was built with TDD. However, current package is not covered with unit-tests due to lack of time caused by russian invasion to Ukraine. Hopefully, one day unit tests will be added and package will become more customizable. But until then, it is published for educational purposes only.

Warnings

It is extremely hard (or practically impossible) to decrypt the data without the password, copy of it should be store in secure place to avoid losing all encrypted data.

Two-way encryption should not be used to store passwords: you should use a one-way encryption function like sha1 and a SALT

统计信息

  • 总下载量: 3
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 1
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 0
  • Forks: 17
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2022-03-03

承接程序开发

PHP开发

VUE

Vue开发

前端开发

小程序开发

公众号开发

系统定制

数据库设计

云部署

网站建设

安全加固