A CakePHP library to encrypt and decrypt data.
- Encrypt data when saving and decrypt data when fetching data from database.
- Encrypt & decrypt historical data.
Via Composer
For CakePHP 4:
composer require shakib/cakephp-encrypt-decrypt
For CakePHP 3.4 and above versions:
composer require shakib/cakephp-encrypt-decrypt:~1.1
For CakePHP <=3.3:
composer require shakib/cakephp-encrypt-decrypt:1.0
Add the type in bootstrap.php
TypeFactory::map('encrypted', 'EncryptDecrypt\Database\Type\EncryptType');
Add config value in config\app.php
'Security' => [
'encryption_key' => env('ENCRYPTION_KEY', 'YOUR-KEY'),
]
Table structure: Use BLOB \ VARBINARY
type for those columns you are want to be encrypted. Such as:
CREATE TABLE `accounts`(
`id` INT NOT NULL AUTO_INCREMENT,
`full_name` VARCHAR(100) NOT NULL,
`account_number` VARBINARY(255) NOT NULL,
`email` VARBINARY(255) NOT NULL,
`created` DATETIME NOT NULL,
`modified` DATETIME NULL,
PRIMARY KEY(`id`)
) ENGINE = InnoDB;
Map all columns in your Table class.
use Cake\ORM\Table;
use Cake\Database\Schema\TableSchemaInterface;
use EncryptDecrypt\Traits\EncryptDecrypt;
class AccountsTable extends Table
{
use EncryptDecrypt;
/**
* @param TableSchemaInterface $schema
* @return TableSchemaInterface
*/
protected function _initializeSchema(TableSchemaInterface $schema): TableSchemaInterface
{
$schema->setColumnType('account_number', 'encrypted');
$schema->setColumnType('email', 'encrypted');
return $schema;
}
}
To encrypt or decrypt historical data, add this method in your table class and run
public function encryptDecryptAllData()
{
// columns that are in plain text
$sourceColumns = ['column1', 'column2'];
// columns that need to be encrypted / decrypted
$destinationColumns = ['column3', 'column4'];
return $this->encryptAll($this, $sourceColumns, $destinationColumns);
}