Yii 2.0: yii2-encrypter

Extension used for two-way encryption with behaviour for database.
6 followers

Openssl Encrypter for Yii2

Openssl Encrypter for Yii2 Version 1.1.0

This extension is used for two-way encryption. The cypher method used is AES, and you can either use the 128 bites or 256 bites encryption.

You can also decide whether you want to use base64 encoding on the encrypted string to make it easier to store it, keeping in mind that the additional encoding will always increase the size of the string.

Openssl has been used in place of mcrypt because of its sheer speed in the encryption and decryption process (up to 30 times faster).

Installation

The preferred way to install this extension is through composer.

Either run

php composer.phar require --prefer-dist nickcv/yii2-encrypter "*"

or add

"nickcv/yii2-encrypter": "*"

to the require section of your composer.json file.

Set Up

Once the extension is installed you can either add manually the configuration in the web.php file or you can use the command line installer that will randomly generate your encryption password and IV.

Manual Installation


Add the following lines in the components section of your web.php file.

return [
    'class'=>'\nickcv\encrypter\components\Encrypter',
    'globalPassword'=>'YourPassword',
    'iv'=>'YourIV',
    'useBase64Encoding'=>true,
    'use256BitesEncoding'=>false,
];

I recommend using base64 encoding to make it easier to store the encrypted string.

The IV must always be 16 bites long, keep that in mind in case you use multibyte characters.


Automatic Installation


Modify your console.php config file, adding the encrypter to the list of bootstrapped modules

'bootstrap' => ['log','encrypter'],

Add then the module to the module list

'modules' => [
    'encrypter' => 'nickcv\encrypter\Module',
],

At this point you will be able to simply execute from the root of your app directory the command ./yii encrypter/setup

The command will automatically generate the config file encrypter.php in your application config directory. The generated config file will contain a randomly generated password and IV.

You will now only have to add the extension to your web.php config file

'encrypter' => require(__DIR__ . DIRECTORY_SEPARATOR . 'encrypter.php'),

Basic Usage

You can now use the encrypter manually in any part of the application to either encrypt a string

\Yii::$app->encrypter->encrypt('string to encrypt');

or decrypt and encrypted string

\Yii::$app->encrypter->decrypt('string to decrypt');

Behavior

The extension also comes with a behavior that you can easily attach to any ActiveRecord Model.

Use the following syntax to attach the behavior.

public function behaviors()
{
    return [
        'encryption' => [
            'class' => '\nickcv\encrypter\behaviors\EncryptionBehavior',
            'attributes' => [
                'attributeName',
                'otherAttributeName',
            ],
        ],
    ];
}

The behavior will automatically encrypt all the data before saving it on the database and decrypt it after the retrieve.

Keep in mind that the behavior will use the current configuration of the extension for the encryption.

Console Commands

If the console module is installed you can also use the ./yii encrypter/encrypt and ./yii encrypter/decrypt console commands.

To find out how to install the console module follow the "Automatic Installation" instructions in this document.

Unit Testing

The entire extension was built with TDD. To launch the tests just go inside the extension directory and execute the codecept run command.

Warnings

It is extremely hard to decrypt the data without the password and IV, keep a copy of them to avoid losing all your data.

Two-way encryption should not be used to store passwords: you should use a one-way encryption function like sha1 and a SALT

Total 3 comments

#19454 report it
ajkosh at 2015/07/12 04:24pm
i m sry i tried you ext. but it is not working.

i m implemented on grid action column id.I encrypted but when i decrypt id that is integer,it decrypt some digits only not evry time it is working.some time decrypting or some time not working.

#18917 report it
nickcv at 2015/02/04 04:57am
Per-user encryption

The current version currently uses a global key for encryption, but in the future I will add an easy way to do per-user encryption.

The only issue with per-user encryption is that you need to generate and store the user key otherwise you'd obviously lose the data. I just want to think about the best approach to include that without either assuming too much stuff or increasing the coupling.

I will probably release a new version next week with per-user encryption anyway!

#18892 report it
ahmed.ismail at 2015/01/31 08:21am
Hi, thanks for your helpful extension

I really need it in current application. But I think your documentation needs to be more clear to understand, its highly summarized!, if you recommend to read another tutorial related to this, please verify.

What i need is: if we want to encrypt & decrypt with key, this **key **is variable due to the current user session, can this extension help me?

Leave a comment

Please to leave your comment.

Create extension
Downloads
No downloadable files yet