This package enables an additional layer of security when handling sensitive data. Allowing key fields of your eloquent models in the database to be encrypted at rest using AES-256-CBC.
This package allows for your Eloquent Encryption to be encrypted using a different AES-256-CBC key. This allows for your regular app:key to be rotated. If you're looking for 4096-RSA encruption then this package RichardStyles/EloquentEncryption
This package requires Laravel 8.x or higher.
You can install the package via composer:
composer require richardstyles/eloquent-aes
If you wish to change the key cipher then you will need to publish the config.
php artisan vendor:publish --provider="RichardStyles\EloquentAES\EloquentAESServiceProvider" --tag="config"
To create an Eloquent encryption key, just as you would an app key. This will automatically add to the bottom of your .env
file.
php artisan key:eloquent
If you re-run this command, you will lose access to any encrypted data!
This package leverages Laravel's own custom casting to encode/decode values.
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Model;
use RichardStyles\EloquentAES\Casts\AESEncrypted;
use RichardStyles\EloquentAES\Casts\AESEncryptedCollection;
use RichardStyles\EloquentAES\Casts\AESEncryptedObject;
class SalesData extends Model
{
/**
* The attributes that should be cast.
*
* @var array
*/
protected $casts = [
'private_data' => AESEncrypted::class,
'private_collection' => AESEncryptedCollection::class,
'private_object' => AESEncryptedObject::class,
];
}
There are additional casts which will cast the decrypted value into a specific data type. If there is not one that you need, simply make a PR including sufficient testing.
composer test
Please see CHANGELOG for more information what has changed recently.
Please see CONTRIBUTING for details.
If you are having general issues with this package, feel free to contact me on Twitter.
If you believe you have found an issue, please report it using the GitHub issue tracker, or better yet, fork the repository and submit a pull request with a failing test.
If you're using this package, I'd love to hear your thoughts. Thanks!
If you discover any security related issues, please email [email protected] instead of using the issue tracker.
The MIT License (MIT). Please see License File for more information.