initial commit

Author: chr15k

.editorconfig

@@ -0,0 +1,18 @@
+; This file is for unifying the coding style for different editors and IDEs.
+; More information at https://editorconfig.org
+
+root = true
+
+[*]
+charset = utf-8
+indent_size = 4
+indent_style = space
+end_of_line = lf
+insert_final_newline = true
+trim_trailing_whitespace = true
+
+[*.md]
+trim_trailing_whitespace = false
+
+[*.yml]
+indent_size = 2

.gitattributes

@@ -0,0 +1,8 @@
+# Path-based git attributes
+# https://www.kernel.org/pub/software/scm/git/docs/gitattributes.html
+
+# Ignore all test and documentation with "export-ignore".
+/.gitattributes     export-ignore
+/.gitignore         export-ignore
+/tests              export-ignore
+/.editorconfig      export-ignore

.gitignore

@@ -0,0 +1,4 @@
+.DS_Store
+/vendor
+composer.lock
+.phpunit.result.cache

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2020 chr15k
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,67 @@
+# Laravel MySql AES Encrypt/Decrypt
+
+Laravel database encryption at database side using native AES_DECRYPT and AES_ENCRYPT functions.
+Automatically encrypt and decrypt fields in your Models.
+
+## 1. Install
+```bash
+composer require chr15k/laravel-mysql-encrypt
+```
+
+## 2. Publish config (optional)
+```bash
+php artisan vendor:publish --provider="Chr15k\MysqlEncrypt\MysqlEncryptServiceProvider"
+```
+
+## 3. Configure Provider (Laravel 5.4 or earlier)
+For Laravel 5.4 or earlier, you'll need to add the following to config/app.php:
+
+```php
+'providers' => array(
+    Chr15k\\MysqlEncrypt\\MysqlEncryptServiceProvider::class
+)
+```
+
+## 4. Set encryption key in `.env` file
+```
+APP_AESENCRYPT_KEY=yourencryptionkey
+```
+
+## Update Models
+```php
+<?php
+
+namespace App;
+
+use Chr15k\MysqlEncrypt\Traits\Encryptable;
+use Illuminate\Database\Eloquent\Model;
+
+class User extends Model
+{
+    use Encryptable; // <-- 1. Include trait
+
+    protected $encryptable = [ // <-- 2. Include columns to be encrypted
+        'email',
+        'first_name',
+        'last_name',
+        'telephone',
+    ];
+}
+```
+
+## Schema columns to support encrypted data
+```php
+Schema::create('users', function (Blueprint $table) {
+    $table->bigIncrements('id');
+    $table->string('password');
+    $table->rememberToken();
+    $table->timestamps();
+});
+
+// Once the table has been created, use ALTER TABLE to create VARBINARY
+// or BLOB types to store encrypted data.
+DB::statement('ALTER TABLE `users` ADD `first_name` VARBINARY(300)');
+DB::statement('ALTER TABLE `users` ADD `last_name` VARBINARY(300)');
+DB::statement('ALTER TABLE `users` ADD `email` VARBINARY(300)');
+DB::statement('ALTER TABLE `users` ADD `telephone` VARBINARY(50)');
+```

composer.json

@@ -0,0 +1,44 @@
+{
+    "name": "chr15k/laravel-mysql-encrypt",
+    "description": "Laravel 5.x | 6.x | 7.x Database encryption mysql side",
+    "keywords": [
+        "laravel",
+        "chr15k",
+        "mysql",
+        "encryption",
+        "php",
+        "pii"
+    ],
+    "license": "MIT",
+    "authors": [
+        {
+            "name": "Christopher Keller",
+            "email": "[email protected]"
+        }
+    ],
+    "require": {
+        "php": "^7.2.5",
+        "illuminate/support": "^5.0|^6.0|^7.0",
+        "illuminate/database": "^5.0|^6.0|^7.0"
+    },
+    "autoload": {
+        "psr-4": {
+            "Chr15k\\MysqlEncrypt\\": "src/"
+        },
+        "files": [
+            "src/helpers.php"
+        ]
+    },
+    "config": {
+        "sort-packages": true
+    },
+    "extra": {
+        "laravel": {
+            "providers": [
+                "Chr15k\\MysqlEncrypt\\MysqlEncryptServiceProvider"
+            ]
+        }
+    },
+    "minimum-stability": "dev",
+    "prefer-stable": true
+}

config/config.php

@@ -0,0 +1,7 @@
+<?php
+
+return [
+
+    'key' => env('APP_AESENCRYPT_KEY'),
+
+];

src/MysqlEncryptServiceProvider.php

@@ -0,0 +1,26 @@
+<?php
+
+namespace Chr15k\MysqlEncrypt;
+
+use Illuminate\Support\ServiceProvider;
+
+class MysqlEncryptServiceProvider extends ServiceProvider
+{
+    /**
+     * {@inheritdoc}
+     */
+    public function boot()
+    {
+        $this->publishes([
+            __DIR__.'/../config/config.php' => config_path('mysql-encrypt.php'),
+        ], 'config');
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function register()
+    {
+        $this->mergeConfigFrom(__DIR__.'/../config/config.php', 'mysql-encrypt');
+    }
+}

src/Scopes/DecryptSelectScope.php

@@ -0,0 +1,36 @@
+<?php
+
+namespace Chr15k\MysqlEncrypt\Scopes;
+
+use Illuminate\Database\Eloquent\Builder;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Database\Eloquent\Scope;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Schema;
+
+class DecryptSelectScope implements Scope
+{
+    /**
+     * Apply the scope to a given Eloquent query builder.
+     *
+     * @param  \Illuminate\Database\Eloquent\Builder  $builder
+     * @param  \Illuminate\Database\Eloquent\Model  $model
+     * @return void
+     */
+    public function apply(Builder $builder, Model $model)
+    {
+        $encryptable = $model->encryptable();
+
+        $columns = empty($columns) ? Schema::getColumnListing($model->getTable()) : $columns;
+
+        if (empty($encryptable) || empty($columns)) {
+            return $builder->addSelect(...$columns);
+        }
+
+        $select = collect($columns)->map(function($column) use ($encryptable) {
+            return (in_array($column, $encryptable)) ? db_decrypt($column) : $column;
+        });
+
+        return $builder->addSelect(...$select);
+    }
+}

src/Traits/Encryptable.php

@@ -0,0 +1,40 @@
+<?php
+
+namespace Chr15k\MysqlEncrypt\Traits;
+
+use Illuminate\Support\Facades\DB;
+use Chr15k\MysqlEncrypt\Scopes\DecryptSelectScope;
+
+trait Encryptable
+{
+    /**
+     * @return void
+     */
+    public static function bootEncryptable()
+    {
+        static::addGlobalScope(new DecryptSelectScope);
+    }
+
+    /**
+     * @param string $key
+     * @param mixed  $value
+     *
+     * @return mixed
+     */
+    public function setAttribute($key, $value)
+    {
+        if (is_null($value) || !in_array($key, $this->encryptable)) {
+            return parent::setAttribute($key, $value);
+        }
+
+        return parent::setAttribute($key, db_encrypt($value));
+    }
+
+    /**
+     * @return array
+     */
+    public function encryptable(): array
+    {
+        return $this->encryptable ?? [];
+    }
+}