austinheap / laravel-database-encryption Goto Github PK

Hi,

can you please check if we can update to the new version of random_compat?

Thank you.

Hi,

then I create a new Model, for example a new User, and save it to the Database, the attributes are not encrypted. Then I overwrite some attributes from this Modal and save the updated Model in the database, the updated attributes are encrypted.

How I can fix this?

Thank you

firstOrCreate() takes a second parameter--a list of attributes to be applied to model that is found or created: https://laravel.com/docs/5.5/eloquent

$flight = App\Flight::firstOrCreate(
['name' => 'Flight 10'], ['delayed' => 1]
);

In this case, "delayed" would not be encrypted.

Hello,

i have a problem. I installed the plugin with Laravel 5.7. I have inserted

use AustinHeap\Database\Encryption\Traits\HasEncryptedAttributes;

on top of my Model and defined

 use HasEncryptedAttributes;

 protected $encrypted = [
        'name',
 ];

in it. But after saving the Model in the Database, the Attribute name doesn't encrypted.
Are there any ideas to fix it?

Thank you for your help

I'm running this package on a site and it's working great 👍

I've provisioned a new server and want to migrate my site — if the Laravel APP_KEY is the same on both systems, should the data remain readable?

Currently this package cannot be installed with Laravel 5.7 due to the restriction:

"require": {
    "laravel/framework": "5.5.*|5.6.*",
}

Please add support for Laravel 5.7

Hi,

I am just trying your package to that, is it fullfilling my requirement. Yes, your package is working but only elequent. I have used query builder in some of place in my project to reduce the page load time as well as relationship queries.

Your package is not compatible with query builder. Is there any way to make compatible it with query builder?

Thanks

The required version of "paragonie/random_compat" conflicts with https://github.com/Roave/SecurityAdvisories
The current stable is v9.99.99 : https://github.com/paragonie/random_compat

Thank you for a great extension, it's very smooth to integrate!

We have some tables with personal data, which we want to be encrypted. One small consideration was database size and we started configuring header generation, currently configuration looks like this:

# somewhere in .env file
DB_ENCRYPTION_ENABLED=true
DB_ENCRYPTION_PREFIX=:
DB_ENCRYPTION_VERSIONING=false

what produces following results: :versionVERSION-00-01-02typestring[native]... (output from console select command).

And I got stuck with disabling versionVERSION-00-01-02typestring[native] and need help: how to disable it?

I need to implement it in Lumen, Please help me with this.
Can it be used in Lumen or not?

Hi. I have encrypted my data with versioning true and now I have changed my APP_KEY and the decryption is not working. If I change a value then only that is shown in the result set after data retrieval.

Due to a code change in Laravel code identified in #28, the package no longer works because no encrypted values are stored for the models.

This code change introduced 21 days ago affects all Laravel Versions (5.5, 5.6 and 5.7).

I've set up a gist with a sample use case. I want to save email drivers config so that the users can send emails from different sources. As they contain sensitive information (server address, password, etc.) it is better to store them encrypted.

For the sample use case, include the source code from the gist, call the seeder in the DatabaseSeeder file with $this->call(SendersTableSeeder::class); and then just run php artisan migrate:fresh --seed.

In the database there should be a row in the senders table with the mail_config column set with the encrypted value. Due to the code not working it shows the unencrypted value: {"driver":"log","host":null,"port":null,"username":null,"password":null,"encryption":null,"from":{"address":"admin@localhost","name":"Local Admin"}}

Hey,

thank you for your great plugin.
I would use it in my Laravel 5.7 application.
Is there a releasedate for that support?

Thank you

This package requires
paragonie/random_compat: ^2.0

This conflict with ramsey/uuid package

I added this package after i already had data in database, so I am looking to encrypt old data. I was initially thinking of updating updated_at and saving the model and it would encrypt, but it does not cause the encrypted attribute is not considered dirty. Any idea/hint on how i might encode old data?

After making some migrations, adding some new fields, and making nullable others, the package began to return encrypted values for 'some' of the fields.
For example, I have the password of the db working correctly (it is encrypted and returns the correct value) but I have the name of the encrypted S3 bucket, and it returns the string as it is in the db "__LARAVEL-DATABASE-ENCRYPTED-VERSIO ... "
I can't make it work again ... any idea?

Hi, not sure if this is a bug or intentional?

When I update a model unchanged attributes are re-encrypted. Could/should there be a comparison with the saved unencrypted value first and only encrypt if they are different?

Is there any option to turn off the prefix? I don't see much use for it.

After performing a composer update this morning, existing encrypted data is not properly decrypted anymore. All I'm getting are long strings that begin with "��__LARAVEL-DATABASE-ENCRYPTED-VERSION-00-01-00__��version�VERSION-00-01-"

Is this meant to be backwards compatible or do I have to reencrypt everything?

You missed a DB_ENCRYPTION_ENABLED in the docs:

Or simply setting the the DB_ENCRYPTION_ENABLED environment variable to true, via the Laravel .env file or hosting environment.

DATABASE_ENCRYPTION_ENABLED=true

Usage

i have a column with existing data (a float) in it. i converted the mariadb data type from decimal to varchar. installed laravel-database-encryption, re-saved the data in my app and laravel-database-encryption was able to encrypt it. however, when i went to view the data in my app again, laravel-database-encryption wasn't able to decrypt it. The error can probably speak for itself.

Type error: Return value of App\Models\Entry::decryptedAttribute() must be of the type string or null, float returned

…/vendor/austinheap/laravel-database-encryption/src/Traits/HasEncryptedAttributes.php 173

i understand that the data needs to be stored as some type of text in the database and it is, but i need to be able to encrypt/decrypt any data type. Maybe i'm missing something? FYI, i just reinstalled elocrypt and it handles this same scenario fine.

thanks

Thanks for package and good work.

We need to update the package to support Laravel 5.8. Probably there might be some not-compabilities.

I have a very robust application that encrypts several fields in a particular table in my database. Initially, everything was working great. I just now discovered that not every newly-created record is getting encrypted. Even records created by the same user is "hit-or-miss". Some records are encrypted by that user, and some aren't. I can't seem to figure out why suddenly things aren't reliably being encrypted. I can't seem to figure out what is going on. Any ideas as to what may have happened? How can I troubleshoot something that "sometimes works"?

I'm able to encrypt the data, an encryption header is written, but it's not detected by the plugin.
If i use the normal getter i.e. $user->name or $user->getAttribute('name'), I get the encrypted string in return.
\u0001\u0002__LARAVEL-DATABASE-ENCRYPTED-VERSION-00-01-02__\u0003\u001eversion\u0019VERSION-00-01-02\u0017\u001etype\u0019string[native]\u0017\u0004eyJpdiI6IlJndER1VWQ4ek1PVGhSRk5MRjNwWGc9PSIsInZhbHVlIjoiMXR1

if I use $user->decryptedAttribute('name'), I get the above message.
I can see that the system is looking for the wrong start and end for the header:

array:2 [▼ "start" => array:3 [▼ "int" => 1 "string" => "\x01" "default" => true ] "stop" => array:3 [▼ "int" => 4 "string" => "\x04" "default" => true ] ]

but overriding this values with \u0001 and \u001e didn't make a difference

My db config is standard:
'mysql' => [ 'driver' => 'mysql', 'host' => env('DB_HOST', 'localhost'), 'database' => env('DB_DATABASE', 'forge'), 'username' => env('DB_USERNAME', 'forge'), 'password' => env('DB_PASSWORD', ''), 'charset' => 'utf8', 'collation' => 'utf8_unicode_ci', 'prefix' => '', 'strict' => false, ],

Hi There,
This package has min required PHP 7.1.0, Laravel 5.5 itself has min required PHP 7.0.0. Can this package use for 7.0?

Thanks

ext-uopz is not (yet) compatible with PHP v7.3, which breaks code coverage log generation during unit tests. This will be fixed when the underlying issue is addressed or hot-fixed when an updated patch is available.

• Issue: krakjoe/uopz#79
• Patch: https://gist.github.com/cmb69/3060a552fc825497d066262ab31f3998 (broken)

Note: There is no meaningful impact outside of unit testing.

Hey,

The records are not being encrypted when I am creating/storing new info in the database, but on UPDATE action they are being encrypted. Dont know what I am doing wrong here but would help any guidance.

Thanks.

Tried this on a fresh install of laravel 5.5.*

the environment var (in .env) DATABASE_ENCRYPTION_ENABLED=false is ignored.

so if I want to disable the encryption i have to comment out the use HasEncryptedAttributes; statement in each model.

Hi,

I'm using Eloquent as standalone for my project.
Would it be possible to use this package too to support the standalone Eloquent?

Could you update the composer file to allow for Laravel 5.6 and tag a new release?

Hi,

I would like to run the tests for that package, did I missed something?

Thank you.

So, I am trying to upgrade my laravel 5.1 install with Elocrypt towards laravel 5.5. Currently I am trying this package to see if it can encrypt and decrypt my old database.

In order to do so, I followed the installation instructions in the readme and made the following changes to the config.

'enabled'            => env('DB_ENCRYPTION_ENABLED', true),
'prefix'             => env('DB_ENCRYPTION_PREFIX', '__ELOCRYPT__'),
'versioning'         => env('DB_ENCRYPTION_VERSIONING', false),

I modified my user.php model:

<?php

namespace App;

use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
use AustinHeap\Database\Encryption;

class User extends Authenticatable
{
    use Notifiable;
    use HasEncryptedAttributes;

    protected $encrypted = [
        'name'
    ];
}

However, running this code gives me the Trait 'App\HasEncryptedAttributes' not found. I am sure I am missing something here, but what?

When i want to seed the encrypted field in the database it sais:

SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'first_name' at row 1

Where can i set the length of the encrypted string

Hey, thanks so much for putting this package together. There is requirement of Laravel 5.5.* with this package.

Do you have any current plans on bumping this? if so any ETA?

If we were to make a PR - do you think it should be a quick win? Or are there likley to be issues?

Many thanks, looking forward to using it - Really nicely put together.

hi its showing encrypted value needs to show decrypted right

��__LARAVEL-DATABASE-ENCRYPTED-VERSION-00-01-00__��version�VERSION-00-01-00��type�string[native]��ey

When using the decryptedAttribute function on an encrypted value, I get the following error:

Symfony\Component\Debug\Exception\FatalThrowableError : Type error: substr() expects parameter 2 to be integer, boolean given

at C:\wamp\www\lifestream\vendor\austinheap\laravel-database-encryption\src\Traits\HasEncryptedAttributes.php: 171

I am encrypting/decrypting data from a migration to ensure that existing data will still work.

My migration looks like this:

class EncryptData extends Migration
{
    public function up()
    {
        $this->encryptModels(SomeModel::all());
    }

    public function down()
    {
        $this->decryptModels(SomeModel::all());
    }

    private function encryptModels($models)
    {
        foreach ($models as $model)
        {
            if (!property_exists($model, 'encrypted'))
                return;
            foreach ($model->encrypted as $key)
            {
                $value = $model->getAttributeRaw($key);
                $value = $model->encryptedAttribute($value);
                $model->setAttributeRaw($key, $value);
                $model->save();
            }
        }
    }

    private function decryptModels($models)
    {
        foreach ($models as $model)
        {
            if (!property_exists($model, 'encrypted'))
                return;
            foreach ($model->encrypted as $key)
            {
                $value = $model->getAttributeRaw($key);
                $value = $model->decryptedAttribute($value);
                $model->setAttributeRaw($key, $value);
                $model->save();
            }
        }
    }
}

The encryption part works fine, but rolling back the migration throws the exception. Also, the encrypted values look like this:

��__LARAVEL-DATABASE-ENCRYPTED-VERSION-00-01-00__��version�VERSION-00-01-00��type�string[native]��eyJpdiI6IjJEYTJuRkdMeTFTQ1pCNXRCanNvUUE9PSIsInZhbHVlIjoiYlo0d2NIOFwvd1BtNER6OUZIOUpIWGc9PSIsIm1hYyI6IjQ5Mzk2OTNlNTAyZGI1NmJkMmUyZjQyNDZlZWYwYTMzYjM3MzRhOTU2NzAzMDc0OGI1Y2Y4ZjczZTk2ZDdhNjQifQ==

Are the �� characters supposed to look like this?