ambta / doctrineencryptbundle Goto Github PK

https://github.com/xorgxx/doctrine-encryptor-bundle

When I execute doctrine:encrypt:status command, everyting is ok, but at the end, this error: "Return value of "Ambta\DoctrineEncryptBundle\Command\DoctrineEncryptStatusCommand::execute()" must be of the type int, "null" returned.".

To fix this, just add return 0; or return Command::SUCCESS; (much better) in DoctrineEncryptStatusCommand.php. I made a pull request but it went unanswered.

Hi,

I work on Symfony 5.3

My Config

ambta_doctrine_encrypt: secret_key: AB1CD2EF3GH4IJ5KL6MN7OP8QR9ST0UW # Your own random 256 bit key (32 characters) encrypted_suffix: <ENC> # or any other string that you wish that won't cause issues with your DB encryptor: AES-256 # AES-256 or AES-192 encryptor_class: \Ambta\DoctrineEncryptBundle\Encryptors\AES256Encryptor # your own encryption class

Error

[2021-11-25T20:46:24.972605+01:00] request.CRITICAL: Uncaught PHP Exception Error: "Length must be greater than 0" at /Users/aniskasmi/Documents/Workspace/Agri-Recrute/vendor/ambta/doctrine-encrypt-bundle/Ambta/DoctrineEncryptBundle/Encryptors/AES256Encryptor.php line 44 {"exception":"[object] (Error(code: 0): Length must be greater than 0 at /Users/aniskasmi/Documents/Workspace/Agri-Recrute/vendor/ambta/doctrine-encrypt-bundle/Ambta/DoctrineEncryptBundle/Encryptors/AES256Encryptor.php:44)"} []

Would like it for a symfony4 project. Is it better to fork?

class File
{

    /**
     * @var array
     *
     * @Encrypted()
     * @ORM\Column(name="content", type="array")
     */
    private $content;

    // ...

Encryption is made before serialization was performed over content of the array.
With this, I get error:
Ambta/DoctrineEncryptBundle/Subscribers/DoctrineEncryptSubscriber.php at line 286

283.                                }
284.                            } else {
285.                                if(!is_null($getInformation) and !empty($getInformation)) {
286.                                    if(substr($entity->$getter(), -5) != "<ENC>") {
287.                                        $this->encryptCounter++;
288.                                        $currentPropValue = $this->encryptor->encrypt($entity->$getter());
289.                                        $entity->$setter($currentPropValue);

Deeper trace with above example and two serializable objects in above array:
at substr (array(object(FileContent), object(FileContent)), '-5')

As far as I can see – encryption code is iterating over entity before the serialization was done – so all this goes through array instead of string (serialized).

Any quick fix to do or bug fix from you?

Final word: thank you so much for such a great lib! :)

Why doing anything in my getters or setters the encrypted version is also passed through those functions destroying the integrity of the data.

Is there a way to change things so that the encryption uses the direct properties? Via reflection perhaps?!

At least please add documentation code like below for other users with the need to format or unformat data and use encryption at the same time.

`
public function setNumber($number)
{
// Don't jack with the encrypted data only the non-encrypted data.
if ( substr( (string) $number, -6 ) == "=” ) {
$this->number = $number;
} else {
// strip formating for phone number or social security numbers
$this->number = preg_replace( '/\D/', '', (string) $number );
}

return $this;

}
`

Hello

I use ambta/doctrine-encrypt-bundle to crypt encrypt data fields from entity.
All is working well, but not when i use symfony command.
It give us some weird character and not the plain field when getting property...

Is someone met the problem before ?

Thanks in advance

I am working with sf 4.1 and the way to install is manually also in other issue is mentioned that in php 7.2 there is no php_mcrypt

Anytime I perform an $em->flush(); An Entity that was loaded which contains encrypted fields will show up as an UPDATE statement in the log. There are no changes to the entity. The fields aren't even used. The UPDATE should not occur.

Aside from this, My understanding of the code is that the values are decrypted as soon as the entity is loaded.. shouldn't they only be decrypted when some encrypted field is retrieved from the Entity ?

After installing DoctrineEncryptBundle, applying all configurations in settings.yml and adding the @Encrypted annotation to my entities, I try to add a new record via a form in my project (which worked before the encryption bundle was installed). I assumed the field in which the encrypted data is stored should be Blob, so I changed my secret fields from varchar to blob (correct me if I'm wrong about this).

The error (Warning: ReflectionProperty::getValue() expects exactly 1 parameter, 0 given) occurs in vendor\ambta\doctrine-encrypt-bundle\Ambta\DoctrineEncryptBundle\Subscribers\DoctrineEncryptSubscriber.php at line 256.

Can anyone point me in the right direction?

I noted that you use MCRYPT_MODE_ECB block. Isn't it depracated as unsecure in favor of more secure blocks like CBC?

Hi, I am using this bundle in Symfony 4.

I have installed 2.5 version

And have added below line in config/bundles.php
Ambta\DoctrineEncryptBundle\AmbtaDoctrineEncryptBundle::class => ['all', true]

And created /config/packages/ambta_doctrine_encrypt.yaml with contents of

ambta_doctrine_encrypt:
secret_key: AB1CD2EF3GH4IJ5KL6MN7OP8QR9ST0UW # Your own random 256 bit key (32 characters)
encryptor: rijndael256 # rijndael256 or rijndael128
encryptor_class: \Ambta\DoctrineEncryptBundle\Encryptors\Rijndael256Encryptor # your own encryption class

And below is what I get.

Can anyone use this bundle with Symfony 4?

Seems like this bundle makes conflict if field not just 'string' if I'm trying encrypt field PhoneNumber so it persists itself in varchar() just plain text, but in Entity this is actually an object. But encryption fires to early/late depends from read/write. So as result I've got 'string' instead of object! Any workaround about this? Basically it should provide 'transparent' really low level conversion on select/update.

Hi ! I have treid to implement custom findOneBy by separating me from your event class, but i get this error:

Cannot autowire service "App\Repository\Service\VPSRepository": argument "$encryptor" of method "__construct()" references interface "Ambta\DoctrineEncryptBundle\Encryptors\EncryptorInterface" but no such service exists. You should maybe alias this interface to the existing "ambta_doctrine_encrypt.encryptor" service.

How to implement custom findOneBy ? Thank for your help ! (function $this->get doest work)

Function mcrypt_get_iv_size() is deprecated

The __construct in the interface now takes away the freedom to implement your own encryptor which does more than just using a key. I want to create a asymmetrical encryptable class where I need to pass services to the __construct. It would be better if the encryptor was set as a service and then passed as a whole instead of initializing the encryptor and passing the key in the service.

Hi

Any plan for mongodb (odm ) support ?

Hi,

Here https://github.com/ambta/DoctrineEncryptBundle/blob/master/Resources/doc/installation.md it says to use :
php composer.phar update ambta/doctrine-encrypt-bundle
but it should be
php composer.phar require ambta/doctrine-encrypt-bundle

And also here there is a typo : https://github.com/ambta/DoctrineEncryptBundle/blob/master/Resources/doc/configuration.md

• Encryptor class, your own encryptor class will override encryptor paramater
  --> parameter and not paramater

Thank you :)

Hi i plan to use in new projet.
Question, can i use on :

• Objet ?
• Array ?
• LONGTEXT, MEDIUMTEXT ....

Thank.

256 version does not handle . "<ENC>" string that was added when encrypting.

128 does remove it before decrypting and seems to fix the issue on 256 too.

Can anyone explain what's the point of <ENC> adding after encrypting data?

so my mysql columns are under_score, my privates in the entity as $under_score and so my getters and setters are setCamelCase and getCamelCase...

So encryp/decrypt doesnt work because of https://github.com/ambta/DoctrineEncryptBundle/blob/master/Subscribers/DoctrineEncryptSubscriber.php#L263

If I import

use Symfony\Component\Serializer\NameConverter\CamelCaseToSnakeCaseNameConverter;

and insert before https://github.com/ambta/DoctrineEncryptBundle/blob/master/Subscribers/DoctrineEncryptSubscriber.php#L263

$nameConverter = new CamelCaseToSnakeCaseNameConverter();
$methodName = $nameConverter->denormalize($methodName);

then things work...

When getting values from getArrayResult() query, they are not decrypted so you have to do it manually.

$dspName = $this->get('ambta_doctrine_encrypt.encryptor')->decrypt($rating['displayName'])

Value in Array
3Ytmz0qWhj0Lk/New2hqCEJGXaATD+6PafxYuxuprCo=<ENC>

Expected Output of $dspName

T. H.

Actual Output of $dspName

T. H.[9�gם��)�9/P�p�^��R/��

See Stackoverflow question http://stackoverflow.com/questions/38322434/getarrayresult-alters-the-value-in-symfony

Hello,
since ext/mcrypt is deprecated in php 7.1, will be removed in 7.2, it would be great to use OpenSSL instead of mcrypt.
I'm starting a fork (https://github.com/Combodo/DoctrineEncryptBundle) in order to do this, please tell me if you'r interested in merging my changes or if I make it an autonomous fork.

Hi im just configure the bundle in my project, when I execute php app/console doctrine:encrypt:status I get this result:
AppBundle\Entity\Link has 2 properties which are encrypted.

Then I execute php app/console doctrine:encrypt:database, and when I confirm with yes it shows me this

Processing AppBundle\Entity\Link
20/20 [============================] 100%

Encryption finished. Values encrypted: 0 values.

So the properties are not encrypted, someone knows why?

Hello
I've installed this bundle on a symfony 4.4 project. When I try the console commands they don't seem to be available.

$ php bin/console doctrine:encrypt:status

  There are no commands defined in the "doctrine:encrypt" namespace.
  Did you mean one of these?
      doctrine
      doctrine:cache
      doctrine:database
      doctrine:mapping
      doctrine:migrations
      doctrine:query
      doctrine:schema

Any suggestions?

Hey guys,

can I ask if the bundle is working with open ssl encrypt? If I create my own custom class and make the encryption there with open ssl, will it still work?

Thanks a lot!

Im using php 7.4
Symfony 4.4.*

framework.yaml

framework:
  secret: '%env(APP_SECRET)%'

When i run composer require
composer require ambta/doctrine-encrypt-bundle

Using version ^2.5 for ambta/doctrine-encrypt-bundle
./composer.json has been updated
Running composer update ambta/doctrine-encrypt-bundle
> pre-update-cmd: Symfony\Flex\Flex_composer_tmp1->configureInstaller
Loading composer repositories with package information
> pre-pool-create: Symfony\Flex\Flex_composer_tmp1->truncatePackages
Updating dependencies
Dependency resolution completed in 0.001 seconds
Analyzed 259 packages to resolve dependencies
Analyzed 649 rules to resolve dependencies
Dependency resolution completed in 0.001 seconds
Lock file operations: 1 install, 0 updates, 0 removals
Installs: ambta/doctrine-encrypt-bundle:2.5.6
  - Locking ambta/doctrine-encrypt-bundle (2.5.6)
Writing lock file
Installing dependencies from lock file (including require-dev)
Nothing to install, update or remove
Generating autoload files
> post-autoload-dump: PackageVersions\Installer_composer_tmp0->dumpVersionsClass
ocramius/package-versions: Generating version class...
ocramius/package-versions: ...done generating version class
> post-autoload-dump: Symfony\Flex\Flex_composer_tmp1->updateAutoloadFile
98 packages you are using are looking for funding.
Use the `composer fund` command to find out more!
> post-update-cmd: Symfony\Flex\Flex_composer_tmp1->update

Run composer recipes at any time to see the status of your Symfony recipes.

> post-update-cmd: @auto-scripts
> auto-scripts: Symfony\Flex\Flex_composer_tmp1->executeAutoScripts
Executing script cache:clear
Executed script cache:clear  [KO]
 [KO]
Script cache:clear returned with error code 1
!!
!!  In DoctrineEncryptExtension.php line 46:
!!
!!    You must provide "secret_key" for DoctrineEncryptBundle or "secret" for fra
!!    mework
!!
!!
!!
Script @auto-scripts was called via post-update-cmd

Installation failed, reverting ./composer.json and ./composer.lock to their original content.

Dears.
I'm trying to decrypt my db that use rijndael256 encryptor, but when I use the line that documentations recommends, it throws the exception "[Symfony\Component\Console\Exception\InvalidArgumentException]
The helper "dialog" is not defined."

I'm using Symfony 3.3.13 and php 7.0.33

I don't know if I'm doing something wrong or if it's a bug. I would appreciate any help you can give me.

Thanks for your time.

Hi looking very attractif to install on my project. my question is there any problem find with Symfony 3?
i need in production.

Thank very must.

Hi,

AnnotationReader is used to parse entities mapping through annotations.
Is it possible to use this bundle with YAML ORM mapping declarations?

Thanks.

Hi i'm using your bundle, with "normal" variable it's since to work perfect. But with text varaible i have trouble. it never give back uncript value, alway give encript in twig.

Eny help? Thank

Hi,
good work, I appreciated it. How can I find a function to encrypt data in the same method the bundle use? I need this to encrypt data before running query.

thx

Trying to decrypt my DB using AES256 encryptor, but when using the command given for encryption and decryption

php bin/console doctrine:encrypt:database
It is giving command not found.

[error] Error thrown while running command "'doctrine:encrypt:database'". Message: "There are no commands defined in the "doctrine:encrypt" namespace.

I installed the package and given all the necessary configurations as required.
I'm using Symfony 4.4 and PHP 7.3.11

I don't know if I'm doing something wrong or if it's a bug. I would appreciate any help you can give me.

Thanks for your time.

Nice bundle, only one question though:

Isn't libmcrypt which mcrypt is dependent on, which in turn your bundle is dependent on deprecated and unmaintained since 2007?

Would it be an idea to use openssl instead?