forked from vmelnik-ukraine/DoctrineEncryptBundle
-
Notifications
You must be signed in to change notification settings - Fork 57
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
29 changed files
with
585 additions
and
381 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,3 @@ | ||
composer.json | ||
.idea/ | ||
composer.lock | ||
.idea/ | ||
.php_cs.cache |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,23 +3,20 @@ | |
namespace Ambta\DoctrineEncryptBundle\Command; | ||
|
||
use Ambta\DoctrineEncryptBundle\DependencyInjection\DoctrineEncryptExtension; | ||
use Doctrine\Common\Annotations\AnnotationReader; | ||
use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand; | ||
use Symfony\Component\Console\Helper\ProgressBar; | ||
use Symfony\Component\Console\Input\InputArgument; | ||
use Symfony\Component\Console\Input\InputInterface; | ||
use Symfony\Component\Console\Output\OutputInterface; | ||
use Symfony\Component\Console\Question\ConfirmationQuestion; | ||
|
||
/** | ||
* Decrypt whole database on tables which are encrypted | ||
* Decrypt whole database on tables which are encrypted. | ||
* | ||
* @author Marcel van Nuil <[email protected]> | ||
* @author Michael Feinbier <[email protected]> | ||
*/ | ||
class DoctrineDecryptDatabaseCommand extends AbstractCommand | ||
{ | ||
|
||
/** | ||
* {@inheritdoc} | ||
*/ | ||
|
@@ -28,7 +25,7 @@ protected function configure() | |
$this | ||
->setName('doctrine:decrypt:database') | ||
->setDescription('Decrypt whole database on tables which are encrypted') | ||
->addArgument("encryptor", InputArgument::OPTIONAL, 'The encryptor you want to decrypt the database with') | ||
->addArgument('encryptor', InputArgument::OPTIONAL, 'The encryptor you want to decrypt the database with') | ||
->addArgument('batchSize', InputArgument::OPTIONAL, 'The update/flush batch size', 20); | ||
} | ||
|
||
|
@@ -45,17 +42,17 @@ protected function execute(InputInterface $input, OutputInterface $output) | |
$batchSize = $input->getArgument('batchSize'); | ||
|
||
//If encryptor has been set use that encryptor else use default | ||
if($input->getArgument('encryptor')) { | ||
if(isset($supportedExtensions[$input->getArgument('encryptor')])) { | ||
if ($input->getArgument('encryptor')) { | ||
if (isset($supportedExtensions[$input->getArgument('encryptor')])) { | ||
$this->subscriber->setEncryptor($supportedExtensions[$input->getArgument('encryptor')]); | ||
} else { | ||
if(class_exists($input->getArgument('encryptor'))) | ||
{ | ||
if (class_exists($input->getArgument('encryptor'))) { | ||
$this->subscriber->setEncryptor($input->getArgument('encryptor')); | ||
} else { | ||
$output->writeln('\nGiven encryptor does not exists'); | ||
$output->writeln('Supported encryptors: ' . implode(', ', array_keys($supportedExtensions))); | ||
$output->writeln('You can also define your own class. (example: Ambta\DoctrineEncryptBundle\Encryptors\Rijndael128Encryptor)'); | ||
$output->writeln('Supported encryptors: '.implode(', ', array_keys($supportedExtensions))); | ||
$output->writeln('You can also define your own class. (example: \Ambta\DoctrineEncryptBundle\Encryptors\AES256Encryptor)'); | ||
|
||
return; | ||
} | ||
} | ||
|
@@ -66,7 +63,7 @@ protected function execute(InputInterface $input, OutputInterface $output) | |
|
||
//Set counter and loop through entity manager meta data | ||
$propertyCount = 0; | ||
foreach($metaDataArray as $metaData) { | ||
foreach ($metaDataArray as $metaData) { | ||
if ($metaData->isMappedSuperclass) { | ||
continue; | ||
} | ||
|
@@ -76,11 +73,11 @@ protected function execute(InputInterface $input, OutputInterface $output) | |
} | ||
|
||
$confirmationQuestion = new ConfirmationQuestion( | ||
"<question>\n" . count($metaDataArray) . " entities found which are containing " . $propertyCount . " properties with the encryption tag. \n\n" . | ||
"Which are going to be decrypted with [" . $this->subscriber->getEncryptor() . "]. \n\n" . | ||
"Wrong settings can mess up your data and it will be unrecoverable. \n" . | ||
"I advise you to make <bg=yellow;options=bold>a backup</bg=yellow;options=bold>. \n\n" . | ||
"Continue with this action? (y/yes)</question>", false | ||
"<question>\n".count($metaDataArray).' entities found which are containing '.$propertyCount." properties with the encryption tag. \n\n". | ||
'Which are going to be decrypted with ['.$this->subscriber->getEncryptor()."]. \n\n". | ||
"Wrong settings can mess up your data and it will be unrecoverable. \n". | ||
"I advise you to make <bg=yellow;options=bold>a backup</bg=yellow;options=bold>. \n\n". | ||
'Continue with this action? (y/yes)</question>', false | ||
); | ||
|
||
if (!$question->ask($input, $output, $confirmationQuestion)) { | ||
|
@@ -93,40 +90,39 @@ protected function execute(InputInterface $input, OutputInterface $output) | |
$valueCounter = 0; | ||
|
||
//Loop through entity manager meta data | ||
foreach($this->getEncryptionableEntityMetaData() as $metaData) { | ||
foreach ($this->getEncryptionableEntityMetaData() as $metaData) { | ||
$i = 0; | ||
$iterator = $this->getEntityIterator($metaData->name); | ||
$totalCount = $this->getTableCount($metaData->name); | ||
|
||
$output->writeln(sprintf('Processing <comment>%s</comment>', $metaData->name)); | ||
$progressBar = new ProgressBar($output, $totalCount); | ||
foreach($iterator as $row) { | ||
foreach ($iterator as $row) { | ||
$entity = $row[0]; | ||
|
||
//Create reflectionClass for each entity | ||
$entityReflectionClass = New \ReflectionClass($entity); | ||
$entityReflectionClass = new \ReflectionClass($entity); | ||
|
||
//Get the current encryptor used | ||
$encryptorUsed = $this->subscriber->getEncryptor(); | ||
|
||
//Loop through the property's in the entity | ||
foreach($this->getEncryptionableProperties($metaData) as $property) { | ||
foreach ($this->getEncryptionableProperties($metaData) as $property) { | ||
//Get and check getters and setters | ||
$methodeName = ucfirst($property->getName()); | ||
|
||
$getter = "get" . $methodeName; | ||
$setter = "set" . $methodeName; | ||
$getter = 'get'.$methodeName; | ||
$setter = 'set'.$methodeName; | ||
|
||
//Check if getter and setter are set | ||
if($entityReflectionClass->hasMethod($getter) && $entityReflectionClass->hasMethod($setter)) { | ||
|
||
if ($entityReflectionClass->hasMethod($getter) && $entityReflectionClass->hasMethod($setter)) { | ||
//Get decrypted data | ||
$unencrypted = $entity->$getter(); | ||
|
||
//Set raw data | ||
$entity->$setter($unencrypted); | ||
|
||
$valueCounter++; | ||
++$valueCounter; | ||
} | ||
} | ||
|
||
|
@@ -139,13 +135,12 @@ protected function execute(InputInterface $input, OutputInterface $output) | |
$this->entityManager->clear(); | ||
} | ||
$progressBar->advance(1); | ||
$i++; | ||
++$i; | ||
|
||
//Set the encryptor again | ||
$this->subscriber->setEncryptor($encryptorUsed); | ||
} | ||
|
||
|
||
$progressBar->finish(); | ||
$output->writeln(''); | ||
//Get the current encryptor used | ||
|
@@ -158,6 +153,6 @@ protected function execute(InputInterface $input, OutputInterface $output) | |
} | ||
|
||
//Say it is finished | ||
$output->writeln("\nDecryption finished values found: <info>" . $valueCounter . "</info>, decrypted: <info>" . $this->subscriber->decryptCounter . "</info>.\nAll values are now decrypted."); | ||
$output->writeln("\nDecryption finished values found: <info>".$valueCounter.'</info>, decrypted: <info>'.$this->subscriber->decryptCounter."</info>.\nAll values are now decrypted."); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,85 @@ | ||
<?php | ||
|
||
namespace Ambta\DoctrineEncryptBundle\Encryptors; | ||
|
||
/** | ||
* Class for AES256 encryption. | ||
* | ||
* @author Victor Melnik <[email protected]> | ||
*/ | ||
class AES192Encryptor implements EncryptorInterface | ||
{ | ||
const METHOD_NAME = 'AES-192'; | ||
const ENCRYPT_MODE = 'ECB'; | ||
|
||
/** | ||
* @var string | ||
*/ | ||
private $secretKey; | ||
|
||
/** | ||
* @var string | ||
*/ | ||
private $suffix; | ||
|
||
/** | ||
* @var string | ||
*/ | ||
private $encryptMethod; | ||
|
||
/** | ||
* @var string | ||
*/ | ||
private $initializationVector; | ||
|
||
/** | ||
* {@inheritdoc} | ||
*/ | ||
public function __construct($key, $suffix) | ||
{ | ||
$this->secretKey = md5($key); | ||
$this->suffix = $suffix; | ||
$this->encryptMethod = sprintf('%s-%s', self::METHOD_NAME, self::ENCRYPT_MODE); | ||
$this->initializationVector = openssl_random_pseudo_bytes( | ||
openssl_cipher_iv_length($this->encryptMethod) | ||
); | ||
} | ||
|
||
/** | ||
* {@inheritdoc} | ||
*/ | ||
public function encrypt($data) | ||
{ | ||
if (is_string($data)) { | ||
return trim(base64_encode(openssl_encrypt( | ||
$data, | ||
$this->encryptMethod, | ||
$this->secretKey, | ||
0, | ||
$this->initializationVector | ||
))).$this->suffix; | ||
} | ||
|
||
return $data; | ||
} | ||
|
||
/** | ||
* {@inheritdoc} | ||
*/ | ||
public function decrypt($data) | ||
{ | ||
if (is_string($data)) { | ||
$data = str_replace($this->suffix, '', $data); | ||
|
||
return trim(openssl_decrypt( | ||
base64_decode($data), | ||
$this->encryptMethod, | ||
$this->secretKey, | ||
0, | ||
$this->initializationVector | ||
)); | ||
} | ||
|
||
return $data; | ||
} | ||
} |
Oops, something went wrong.