From e948451f71e27067076c484a0ec63dcc4d723ce7 Mon Sep 17 00:00:00 2001 From: Robin Keet Date: Fri, 13 Apr 2018 09:11:27 +0200 Subject: [PATCH 1/9] Removed unnecessary interfaces --- src/Interfaces/PepperInterface.php | 17 ----------------- src/Interfaces/SpicyInterface.php | 7 ------- 2 files changed, 24 deletions(-) delete mode 100644 src/Interfaces/PepperInterface.php delete mode 100644 src/Interfaces/SpicyInterface.php diff --git a/src/Interfaces/PepperInterface.php b/src/Interfaces/PepperInterface.php deleted file mode 100644 index 0b6be77..0000000 --- a/src/Interfaces/PepperInterface.php +++ /dev/null @@ -1,17 +0,0 @@ - Date: Fri, 13 Apr 2018 09:11:52 +0200 Subject: [PATCH 2/9] Added HashInterface to require function 'hash' --- src/Interfaces/HashInterface.php | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 src/Interfaces/HashInterface.php diff --git a/src/Interfaces/HashInterface.php b/src/Interfaces/HashInterface.php new file mode 100644 index 0000000..e29e454 --- /dev/null +++ b/src/Interfaces/HashInterface.php @@ -0,0 +1,17 @@ + Date: Fri, 13 Apr 2018 09:12:14 +0200 Subject: [PATCH 3/9] Added HashModuleOptions class --- src/Options/HashModuleOptions.php | 104 ++++++++++++++++++++++++++++++ 1 file changed, 104 insertions(+) create mode 100644 src/Options/HashModuleOptions.php diff --git a/src/Options/HashModuleOptions.php b/src/Options/HashModuleOptions.php new file mode 100644 index 0000000..f6a6c20 --- /dev/null +++ b/src/Options/HashModuleOptions.php @@ -0,0 +1,104 @@ +reader; + } + + /** + * @param Reader|string $reader + * @return HashModuleOptions + */ + public function setReader($reader) + { + $this->reader = $reader; + return $this; + } + + /** + * @return EncryptorInterface|string + */ + public function getAdapter() + { + return $this->adapter; + } + + /** + * @param EncryptorInterface|string $adapter + * @return HashModuleOptions + */ + public function setAdapter($adapter) + { + $this->adapter = $adapter; + return $this; + } + + /** + * @return string + */ + public function getKey(): string + { + return $this->key; + } + + /** + * @param string $key + * @return HashModuleOptions + */ + public function setKey(string $key): HashModuleOptions + { + $this->key = $key; + return $this; + } + + /** + * @return string + */ + public function getPepper(): string + { + return $this->pepper; + } + + /** + * @param string $pepper + * @return HashModuleOptions + */ + public function setPepper(string $pepper): HashModuleOptions + { + $this->pepper = $pepper; + return $this; + } + +} \ No newline at end of file From 6fb6f677f92e147d6573a0802eaaf3bb7b6b4367 Mon Sep 17 00:00:00 2001 From: Robin Keet Date: Fri, 13 Apr 2018 09:13:27 +0200 Subject: [PATCH 4/9] Updated dist config file to add requirements for hashing --- config/local.config.php.dist | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/config/local.config.php.dist b/config/local.config.php.dist index f731eff..ec75c52 100644 --- a/config/local.config.php.dist +++ b/config/local.config.php.dist @@ -9,5 +9,11 @@ return [ 'key' => '', // Must be 32 characters - Halite requirement ], ], + 'hashing' => [ + 'orm_default' => [ + 'pepper' => '', // Must be 32 characters - Halite requirement + 'key' => '', // Must be 32 characters - Halite requirement + ], + ], ], ]; \ No newline at end of file From f135514d2c1d628473de9309f78f3a0cb9093109 Mon Sep 17 00:00:00 2001 From: Robin Keet Date: Fri, 13 Apr 2018 09:13:39 +0200 Subject: [PATCH 5/9] Added Hashed Annotation class --- src/Annotation/Hashed.php | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 src/Annotation/Hashed.php diff --git a/src/Annotation/Hashed.php b/src/Annotation/Hashed.php new file mode 100644 index 0000000..eb6ab86 --- /dev/null +++ b/src/Annotation/Hashed.php @@ -0,0 +1,37 @@ +salt; + } + + /** + * @param null|string $salt + * @return Hashed + */ + public function setSalt(?string $salt): Hashed + { + $this->salt = $salt; + return $this; + } +} \ No newline at end of file From edd26a8007e73570c7b2a77191e04c470f0ad3a9 Mon Sep 17 00:00:00 2001 From: Robin Keet Date: Fri, 13 Apr 2018 09:17:41 +0200 Subject: [PATCH 6/9] Created Adapter and Factory for it. Both based on earlier Encryption functionality --- src/Adapter/HaliteAdapter.php | 105 -------------------- src/Adapter/HaliteHashingAdapter.php | 99 ++++++++++++++++++ src/Factory/HaliteHashingAdapterFactory.php | 40 ++++++++ 3 files changed, 139 insertions(+), 105 deletions(-) delete mode 100644 src/Adapter/HaliteAdapter.php create mode 100644 src/Adapter/HaliteHashingAdapter.php create mode 100644 src/Factory/HaliteHashingAdapterFactory.php diff --git a/src/Adapter/HaliteAdapter.php b/src/Adapter/HaliteAdapter.php deleted file mode 100644 index 23929f1..0000000 --- a/src/Adapter/HaliteAdapter.php +++ /dev/null @@ -1,105 +0,0 @@ -setKey((new EncryptionKey((new HiddenString($key))))); - $this->setSalt($salt); - } - - /** - * {@inheritdoc} - */ - public function encrypt($data) - { - return Crypto::encrypt(new HiddenString($this->getSalt() . $data), $this->getKey()); - } - - /** - * {@inheritdoc} - */ - public function decrypt($data) - { - $decrypted = Crypto::decrypt($data, $this->getKey()); - - return str_replace($this->getSalt(), '', $decrypted); - } - - /** - * @return EncryptionKey - */ - public function getKey(): EncryptionKey - { - return $this->key; - } - - /** - * @param EncryptionKey $key - * @return HaliteAdapter - */ - public function setKey(EncryptionKey $key): HaliteAdapter - { - $this->key = $key; - return $this; - } - - /** - * @return string - */ - public function getSalt(): string - { - return $this->salt; - } - - /** - * @param string $salt - * @return HaliteAdapter - */ - public function setSalt(string $salt): HaliteAdapter - { - $this->salt = $salt; - return $this; - } - -} \ No newline at end of file diff --git a/src/Adapter/HaliteHashingAdapter.php b/src/Adapter/HaliteHashingAdapter.php new file mode 100644 index 0000000..8882956 --- /dev/null +++ b/src/Adapter/HaliteHashingAdapter.php @@ -0,0 +1,99 @@ +setKey((new EncryptionKey((new HiddenString($key))))); + $this->setPepper($pepper); + } + + /** + * @param string $data + * @return string + * @throws \ParagonIE\Halite\Alerts\CannotPerformOperation + * @throws \ParagonIE\Halite\Alerts\InvalidDigestLength + * @throws \ParagonIE\Halite\Alerts\InvalidMessage + * @throws \ParagonIE\Halite\Alerts\InvalidType + */ + public function hash(string $data): string + { + return Password::hash(new HiddenString($data . $this->getPepper()), $this->getKey()); + } + + /** + * @return EncryptionKey + */ + public function getKey(): EncryptionKey + { + return $this->key; + } + + /** + * @param EncryptionKey $key + * @return HaliteHashingAdapter + */ + public function setKey(EncryptionKey $key): HaliteHashingAdapter + { + $this->key = $key; + return $this; + } + + /** + * @return string + */ + public function getPepper(): string + { + return $this->pepper; + } + + /** + * @param string $pepper + * @return HaliteHashingAdapter + */ + public function setPepper(string $pepper): HaliteHashingAdapter + { + $this->pepper = $pepper; + return $this; + } + +} \ No newline at end of file diff --git a/src/Factory/HaliteHashingAdapterFactory.php b/src/Factory/HaliteHashingAdapterFactory.php new file mode 100644 index 0000000..d629390 --- /dev/null +++ b/src/Factory/HaliteHashingAdapterFactory.php @@ -0,0 +1,40 @@ + Date: Fri, 13 Apr 2018 09:18:32 +0200 Subject: [PATCH 7/9] Removed HaliteAdapterFactory - no longer used --- src/Factory/HaliteAdapterFactory.php | 40 ---------------------------- 1 file changed, 40 deletions(-) delete mode 100644 src/Factory/HaliteAdapterFactory.php diff --git a/src/Factory/HaliteAdapterFactory.php b/src/Factory/HaliteAdapterFactory.php deleted file mode 100644 index e0fa9a7..0000000 --- a/src/Factory/HaliteAdapterFactory.php +++ /dev/null @@ -1,40 +0,0 @@ - Date: Fri, 13 Apr 2018 09:19:46 +0200 Subject: [PATCH 8/9] Created HashedSubscriber and HashedServiceFactory classes. Subsriber functionality is trimmed down a lot from what it is for Encryption as Hashing is a one-way street, no way to read the data again. --- README.md | 40 ++- .../ZfDoctrineHashedServiceFactory.php | 142 +++++++++ src/Subscriber/DoctrineHashedSubscriber.php | 272 ++++++++++++++++++ 3 files changed, 441 insertions(+), 13 deletions(-) create mode 100644 src/Factory/ZfDoctrineHashedServiceFactory.php create mode 100644 src/Subscriber/DoctrineHashedSubscriber.php diff --git a/README.md b/README.md index f621711..a2003de 100644 --- a/README.md +++ b/README.md @@ -37,7 +37,9 @@ If these are filled in, it works out of the box using [Halite](https://github.co However, must be said, at the moment of writing this ReadMe, the Halite module contains duplicate `const` declarations, as such, you must disable your `E_NOTICE` warnings in your PHP config :( -# Usage example +# Examples + +### Encryption Simple, consider that you have an `Address` Entity, which under upcoming [EU GDPR regulation](https://www.eugdpr.org/) requires parts of the address, such as the street, to be encrypted. This uses the key & salt required for the config @@ -52,20 +54,32 @@ To encrypt a street name, add `@Encrypted` like so: */ protected $street; -If you need make sure that encryption is done in a unique way, such as for passwords or keys, which need decryption -(e.g. in the case that you need to create a connection string for an external API), you can provide some options. -Options provided are `spices`, `salt` and `pepper`. These must point to a property of the Entity you're encrypting, from -which then either the Salt or the Pepper or both of them are gotten and used. +By default the Encryption service assumes that the data to be encrypted is of the type `string`. However, you could have +a requirement to encrypt another type of data, such as a house number. Non-string types are supported, but the type of data +must be provided if not a string. You can do this like so: /** - * @var string - * @ORM\Column(name="street", type="string", length=255, nullable=true) - * @Encrypted(spices="encryption") + * @var int + * @ORM\Column(name="house_number", type="integer", length=20, nullable=false) + * @Encrypted(type="int") */ - protected $street; + protected $houseNumber; -The above example expects a property `relation` to be present. The value is given for the option `spices`, as such, -the returned Entity when using `getEncryption` must implement the `SpicyInterface`. +Supported types are [found here](http://php.net/settype). + +### Hashing + +Say you'd like to store a password, it should work in much of the same way as the above. However, it is data that should +not be de-cryptable (and there's no need for it to ever be decrypted), thus you should hash it instead. -**NOTE**: The option `spices` *may not be used* in conjunction with either `salt` or `pepper`. If you're *not* using -`spices`, you may use both `salt` and `pepper`. \ No newline at end of file +To hash something, like a password, add the `@Hashed` Annotation. See the example below. + + /** + * @var string + * @ORM\Column(name="password", type="text", nullable=false) + * @Hashed + */ + protected $password; + +**Note** that, unlike `@Encrypted`, there aren't options to give a type. As we can't decrypt the data (it's one-way), +there's no need to know what the original type was. The response will always be string value. \ No newline at end of file diff --git a/src/Factory/ZfDoctrineHashedServiceFactory.php b/src/Factory/ZfDoctrineHashedServiceFactory.php new file mode 100644 index 0000000..963cbd8 --- /dev/null +++ b/src/Factory/ZfDoctrineHashedServiceFactory.php @@ -0,0 +1,142 @@ +getOptions($container, 'hashing'); + + /** @var Reader|AnnotationReader $reader */ + $reader = $this->createReader($container, $options->getReader()); + /** @var HashInterface|HaliteHashingAdapter $adapter */ + $adapter = $this->createAdapter( + $container, + $options->getAdapter(), + [ + 'key' => $options->getKey(), + 'pepper' => $options->getPepper(), + ] + ); + + return new DoctrineHashedSubscriber( + $reader, + $adapter + ); + } + + /** + * @param ContainerInterface $container + * @param string $requestedName + * @param array|null $options + * @return DoctrineHashedSubscriber + * @throws \Psr\Container\ContainerExceptionInterface + * @throws \Psr\Container\NotFoundExceptionInterface + */ + public function __invoke(ContainerInterface $container, $requestedName, array $options = null) + { + return $this->createService($container); + } + + /** + * Get the class name of the options associated with this factory. + * + * @return string + */ + public function getOptionsClass() + { + return HashModuleOptions::class; + } + + /** + * @param ContainerInterface $container + * @param string $reader + * @param array|null $options + * @return Reader + * @throws \Psr\Container\ContainerExceptionInterface + * @throws \Psr\Container\NotFoundExceptionInterface + */ + private function createReader(ContainerInterface $container, string $reader, array $options = null) + { + /** @var Reader $reader */ + $reader = $this->hydrateDefinition($reader, $container, $options); + + if (!$reader instanceof Reader) { + + throw new \InvalidArgumentException( + 'Invalid reader provided. Must implement ' . Reader::class + ); + } + + return $reader; + } + + /** + * @param ContainerInterface $container + * @param $adapter + * @param array|null $options + * @return EncryptorInterface + * @throws \Psr\Container\ContainerExceptionInterface + * @throws \Psr\Container\NotFoundExceptionInterface + */ + private function createAdapter(ContainerInterface $container, string $adapter, array $options = null) + { + /** @var EncryptorInterface $adapter */ + $adapter = $this->hydrateDefinition($adapter, $container, $options); + + if (!$adapter instanceof EncryptorInterface) { + throw new \InvalidArgumentException( + 'Invalid hashor provided, must be a service name, ' + . 'class name, an instance, or method returning an ' . EncryptorInterface::class + ); + } + + return $adapter; + } + + /** + * Hydrates the value into an object + * + * @param $value + * @param ContainerInterface $container + * @param array|null $options + * @return mixed + */ + private function hydrateDefinition($value, ContainerInterface $container, array $options = null) + { + if (is_string($value)) { + if ($container->has($value)) { + if (is_array($options)) { + $value = $container->build($value, $options); + } else { + $value = $container->get($value); + } + } elseif (class_exists($value)) { + $value = new $value(); + } + } elseif (is_callable($value)) { + $value = $value(); + } + + return $value; + } +} \ No newline at end of file diff --git a/src/Subscriber/DoctrineHashedSubscriber.php b/src/Subscriber/DoctrineHashedSubscriber.php new file mode 100644 index 0000000..e3ad3ec --- /dev/null +++ b/src/Subscriber/DoctrineHashedSubscriber.php @@ -0,0 +1,272 @@ +setReader($reader); + $this->setHashor($hashor); + } + + /** + * Hash string before writing to the database. + * + * Notice that we do not recalculate changes otherwise the password will be written + * every time (Because it is going to differ from the un-encrypted value) + * + * @param OnFlushEventArgs $args + * @throws \Doctrine\ORM\Mapping\MappingException + */ + public function onFlush(OnFlushEventArgs $args) + { + $em = $args->getEntityManager(); + $unitOfWork = $em->getUnitOfWork(); + + foreach ($unitOfWork->getScheduledEntityInsertions() as $entity) { + $this->entityOnFlush($entity, $em); + $unitOfWork->recomputeSingleEntityChangeSet($em->getClassMetadata(get_class($entity)), $entity); + } + + foreach ($unitOfWork->getScheduledEntityUpdates() as $entity) { + $this->entityOnFlush($entity, $em); + $unitOfWork->recomputeSingleEntityChangeSet($em->getClassMetadata(get_class($entity)), $entity); + } + } + + + /** + * Processes the entity for an onFlush event. + * + * @param \object $entity + * @param EntityManager $em + * @throws \Doctrine\ORM\Mapping\MappingException + */ + private function entityOnFlush(object $entity, EntityManager $em) + { + $fields = []; + + foreach ($this->getEncryptedFields($entity, $em) as $field) { + /** @var \ReflectionProperty $reflectionProperty */ + $reflectionProperty = $field['reflection']; + + $fields[$reflectionProperty->getName()] = [ + 'field' => $reflectionProperty, + 'value' => $reflectionProperty->getValue($entity), + 'options' => $field['options'], + ]; + } + + $this->processFields($entity, $em); + } + + /** + * {@inheritdoc} + */ + public function getSubscribedEvents(): array + { + return [ + Events::onFlush, + ]; + } + + /** + * Process (encrypt/decrypt) entities fields + * + * @param $entity + * @param EntityManager $em + * @return bool + * @throws \Doctrine\ORM\Mapping\MappingException + * @throws \Exception + */ + private function processFields($entity, EntityManager $em): bool + { + $properties = $this->getEncryptedFields($entity, $em); + + foreach ($properties as $property) { + /** @var \ReflectionProperty $refProperty */ + $refProperty = $property['reflection']; + /** @var Hashed $annotationOptions */ + $annotationOptions = $property['options']; + /** @var boolean $nullable */ + $nullable = $property['nullable']; + + $value = $refProperty->getValue($entity); + // If the value is 'null' && is nullable, don't hash it + if (is_null($value) && $nullable) { + + continue; + } + + $value = $this->addSalt($value, $annotationOptions, $entity); + + $refProperty->setValue($entity, $this->getHashor()->hash($value)); + } + + return ! empty($properties); + } + + /** + * Check if option 'salt' is set + * If so, expect a related Entity on $entity for get{$options->getSalt()}() + * Use related Entity to get Salt. getSalt() should exist due to implementation of SaltInterface + * + * @param string $value + * @param Hashed $options + * @param \object $entity + * @return string + */ + private function addSalt(string $value, Hashed $options, \object $entity) + { + if ( + !is_null($options->getSalt()) + && method_exists($entity, 'get' . ucfirst($options->getSalt())) + && $entity->{'get' . ucfirst($options->getSalt())}() instanceof SaltInterface + && ($salt = $entity->{'get' . ucfirst($options->getSalt())}()->getSalt()) + ) { + + return $salt . $value; + } + + return $value; + } + + /** + * @param \object $entity + * @param EntityManager $em + * @return array|mixed + * @throws \Doctrine\ORM\Mapping\MappingException + */ + private function getEncryptedFields(object $entity, EntityManager $em) + { + $className = get_class($entity); + + if (isset($this->hashedFieldCache[$className])) { + return $this->hashedFieldCache[$className]; + } + + $meta = $em->getClassMetadata($className); + + $encryptedFields = []; + + foreach ($meta->getReflectionProperties() as $refProperty) { + /** @var \ReflectionProperty $refProperty */ + + // Gets Encrypted object from property Annotation. Includes options and their values. + $annotationOptions = $this->reader->getPropertyAnnotation($refProperty, $this::HASHED_ANNOTATION_NAME) ?: []; + + if (!empty($annotationOptions)) { + $refProperty->setAccessible(true); + $encryptedFields[] = [ + 'reflection' => $refProperty, + 'options' => $annotationOptions, + 'nullable' => $meta->getFieldMapping($refProperty->getName())['nullable'], + ]; + } + } + + $this->hashedFieldCache[$className] = $encryptedFields; + + return $encryptedFields; + } + + /** + * @return HashInterface + */ + public function getHashor(): HashInterface + { + return $this->hashor; + } + + /** + * @param HashInterface $hashor + * @return DoctrineHashedSubscriber + */ + public function setHashor(HashInterface $hashor): DoctrineHashedSubscriber + { + $this->hashor = $hashor; + return $this; + } + + /** + * @return Reader + */ + public function getReader(): Reader + { + return $this->reader; + } + + /** + * @param Reader $reader + * @return DoctrineHashedSubscriber + */ + public function setReader(Reader $reader): DoctrineHashedSubscriber + { + $this->reader = $reader; + return $this; + } + + /** + * @return array + */ + public function getHashedFieldCache(): array + { + return $this->hashedFieldCache; + } + + /** + * @param array $hashedFieldCache + * @return DoctrineHashedSubscriber + */ + public function setHashedFieldCache(array $hashedFieldCache): DoctrineHashedSubscriber + { + $this->hashedFieldCache = $hashedFieldCache; + return $this; + } + +} \ No newline at end of file From 3b6ecfe3e41b5decd89ba4c4b0f856569fcd84c7 Mon Sep 17 00:00:00 2001 From: Robin Keet Date: Fri, 13 Apr 2018 14:16:03 +0200 Subject: [PATCH 9/9] Created the config for the hashing side. Set the correct adapter interface to use in the service factory. Renamed a function in the subscriber and removed a slash from '\object' to be 'object' on parameter requirements. --- config/global.config.php | 15 ++++++++++++++- src/Factory/ZfDoctrineHashedServiceFactory.php | 9 ++++----- src/Subscriber/DoctrineHashedSubscriber.php | 18 +++++++++--------- 3 files changed, 27 insertions(+), 15 deletions(-) diff --git a/config/global.config.php b/config/global.config.php index d5f163f..a27bded 100644 --- a/config/global.config.php +++ b/config/global.config.php @@ -4,12 +4,16 @@ use Doctrine\Common\Annotations\AnnotationReader; use ZfDoctrineEncryptModule\Adapter\HaliteEncryptionAdapter; +use ZfDoctrineEncryptModule\Adapter\HaliteHashingAdapter; use ZfDoctrineEncryptModule\Factory\HaliteEncryptionAdapterFactory; +use ZfDoctrineEncryptModule\Factory\HaliteHashingAdapterFactory; use ZfDoctrineEncryptModule\Factory\ZfDoctrineEncryptedServiceFactory; +use ZfDoctrineEncryptModule\Factory\ZfDoctrineHashedServiceFactory; return [ 'doctrine_factories' => [ 'encryption' => ZfDoctrineEncryptedServiceFactory::class, + 'hashing' => ZfDoctrineHashedServiceFactory::class, ], 'doctrine' => [ 'encryption' => [ @@ -18,10 +22,17 @@ 'reader' => AnnotationReader::class, ], ], + 'hashing' => [ + 'orm_default' => [ + 'adapter' => 'hashing_adapter', + 'reader' => AnnotationReader::class, + ], + ], 'eventmanager' => [ 'orm_default' => [ 'subscribers' => [ 'doctrine.encryption.orm_default', + 'doctrine.hashing.orm_default', ], ], ], @@ -29,10 +40,12 @@ 'service_manager' => [ 'aliases' => [ 'encryption_adapter' => HaliteEncryptionAdapter::class, + 'hashing_adapter' => HaliteHashingAdapter::class, ], 'factories' => [ // Using aliases so someone else can use own adapter/factory - HaliteEncryptionAdapter::class => HaliteEncryptionAdapterFactory::class + HaliteEncryptionAdapter::class => HaliteEncryptionAdapterFactory::class, + HaliteHashingAdapter::class => HaliteHashingAdapterFactory::class, ], ], ]; \ No newline at end of file diff --git a/src/Factory/ZfDoctrineHashedServiceFactory.php b/src/Factory/ZfDoctrineHashedServiceFactory.php index 963cbd8..fbe3ff6 100644 --- a/src/Factory/ZfDoctrineHashedServiceFactory.php +++ b/src/Factory/ZfDoctrineHashedServiceFactory.php @@ -4,7 +4,6 @@ use Doctrine\Common\Annotations\AnnotationReader; use Doctrine\Common\Annotations\Reader; -use DoctrineEncrypt\Encryptors\EncryptorInterface; use DoctrineModule\Service\AbstractFactory; use Interop\Container\ContainerInterface; use Zend\ServiceManager\ServiceLocatorInterface; @@ -94,19 +93,19 @@ private function createReader(ContainerInterface $container, string $reader, arr * @param ContainerInterface $container * @param $adapter * @param array|null $options - * @return EncryptorInterface + * @return HashInterface * @throws \Psr\Container\ContainerExceptionInterface * @throws \Psr\Container\NotFoundExceptionInterface */ private function createAdapter(ContainerInterface $container, string $adapter, array $options = null) { - /** @var EncryptorInterface $adapter */ + /** @var HashInterface $adapter */ $adapter = $this->hydrateDefinition($adapter, $container, $options); - if (!$adapter instanceof EncryptorInterface) { + if (!$adapter instanceof HashInterface) { throw new \InvalidArgumentException( 'Invalid hashor provided, must be a service name, ' - . 'class name, an instance, or method returning an ' . EncryptorInterface::class + . 'class name, an instance, or method returning an ' . HashInterface::class ); } diff --git a/src/Subscriber/DoctrineHashedSubscriber.php b/src/Subscriber/DoctrineHashedSubscriber.php index e3ad3ec..539f9a9 100644 --- a/src/Subscriber/DoctrineHashedSubscriber.php +++ b/src/Subscriber/DoctrineHashedSubscriber.php @@ -91,7 +91,7 @@ private function entityOnFlush(object $entity, EntityManager $em) { $fields = []; - foreach ($this->getEncryptedFields($entity, $em) as $field) { + foreach ($this->getHashableFields($entity, $em) as $field) { /** @var \ReflectionProperty $reflectionProperty */ $reflectionProperty = $field['reflection']; @@ -116,7 +116,7 @@ public function getSubscribedEvents(): array } /** - * Process (encrypt/decrypt) entities fields + * Process hashable entities fields * * @param $entity * @param EntityManager $em @@ -126,7 +126,7 @@ public function getSubscribedEvents(): array */ private function processFields($entity, EntityManager $em): bool { - $properties = $this->getEncryptedFields($entity, $em); + $properties = $this->getHashableFields($entity, $em); foreach ($properties as $property) { /** @var \ReflectionProperty $refProperty */ @@ -161,7 +161,7 @@ private function processFields($entity, EntityManager $em): bool * @param \object $entity * @return string */ - private function addSalt(string $value, Hashed $options, \object $entity) + private function addSalt(string $value, Hashed $options, object $entity) { if ( !is_null($options->getSalt()) @@ -182,7 +182,7 @@ private function addSalt(string $value, Hashed $options, \object $entity) * @return array|mixed * @throws \Doctrine\ORM\Mapping\MappingException */ - private function getEncryptedFields(object $entity, EntityManager $em) + private function getHashableFields(object $entity, EntityManager $em) { $className = get_class($entity); @@ -192,7 +192,7 @@ private function getEncryptedFields(object $entity, EntityManager $em) $meta = $em->getClassMetadata($className); - $encryptedFields = []; + $hashableFields = []; foreach ($meta->getReflectionProperties() as $refProperty) { /** @var \ReflectionProperty $refProperty */ @@ -202,7 +202,7 @@ private function getEncryptedFields(object $entity, EntityManager $em) if (!empty($annotationOptions)) { $refProperty->setAccessible(true); - $encryptedFields[] = [ + $hashableFields[] = [ 'reflection' => $refProperty, 'options' => $annotationOptions, 'nullable' => $meta->getFieldMapping($refProperty->getName())['nullable'], @@ -210,9 +210,9 @@ private function getEncryptedFields(object $entity, EntityManager $em) } } - $this->hashedFieldCache[$className] = $encryptedFields; + $this->hashedFieldCache[$className] = $hashableFields; - return $encryptedFields; + return $hashableFields; } /**