Closed Volmarg closed 3 years ago
Hi Volmarg, If I'm understanding your use case you want to generate a unique persisted encryption key for each authenticated user at login. Then use that key for all user related encrypt and decrypt processes.
I think this could be achieved within the current bundle framework by creating a custom subscriber. The current bundle config allows you to override the default bundle subscriber and use your own.
Would that suit your purposes?
Close enough. That's my real use case:
I need to encrypt data in Project A then send them to Project B where the only way to get inside will be standard user authentication (login/password) and that encryption key to see the real data.
That's why I need to enforce the project to work without providing key in services.yaml
and thus I've hardcoded something like 0000...
just to mute the exception.
Later on when I log-in i save the key to the file, and read it from there to decrypt database, after logout or x
inactivity minutes, cron removes the file from server - in case of breach.
I will take a look if this will work with Subscriber overriding.
Your solution is not going to work, I mean, If I'm, stubborn then yeah I write dirty code and make it work, but I prefer not to do so. The problems are:
DoctrineEncryptSubscriberInterface
, that makes it impossible to inject anything more,
call
to set DI via set
is not working in case of events,EncryptorInterface::secretKey
is private
Hi Volmarg,
I've added a dispatcher, and the EncryptKeyEvent::LOAD_KEY. Also made the secretKey protected, and added a public setter method if you want to do it that way,
Let me know how you get on in master before I tag.
Thx, will check that out most likely on beginning of next week, or in this if will find a moment - I'm rather out of time now.
Did this enhancement work for you Volmarg? I'll close the issue shortly.
Hey, Volmarg here - writing from temporary account (as I'm only logged in on linux os - sitting on Windows, not switching to linux for a while - on holidays as well).
I've tested it only a bit week ago, and it didn't fully worked - there were some issues with missing use class in few places. I can't tell where and so on as I don't have access to code now, dunno when I will have it - maybe today at night or in next week.
So, in OpenSslEncryptor
You are missing:
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use SpecShaper\EncryptBundle\Event\EncryptKeyEvent;
use SpecShaper\EncryptBundle\Event\EncryptKeyEvents;
besides just saying but now You got 2 pretty much same classes
EncryptKeyEvent
and EncryptKeyEvents
, which in terms of naming are hard to distinguish one from another.
With the fixes provided above (missing use
) it works as intended.
Cheers Volmarg.
Hello,
Regarding the: https://github.com/mogilvie/EncryptBundle/issues/15
So I generally struggled for a longer moment with assigning container parameters dynamically but there is no simple way to go with this, would need to really make some ugly stuff which I want to avoid so I got other solution, which I've briefly tested and works.
Let me know if You would be interested in having this in Your project and if So then I will provide MR in some free time.
Solution: Adding new Event
BeforeCreateEncryptionServiceListener
If You don't want this at all then please close the issue and I will just add this to my project via composer patcher package.
Oh yeah there is a bug on screenshot - but anyway just tested it briefly so it doesnt matter atm.