From 28891224e5c909dbd5e0c6583eca89595d61758a Mon Sep 17 00:00:00 2001 From: Carnage Date: Mon, 3 Jul 2017 21:36:54 +0100 Subject: [PATCH 1/5] Added basis for key management --- src/Container/KeyContainer.php | 38 ++++++++++++++++++++++++++++ src/Setup.php | 19 ++++++++++++++ src/ValueObject/Key.php | 44 +++++++++++++++++++++++++++++++++ src/ValueObject/KeyIdentity.php | 34 +++++++++++++++++++++++++ 4 files changed, 135 insertions(+) create mode 100644 src/Container/KeyContainer.php create mode 100644 src/ValueObject/Key.php create mode 100644 src/ValueObject/KeyIdentity.php diff --git a/src/Container/KeyContainer.php b/src/Container/KeyContainer.php new file mode 100644 index 0000000..56a029c --- /dev/null +++ b/src/Container/KeyContainer.php @@ -0,0 +1,38 @@ +keys[$key->getIdentifier()->asString()] = $key; + } + + public function tagKey($tag, $id) + { + $this->keys[$tag] = $this->keys[$id]; + } + + public function get($id) + { + if (!$this->has($id)) { + throw NotFoundException::serviceNotFoundInContainer($id, $this->keys); + } + + return $this->keys[$id]; + } + + public function has($id): bool + { + return isset($this->keys[$id]); + } +} diff --git a/src/Setup.php b/src/Setup.php index 7dd1bf1..d5501cf 100644 --- a/src/Setup.php +++ b/src/Setup.php @@ -2,6 +2,7 @@ namespace Carnage\EncryptedColumn; +use Carnage\EncryptedColumn\Container\KeyContainer; use Carnage\EncryptedColumn\Container\VersionedContainer; use Carnage\EncryptedColumn\Dbal\EncryptedColumn; use Carnage\EncryptedColumn\Dbal\EncryptedColumnLegacySupport; @@ -10,6 +11,8 @@ use Carnage\EncryptedColumn\Serializer\LegacySerializer; use Carnage\EncryptedColumn\Serializer\PhpSerializer; use Carnage\EncryptedColumn\Service\EncryptionService; +use Carnage\EncryptedColumn\ValueObject\Key; +use Carnage\EncryptedColumn\ValueObject\KeyIdentity; use Doctrine\ORM\EntityManagerInterface; final class Setup @@ -17,6 +20,12 @@ final class Setup private $keyPath; private $enableLegacy = false; private $legacyKey; + private $keyContainer; + + public function __construct() + { + $this->keyContainer = new KeyContainer(); + } public function register(EntityManagerInterface $em) { @@ -31,12 +40,22 @@ public function enableLegacy(string $legacyKey) { $this->enableLegacy = true; $this->legacyKey = $legacyKey; + + $key = new Key($legacyKey); + $this->keyContainer->addKey($key); + $this->keyContainer->tagKey('legacy', $key->getIdentifier()->asString()); + return $this; } public function withKeyPath(string $keypath) { $this->keyPath = $keypath; + + $key = new Key($keypath); + $this->keyContainer->addKey($key); + $this->keyContainer->tagKey('default', $key->getIdentifier()->asString()); + return $this; } diff --git a/src/ValueObject/Key.php b/src/ValueObject/Key.php new file mode 100644 index 0000000..999aa67 --- /dev/null +++ b/src/ValueObject/Key.php @@ -0,0 +1,44 @@ +identifier = new KeyIdentity(Util::safeSubstr(hash('sha256', $keyInfo), 0, 8)); + $this->keyInfo = $keyInfo; + } + + /** + * @return KeyIdentity + */ + public function getIdentifier(): KeyIdentity + { + return $this->identifier; + } + + /** + * @return string + */ + public function getKeyInfo(): string + { + return $this->keyInfo; + } +} diff --git a/src/ValueObject/KeyIdentity.php b/src/ValueObject/KeyIdentity.php new file mode 100644 index 0000000..d827003 --- /dev/null +++ b/src/ValueObject/KeyIdentity.php @@ -0,0 +1,34 @@ +identity = $identity; + } + + /** + * @return string + */ + public function getIdentity(): string + { + return $this->identity; + } + + public function toString(): string + { + return $this->identity; + } + + public function equals(IdentityInterface $other): bool + { + return $other instanceof KeyIdentity && $this->identity === $other->identity; + } +} From b8fe40c43bf73bef49602d2fab50cf8ac8b7beb5 Mon Sep 17 00:00:00 2001 From: Carnage Date: Mon, 3 Jul 2017 22:29:27 +0100 Subject: [PATCH 2/5] Added keys to encryptor interface, service and vo --- src/Container/KeyContainer.php | 2 +- src/Dbal/EncryptedColumnLegacySupport.php | 3 ++- src/Encryptor/EncryptorInterface.php | 5 ++-- src/Encryptor/HaliteEncryptor.php | 29 +++++--------------- src/Encryptor/LegacyEncryptor.php | 16 +++--------- src/Service/EncryptionService.php | 20 ++++++++++---- src/Setup.php | 7 ++--- src/ValueObject/EncryptedColumn.php | 32 ++++++++++++++++++----- test/Functional/ReadWriteTest.php | 5 +++- 9 files changed, 66 insertions(+), 53 deletions(-) diff --git a/src/Container/KeyContainer.php b/src/Container/KeyContainer.php index 56a029c..645b5a6 100644 --- a/src/Container/KeyContainer.php +++ b/src/Container/KeyContainer.php @@ -14,7 +14,7 @@ final class KeyContainer implements ContainerInterface public function addKey(Key $key) { - $this->keys[$key->getIdentifier()->asString()] = $key; + $this->keys[$key->getIdentifier()->toString()] = $key; } public function tagKey($tag, $id) diff --git a/src/Dbal/EncryptedColumnLegacySupport.php b/src/Dbal/EncryptedColumnLegacySupport.php index 1e416b1..e8a6cf0 100644 --- a/src/Dbal/EncryptedColumnLegacySupport.php +++ b/src/Dbal/EncryptedColumnLegacySupport.php @@ -64,7 +64,8 @@ public function convertToPHPValue($value, AbstractPlatform $platform) 'data' => $value, 'classname' => ValueHolder::class, 'serializer' => 'legacy', - 'encryptor' => 'legacy' + 'encryptor' => 'legacy', + 'keyid' => 'legacy', ]; } diff --git a/src/Encryptor/EncryptorInterface.php b/src/Encryptor/EncryptorInterface.php index ef6b125..75b9907 100644 --- a/src/Encryptor/EncryptorInterface.php +++ b/src/Encryptor/EncryptorInterface.php @@ -3,10 +3,11 @@ namespace Carnage\EncryptedColumn\Encryptor; use Carnage\EncryptedColumn\Container\VersionedInterface; +use Carnage\EncryptedColumn\ValueObject\Key; interface EncryptorInterface extends VersionedInterface { - public function encrypt($data); + public function encrypt($data, Key $key); - public function decrypt($data); + public function decrypt($data, Key $key); } \ No newline at end of file diff --git a/src/Encryptor/HaliteEncryptor.php b/src/Encryptor/HaliteEncryptor.php index 8b13fac..d376a9a 100644 --- a/src/Encryptor/HaliteEncryptor.php +++ b/src/Encryptor/HaliteEncryptor.php @@ -4,32 +4,22 @@ use Carnage\EncryptedColumn\ValueObject\EncryptorIdentity; use Carnage\EncryptedColumn\ValueObject\IdentityInterface; -use ParagonIE\Halite\Halite; +use Carnage\EncryptedColumn\ValueObject\Key; use ParagonIE\Halite\KeyFactory; use ParagonIE\Halite\Symmetric; class HaliteEncryptor implements EncryptorInterface { const IDENTITY = 'halite'; - /** - * @var string - */ - private $keypath; - private $key; - - public function __construct($keypath) - { - $this->keypath = $keypath; - } - public function encrypt($data) + public function encrypt($data, Key $key) { - return Symmetric\Crypto::encrypt($data, $this->loadKey()); + return Symmetric\Crypto::encrypt($data, $this->loadKey($key)); } - public function decrypt($data) + public function decrypt($data, Key $key) { - return Symmetric\Crypto::decrypt($data, $this->loadKey()); + return Symmetric\Crypto::decrypt($data, $this->loadKey($key)); } public function getIdentifier(): IdentityInterface @@ -41,13 +31,8 @@ public function getIdentifier(): IdentityInterface * @return Symmetric\EncryptionKey * @throws \ParagonIE\Halite\Alerts\CannotPerformOperation */ - private function loadKey() + private function loadKey(Key $key) { - if ($this->key === null) { - $this->key = KeyFactory::loadEncryptionKey($this->keypath); - } - - return $this->key; + return KeyFactory::loadEncryptionKey($key->getKeyInfo()); } - } \ No newline at end of file diff --git a/src/Encryptor/LegacyEncryptor.php b/src/Encryptor/LegacyEncryptor.php index 7de0f83..801091f 100644 --- a/src/Encryptor/LegacyEncryptor.php +++ b/src/Encryptor/LegacyEncryptor.php @@ -5,32 +5,24 @@ use Carnage\EncryptedColumn\Exception\PopArtPenguinException; use Carnage\EncryptedColumn\ValueObject\EncryptorIdentity; use Carnage\EncryptedColumn\ValueObject\IdentityInterface; +use Carnage\EncryptedColumn\ValueObject\Key; use phpseclib\Crypt\Base; use phpseclib\Crypt\Rijndael; class LegacyEncryptor implements EncryptorInterface { const IDENTITY = 'legacy'; - /** - * @var string - */ - private $secret; - public function __construct($secret) - { - $this->secret = $secret; - } - - public function encrypt($data) + public function encrypt($data, Key $key) { throw new PopArtPenguinException(); } - public function decrypt($data) + public function decrypt($data, Key $key) { $cipher = new Rijndael(Base::MODE_ECB); $cipher->setBlockLength(256); - $cipher->setKey($this->secret); + $cipher->setKey($key->getKeyInfo()); $cipher->padding = false; return trim($cipher->decrypt(base64_decode($data))); diff --git a/src/Service/EncryptionService.php b/src/Service/EncryptionService.php index 3f11e70..dc35b35 100644 --- a/src/Service/EncryptionService.php +++ b/src/Service/EncryptionService.php @@ -37,6 +37,11 @@ class EncryptionService */ private $serializers; + /** + * @var ContainerInterface + */ + private $keys; + /** * EncryptionService constructor. * @param EncryptorInterface $encryptor @@ -48,12 +53,14 @@ public function __construct( EncryptorInterface $encryptor, SerializerInterface $serializer, ContainerInterface $encryptors, - ContainerInterface $serializers + ContainerInterface $serializers, + ContainerInterface $keys ) { $this->encryptor = $encryptor; $this->serializer = $serializer; $this->encryptors = $encryptors; $this->serializers = $serializers; + $this->keys = $keys; } public function decryptField(EncryptedColumnVO $value) @@ -90,13 +97,15 @@ public function encryptField($value): EncryptedColumnVO throw new \Exception('This column type only supports encrypting objects'); } - $data = $this->encryptor->encrypt($this->serializer->serialize($value)); + $key = $this->keys->get('default'); + $data = $this->encryptor->encrypt($this->serializer->serialize($value), $key); return new EncryptedColumnVO( get_class($value), $data, $this->encryptor->getIdentifier(), - $this->serializer->getIdentifier() + $this->serializer->getIdentifier(), + $key->getIdentifier() ); } @@ -108,10 +117,11 @@ private function createInitializer(EncryptedColumnVO $value): \Closure { $serializer = $this->serializers->get($value->getSerializerIdentifier()->toString()); $encryptor = $this->encryptors->get($value->getEncryptorIdentifier()->toString()); + $key = $this->keys->get($value->getKeyIdentifier()->toString()); - return function(& $wrappedObject, LazyLoadingInterface $proxy, $method, array $parameters, & $initializer) use ($serializer, $encryptor, $value) { + return function(& $wrappedObject, LazyLoadingInterface $proxy, $method, array $parameters, & $initializer) use ($serializer, $encryptor, $key, $value) { $initializer = null; - $wrappedObject = $serializer->unserialize($encryptor->decrypt($value->getData())); + $wrappedObject = $serializer->unserialize($encryptor->decrypt($value->getData(), $key)); return true; }; diff --git a/src/Setup.php b/src/Setup.php index d5501cf..2f69056 100644 --- a/src/Setup.php +++ b/src/Setup.php @@ -43,7 +43,7 @@ public function enableLegacy(string $legacyKey) $key = new Key($legacyKey); $this->keyContainer->addKey($key); - $this->keyContainer->tagKey('legacy', $key->getIdentifier()->asString()); + $this->keyContainer->tagKey('legacy', $key->getIdentifier()->toString()); return $this; } @@ -54,7 +54,7 @@ public function withKeyPath(string $keypath) $key = new Key($keypath); $this->keyContainer->addKey($key); - $this->keyContainer->tagKey('default', $key->getIdentifier()->asString()); + $this->keyContainer->tagKey('default', $key->getIdentifier()->toString()); return $this; } @@ -67,7 +67,8 @@ private function buildEncryptionService(): EncryptionService $encryptors->get(HaliteEncryptor::IDENTITY), $serializers->get(PhpSerializer::IDENTITY), $encryptors, - $serializers + $serializers, + $this->keyContainer ); } diff --git a/src/ValueObject/EncryptedColumn.php b/src/ValueObject/EncryptedColumn.php index ae2e52c..13c7f2a 100644 --- a/src/ValueObject/EncryptedColumn.php +++ b/src/ValueObject/EncryptedColumn.php @@ -26,22 +26,31 @@ class EncryptedColumn implements \JsonSerializable * @var SerializerIdentity */ private $serializer; + /** + * @var KeyIdentity + */ + private $key; /** * EncryptedColumn constructor. - * @param $classname - * @param $data + * @param string $classname + * @param string $data + * @param EncryptorIdentity $encryptor + * @param SerializerIdentity $serializer + * @param KeyIdentity $key */ public function __construct( string $classname, string $data, EncryptorIdentity $encryptor, - SerializerIdentity $serializer + SerializerIdentity $serializer, + KeyIdentity $key ) { $this->classname = $classname; $this->data = $data; $this->encryptor = $encryptor; $this->serializer = $serializer; + $this->key = $key; } public static function fromArray(array $data) @@ -53,7 +62,8 @@ public static function fromArray(array $data) $data['classname'], $data['data'], new EncryptorIdentity(HaliteEncryptor::IDENTITY), - new SerializerIdentity(PhpSerializer::IDENTITY) + new SerializerIdentity(PhpSerializer::IDENTITY), + new KeyIdentity('default') ); } @@ -61,7 +71,8 @@ public static function fromArray(array $data) $data['classname'], $data['data'], new EncryptorIdentity($data['encryptor']), - new SerializerIdentity($data['serializer']) + new SerializerIdentity($data['serializer']), + new KeyIdentity($data['keyid']) ); } @@ -71,7 +82,8 @@ public function jsonSerialize(): array 'classname' => $this->classname, 'data' => $this->data, 'encryptor' => $this->encryptor->toString(), - 'serializer' => $this->serializer->toString() + 'serializer' => $this->serializer->toString(), + 'keyid' => $this->key->toString(), ]; } @@ -107,6 +119,14 @@ public function getSerializerIdentifier(): SerializerIdentity return $this->serializer; } + /** + * @return KeyIdentity + */ + public function getKeyIdentifier(): KeyIdentity + { + return $this->key; + } + public function needsReencryption(EncryptorIdentity $encryptor, SerializerIdentity $serializer): bool { return $encryptor->equals($this->encryptor) && $serializer->equals($this->serializer); diff --git a/test/Functional/ReadWriteTest.php b/test/Functional/ReadWriteTest.php index 29e9ad9..044417d 100644 --- a/test/Functional/ReadWriteTest.php +++ b/test/Functional/ReadWriteTest.php @@ -9,6 +9,7 @@ namespace Carnage\EncryptedColumn\Tests; use Carnage\EncryptedColumn\Configuration; +use Carnage\EncryptedColumn\Setup as ECSetup; use Carnage\EncryptedColumn\Tests\Functional\Fixtures\CreditCardDetails; use Carnage\EncryptedColumn\Tests\Functional\Fixtures\Entity; use Doctrine\ORM\Tools\SchemaTool; @@ -45,7 +46,9 @@ public function setUp() self::$_em = EntityManager::create($conn, $config); - Configuration::register(self::$_em, __DIR__ . '/Fixtures/enc.key'); + (new ECSetup()) + ->withKeyPath( __DIR__ . '/Fixtures/enc.key') + ->register(self::$_em); $schemaTool = new SchemaTool(self::$_em); From c5ae7ee40c421eb16e6b28093ca375ff303b86eb Mon Sep 17 00:00:00 2001 From: Carnage Date: Mon, 3 Jul 2017 22:50:15 +0100 Subject: [PATCH 3/5] Cleanup of old code --- example/bootstrap.php | 4 ++- src/Configuration.php | 45 ----------------------------- src/ValueObject/EncryptedColumn.php | 12 -------- 3 files changed, 3 insertions(+), 58 deletions(-) delete mode 100644 src/Configuration.php diff --git a/example/bootstrap.php b/example/bootstrap.php index cfe5e53..69d9e3d 100644 --- a/example/bootstrap.php +++ b/example/bootstrap.php @@ -18,4 +18,6 @@ // obtaining the entity manager $entityManager = EntityManager::create($conn, $config); -\Carnage\EncryptedColumn\Configuration::register($entityManager, './enc.key'); \ No newline at end of file +(new \Carnage\EncryptedColumn\Setup()) + ->withKeyPath('./enc.key') + ->register($entityManager); \ No newline at end of file diff --git a/src/Configuration.php b/src/Configuration.php deleted file mode 100644 index 52edb89..0000000 --- a/src/Configuration.php +++ /dev/null @@ -1,45 +0,0 @@ -getConnection(); - $conn->getDatabasePlatform()->registerDoctrineTypeMapping( - EncryptedColumn::ENCRYPTED, - EncryptedColumn::ENCRYPTED - ); - } - - private static function buildEncryptionService(string $keypath): EncryptionService - { - $encryptors = self::buildEncryptorsContainer($keypath); - $serializers = self::buildSerilaizerContainer(); - return new EncryptionService( - $encryptors->get(HaliteEncryptor::IDENTITY), - $serializers->get(PhpSerializer::IDENTITY), - $encryptors, - $serializers - ); - } - - private static function buildEncryptorsContainer(string $keypath): VersionedContainer - { - return new VersionedContainer(new HaliteEncryptor($keypath)); - } - - private static function buildSerilaizerContainer(): VersionedContainer - { - return new VersionedContainer(new PhpSerializer()); - } -} \ No newline at end of file diff --git a/src/ValueObject/EncryptedColumn.php b/src/ValueObject/EncryptedColumn.php index 13c7f2a..a940edb 100644 --- a/src/ValueObject/EncryptedColumn.php +++ b/src/ValueObject/EncryptedColumn.php @@ -55,18 +55,6 @@ public function __construct( public static function fromArray(array $data) { - // If an old version has saved data, these fields won't be available - // Default to the only services available in V0.1 - if (!isset($data['serializer'])) { - return new self( - $data['classname'], - $data['data'], - new EncryptorIdentity(HaliteEncryptor::IDENTITY), - new SerializerIdentity(PhpSerializer::IDENTITY), - new KeyIdentity('default') - ); - } - return new self( $data['classname'], $data['data'], From ed4d5b2d83a97ba66281cc9e2233e61e94d1de3b Mon Sep 17 00:00:00 2001 From: Carnage Date: Tue, 4 Jul 2017 17:36:13 +0100 Subject: [PATCH 4/5] Added ability to setup additional keys + test of decrypt with old key --- src/Setup.php | 13 +++++++++++ test/Functional/Fixtures/enc-alt.key | 1 + test/Functional/ReadWriteTest.php | 34 +++++++++++++++++++++++++++- 3 files changed, 47 insertions(+), 1 deletion(-) create mode 100644 test/Functional/Fixtures/enc-alt.key diff --git a/src/Setup.php b/src/Setup.php index 2f69056..5501e07 100644 --- a/src/Setup.php +++ b/src/Setup.php @@ -59,6 +59,19 @@ public function withKeyPath(string $keypath) return $this; } + public function withKey(string $key, array $tags = []) + { + $key = new Key($key); + $keyId = $key->getIdentifier()->toString(); + $this->keyContainer->addKey($key); + + foreach ($tags as $tag) { + $this->keyContainer->tagKey($tag, $keyId); + } + + return $this; + } + private function buildEncryptionService(): EncryptionService { $encryptors = self::buildEncryptorsContainer(); diff --git a/test/Functional/Fixtures/enc-alt.key b/test/Functional/Fixtures/enc-alt.key new file mode 100644 index 0000000..2888f6f --- /dev/null +++ b/test/Functional/Fixtures/enc-alt.key @@ -0,0 +1 @@ +31400201bf84730414a7aa1acb562264a319cd56b7c41d76dc0606c05186e1575203911e7d447ea033b08735e3af9c50819c0e52775e1afa848bf2d87754ceb5f3be7f09eb579febe7710478e08f0e5d86067c8b31cce7cc3d8edfd62e9cff518f301278 \ No newline at end of file diff --git a/test/Functional/ReadWriteTest.php b/test/Functional/ReadWriteTest.php index 044417d..5948069 100644 --- a/test/Functional/ReadWriteTest.php +++ b/test/Functional/ReadWriteTest.php @@ -28,11 +28,21 @@ class ReadWriteTest extends \PHPUnit_Framework_TestCase */ private static $_em; + /** + * @var ECSetup + */ + private static $_setup; + /** * @var EntityManager */ private $em; + /** + * @var ECSetup + */ + private $setup; + public function setUp() { if (self::$_em === null) { @@ -46,7 +56,9 @@ public function setUp() self::$_em = EntityManager::create($conn, $config); - (new ECSetup()) + self::$_setup = new ECSetup(); + + self::$_setup ->withKeyPath( __DIR__ . '/Fixtures/enc.key') ->register(self::$_em); @@ -60,6 +72,7 @@ public function setUp() } $this->em = self::$_em; + $this->setup = self::$_setup; } public function testInsert() @@ -135,4 +148,23 @@ public function testUpdate() $this->assertNotEquals($savedData, json_decode($data[0]['creditCardDetails'])); } + + public function testReadAfterKeyChange() + { + $entity = new Entity(); + $creditCardDetails = new CreditCardDetails('1234567812345678', '04/19'); + $entity->setCreditCardDetails($creditCardDetails); + + $this->em->persist($entity); + $this->em->flush(); + + $this->em->clear(); + + $this->setup->withKey(__DIR__ . '/Fixtures/enc-alt.key', ['default']); + + $entity = $this->em->find(Entity::class, 1); + + $this->assertEquals($creditCardDetails->getNumber(), $entity->getCreditCardDetails()->getNumber()); + $this->assertEquals($creditCardDetails->getExpiry(), $entity->getCreditCardDetails()->getExpiry()); + } } \ No newline at end of file From 789ef1aa75946bbc092e6ddbfcf0e2ee8ff35f9b Mon Sep 17 00:00:00 2001 From: Carnage Date: Fri, 29 Sep 2017 22:10:36 +0100 Subject: [PATCH 5/5] Code review changes --- src/Container/KeyContainer.php | 4 ++-- src/Service/EncryptionService.php | 7 ------- src/ValueObject/EncryptedColumn.php | 9 +-------- src/ValueObject/Key.php | 10 ---------- 4 files changed, 3 insertions(+), 27 deletions(-) diff --git a/src/Container/KeyContainer.php b/src/Container/KeyContainer.php index 645b5a6..45a40e5 100644 --- a/src/Container/KeyContainer.php +++ b/src/Container/KeyContainer.php @@ -8,9 +8,9 @@ final class KeyContainer implements ContainerInterface { /** + * @var array */ - private $keys; - + private $keys = []; public function addKey(Key $key) { diff --git a/src/Service/EncryptionService.php b/src/Service/EncryptionService.php index dc35b35..62e6e5d 100644 --- a/src/Service/EncryptionService.php +++ b/src/Service/EncryptionService.php @@ -42,13 +42,6 @@ class EncryptionService */ private $keys; - /** - * EncryptionService constructor. - * @param EncryptorInterface $encryptor - * @param SerializerInterface $serializer - * @param ContainerInterface $encryptors - * @param ContainerInterface $serializers - */ public function __construct( EncryptorInterface $encryptor, SerializerInterface $serializer, diff --git a/src/ValueObject/EncryptedColumn.php b/src/ValueObject/EncryptedColumn.php index a940edb..25e1c02 100644 --- a/src/ValueObject/EncryptedColumn.php +++ b/src/ValueObject/EncryptedColumn.php @@ -26,19 +26,12 @@ class EncryptedColumn implements \JsonSerializable * @var SerializerIdentity */ private $serializer; + /** * @var KeyIdentity */ private $key; - /** - * EncryptedColumn constructor. - * @param string $classname - * @param string $data - * @param EncryptorIdentity $encryptor - * @param SerializerIdentity $serializer - * @param KeyIdentity $key - */ public function __construct( string $classname, string $data, diff --git a/src/ValueObject/Key.php b/src/ValueObject/Key.php index 999aa67..290fdb2 100644 --- a/src/ValueObject/Key.php +++ b/src/ValueObject/Key.php @@ -16,27 +16,17 @@ final class Key */ private $keyInfo; - /** - * Key constructor. - * @param $keyInfo - */ public function __construct(string $keyInfo) { $this->identifier = new KeyIdentity(Util::safeSubstr(hash('sha256', $keyInfo), 0, 8)); $this->keyInfo = $keyInfo; } - /** - * @return KeyIdentity - */ public function getIdentifier(): KeyIdentity { return $this->identifier; } - /** - * @return string - */ public function getKeyInfo(): string { return $this->keyInfo;