通过 
搜索
搜索tecnofit / auric-vault
一个简单的PHP SDK,用于使用AuricVault PCI/HIPAA合规的加密服务存储敏感数据。
这个包的规范存储库似乎已经消失,因此该包已被冻结。
1.0.0
2019-12-16 21:21 UTC
Requires
- php: >=7.1
- ext-json: *
- ext-mbstring: *
- guzzlehttp/guzzle: ^6.5
- psr/http-message: ^1.0
Requires (Dev)
This package is auto-updated.
Last update: 2022-08-21 18:19:46 UTC
README
AuricVault®令牌化服务是一个PCI和HIPAA合规的数据存储服务,将令牌与安全加密数据关联。加密数据可以存储、检索、更新和删除。
管理加密方法
这些方法允许服务处理所有加密和密钥管理需求。
- encrypt
- reencrypt
- decrypt
- delete-token
- token-info
- touch-token
安装
composer require tecnofit/auric-vault
凭证
为了向AuricVault发送请求,您必须配置访问凭证,可以是生产环境或沙盒。
<?php // We consider that there is already a registered PSR-4 compatible autoloader use Tecnofit\AuricVault\Credentials; use Tecnofit\AuricVault\Environments\Sandbox; use Tecnofit\AuricVault\Hmacs\Sha512; /* Production environment: */ $credentials = new Credentials('CONFIGURATION', 'MTID', new Sha512('SECRET_KEY')); /* Sandbox environment: */ $credentials = new Credentials('CONFIGURATION', 'MTID', new Sha512('SECRET_KEY'), new Sandbox());
加密
加密明文值并返回生成的令牌。生成的令牌存储在保险库中。last4参数是可选的。
<?php // We consider that a PSR-4 compatible autoloader already exists and the credentials have been set to $credentials use Tecnofit\AuricVault\Requests\Encrypt\EncryptService; use Tecnofit\AuricVault\Retention; try { $encryptService = new EncryptService($credentials); $requestEncrypt = $encryptService->createEncryptBuilder() ->setId(1) ->setSegment('543') ->setRetention(Retention::BIG_YEAR) // Or Retention::FOREVER ->setLast4('1111') // The last4 parameter is optional. ->setPlaintextValue('4111111111111111'); $response = $encryptService->send($requestEncrypt); var_dump($response->getToken()); // "Jyhj3GfKZv0F7Vb1111" } catch (\Tecnofit\AuricVault\Exceptions\ClientException $e) { var_dump($e->getResponse()->getBody()->getContents()); } catch (\Tecnofit\AuricVault\Exceptions\BadRequestException $e) { var_dump($e->getMessage()); }
使用现有令牌加密
加密明文值并使用传入的令牌标识符存储它。这允许您将现有的令牌迁移到AuricVault®服务,并在您的数据库中保持相同的令牌标识符。
<?php // We consider that a PSR-4 compatible autoloader already exists and the credentials have been set to $credentials use Tecnofit\AuricVault\Requests\Encrypt\EncryptService; use Tecnofit\AuricVault\Retention; try { $encryptService = new EncryptService($credentials); $requestEncrypt = $encryptService->createEncryptBuilder() ->setId(1) ->setSegment('543') ->setRetention(Retention::BIG_YEAR) // Or Retention::FOREVER ->setPlaintextValue('4111111111111111') ->setToken('SBLIQRPSCBNYQRBFYMH'); $response = $encryptService->send($requestEncrypt); var_dump($response->getToken()); // "SBLIQRPSCBNYQRBFYMH" } catch (\Tecnofit\AuricVault\Exceptions\ClientException $e) { var_dump($e->getResponse()->getBody()->getContents()); } catch (\Tecnofit\AuricVault\Exceptions\BadRequestException $e) { var_dump($e->getMessage()); }
重新加密
提交新的明文数据以加密现有令牌。
<?php // We consider that a PSR-4 compatible autoloader already exists and the credentials have been set to $credentials use Tecnofit\AuricVault\Requests\Reencrypt\ReencryptService; use Tecnofit\AuricVault\Retention; try { $reencryptService = new ReencryptService($credentials); $requestReencrypt = $reencryptService->createReencryptBuilder() ->setId(1) ->setSegment('543') ->setRetention(Retention::BIG_YEAR) // Or Retention::FOREVER ->setPlaintextValue('4111111111111111') ->setToken('JVY1hlZ9qQ0UsJf1111'); $response = $reencryptService->send($requestReencrypt); var_dump($response); // Return object "\Tecnofit\AuricVault\Requests\Reencrypt\ReencryptResponse" } catch (\Tecnofit\AuricVault\Exceptions\ClientException $e) { var_dump($e->getResponse()->getBody()->getContents()); } catch (\Tecnofit\AuricVault\Exceptions\BadRequestException $e) { var_dump($e->getMessage()); }
解密
检索解密后的明文。
<?php // We consider that a PSR-4 compatible autoloader already exists and the credentials have been set to $credentials use Tecnofit\AuricVault\Requests\Decrypt\DecryptService; try { $decryptService = new DecryptService($credentials); $requestDecrypt = $decryptService->createDecryptBuilder() ->setToken('DAiO2uurxd0GllMrld!'); $response = $decryptService->send($requestDecrypt); var_dump($response->getPlaintextValue()); // Sample Unicode: Héllø World! } catch (\Tecnofit\AuricVault\Exceptions\ClientException $e) { var_dump($e->getResponse()->getBody()->getContents()); } catch (\Tecnofit\AuricVault\Exceptions\BadRequestException $e) { var_dump($e->getMessage()); }
删除令牌
删除先前存储的令牌。
服务对于找不到的令牌和存在但您无权访问的令牌都会返回相同的信息。这确保令牌的存在不会泄露给不应访问数据的第三方。
<?php // We consider that a PSR-4 compatible autoloader already exists and the credentials have been set to $credentials use Tecnofit\AuricVault\Requests\Delete\DeleteService; try { $deleteService = new DeleteService($credentials); $requestDelete = $deleteService->createDeleteBuilder() ->setToken('e7c469cf-45fa-4d29-9b36-054cabe40e67'); $response = $deleteService->send($requestDelete); var_dump($response); // Return object "\Tecnofit\AuricVault\Requests\Delete\DeleteResponse" } catch (\Tecnofit\AuricVault\Exceptions\ClientException $e) { var_dump($e->getResponse()->getBody()->getContents()); } catch (\Tecnofit\AuricVault\Exceptions\BadRequestException $e) { var_dump($e->getMessage()); }
令牌信息
检索有关令牌的信息。这对于在无需检索实际数据的情况下确定令牌是否存在于系统中很有用。
<?php // We consider that a PSR-4 compatible autoloader already exists and the credentials have been set to $credentials use Tecnofit\AuricVault\Requests\Info\InfoService; try { $infoService = new InfoService($credentials); $requestInfo = $infoService->createInfoBuilder() ->setToken('Uvsr6MLnPb0G5E7rypt'); $response = $infoService->send($requestInfo); echo $response->getVersion(); // 2.1 echo $response->getElapsedTime(); // 0.0059 var_dump($response->getLastAccessedDate()); // /DateTimeInterface var_dump($response->getTokenCreatedDate()); // /DateTimeInterface echo $response->getRetention(); // big-year echo $response->getSegment(); // 543 var_dump($response->isTokenExists()); // true var_dump($response->isVaultEncrypted()); // true } catch (\Tecnofit\AuricVault\Exceptions\ClientException $e) { var_dump($e->getResponse()->getBody()->getContents()); } catch (\Tecnofit\AuricVault\Exceptions\BadRequestException $e) { var_dump($e->getMessage()); }
触摸令牌
touch_token方法与token_info方法类似,但它会更新令牌的最后访问日期时间戳。此方法用于将保留期的开始重置为当前日期/时间。
<?php // We consider that a PSR-4 compatible autoloader already exists and the credentials have been set to $credentials use Tecnofit\AuricVault\Requests\Touch\TouchService; try { $touchService = new TouchService($credentials); $requestTouch = $touchService->createTouchBuilder() ->setToken('e5f8ab2a-c8b5-4ab8-acbd-d2501a30b617'); $response = $touchService->send($requestTouch); echo $response->getVersion(); // 2.1 echo $response->getElapsedTime(); // 0.0059 var_dump($response->getLastAccessedDate()); // /DateTimeInterface var_dump($response->getTokenCreatedDate()); // /DateTimeInterface echo $response->getRetention(); // big-year echo $response->getSegment(); // 543 var_dump($response->isTokenExists()); // true var_dump($response->isVaultEncrypted()); // true } catch (\Tecnofit\AuricVault\Exceptions\ClientException $e) { var_dump($e->getResponse()->getBody()->getContents()); } catch (\Tecnofit\AuricVault\Exceptions\BadRequestException $e) { var_dump($e->getMessage()); }
许可
MIT许可(MIT)。请参阅许可文件以获取更多信息。