Merge pull request #79 from patchlevel/optional-encrypted-field-name

DavidBadura · web-flow · commit c1d88b0ed8e1 · 2025-04-10T22:28:42.000+02:00
make encrypted field names optional
diff --git a/README.md b/README.md
@@ -518,10 +518,14 @@ use Patchlevel\Hydrator\Metadata\Event\EventMetadataFactory;
 use Patchlevel\Hydrator\MetadataHydrator;
 
 $cipherKeyStore = new InMemoryCipherKeyStore();
-$cryptographer = PersonalDataPayloadCryptographer::createWithOpenssl($cipherKeyStore);
+$cryptographer = PersonalDataPayloadCryptographer::createWithOpenssl($cipherKeyStore, true);
 $hydrator = new MetadataHydrator(cryptographer: $cryptographer);
 ```
 
+> [!WARNING]
+> We recommend to use the `useEncryptedFieldName` option to recognize encrypted fields.
+> This allows data to be encrypted later without big troubles.
+
 #### Cipher Key Store
 
 The keys must be stored somewhere. For testing purposes, we offer an in-memory implementation.
diff --git a/src/Cryptography/PersonalDataPayloadCryptographer.php b/src/Cryptography/PersonalDataPayloadCryptographer.php
@@ -23,7 +23,8 @@ public function __construct(
         private readonly CipherKeyStore $cipherKeyStore,
         private readonly CipherKeyFactory $cipherKeyFactory,
         private readonly Cipher $cipher,
-        private readonly bool $fallbackWithoutPrefix = true,
+        private readonly bool $useEncryptedFieldName = false,
+        private readonly bool $fallbackToFieldName = false,
     ) {
     }
 
@@ -52,11 +53,19 @@ public function encrypt(ClassMetadata $metadata, array $data): array
                 continue;
             }
 
-            $data[$propertyMetadata->encryptedFieldName()] = $this->cipher->encrypt(
+            $targetFieldName = $this->useEncryptedFieldName
+                ? $propertyMetadata->encryptedFieldName()
+                : $propertyMetadata->fieldName();
+
+            $data[$targetFieldName] = $this->cipher->encrypt(
                 $cipherKey,
                 $data[$propertyMetadata->fieldName()],
             );
 
+            if (!$this->useEncryptedFieldName) {
+                continue;
+            }
+
             unset($data[$propertyMetadata->fieldName()]);
         }
 
@@ -87,10 +96,10 @@ public function decrypt(ClassMetadata $metadata, array $data): array
                 continue;
             }
 
-            if (array_key_exists($propertyMetadata->encryptedFieldName(), $data)) {
+            if ($this->useEncryptedFieldName && array_key_exists($propertyMetadata->encryptedFieldName(), $data)) {
                 $rawData = $data[$propertyMetadata->encryptedFieldName()];
                 unset($data[$propertyMetadata->encryptedFieldName()]);
-            } elseif ($this->fallbackWithoutPrefix) {
+            } elseif (!$this->useEncryptedFieldName || $this->fallbackToFieldName) {
                 $rawData = $data[$propertyMetadata->fieldName()];
             } else {
                 continue;
@@ -144,11 +153,15 @@ private function subjectId(ClassMetadata $metadata, array $data): string|null
     public static function createWithOpenssl(
         CipherKeyStore $cryptoStore,
         string $method = OpensslCipherKeyFactory::DEFAULT_METHOD,
+        bool $useEncryptedFieldName = false,
+        bool $fallbackToFieldName = false,
     ): static {
         return new self(
             $cryptoStore,
             new OpensslCipherKeyFactory($method),
             new OpensslCipher(),
+            $useEncryptedFieldName,
+            $fallbackToFieldName,
         );
     }
 }
diff --git a/tests/Unit/Cryptography/PersonalDataPayloadCryptographerTest.php b/tests/Unit/Cryptography/PersonalDataPayloadCryptographerTest.php
@@ -77,7 +77,7 @@ public function testEncryptWithMissingKey(): void
 
         $result = $cryptographer->encrypt($this->metadata(PersonalDataProfileCreated::class), ['id' => 'foo', 'email' => 'info@patchlevel.de']);
 
-        self::assertEquals(['id' => 'foo', '!email' => 'encrypted'], $result);
+        self::assertEquals(['id' => 'foo', 'email' => 'encrypted'], $result);
     }
 
     public function testEncryptWithExistingKey(): void
@@ -109,6 +109,39 @@ public function testEncryptWithExistingKey(): void
 
         $result = $cryptographer->encrypt($this->metadata(PersonalDataProfileCreated::class), ['id' => 'foo', 'email' => 'info@patchlevel.de']);
 
+        self::assertEquals(['id' => 'foo', 'email' => 'encrypted'], $result);
+    }
+
+    public function testEncryptWithExistingKeyEncryptedFieldName(): void
+    {
+        $cipherKey = new CipherKey(
+            'foo',
+            'bar',
+            'baz',
+        );
+
+        $cipherKeyStore = $this->prophesize(CipherKeyStore::class);
+        $cipherKeyStore->get('foo')->willReturn($cipherKey);
+        $cipherKeyStore->store('foo', Argument::type(CipherKey::class))->shouldNotBeCalled();
+
+        $cipherKeyFactory = $this->prophesize(CipherKeyFactory::class);
+        $cipherKeyFactory->__invoke()->shouldNotBeCalled();
+
+        $cipher = $this->prophesize(Cipher::class);
+        $cipher
+            ->encrypt($cipherKey, 'info@patchlevel.de')
+            ->willReturn('encrypted')
+            ->shouldBeCalledOnce();
+
+        $cryptographer = new PersonalDataPayloadCryptographer(
+            $cipherKeyStore->reveal(),
+            $cipherKeyFactory->reveal(),
+            $cipher->reveal(),
+            true,
+        );
+
+        $result = $cryptographer->encrypt($this->metadata(PersonalDataProfileCreated::class), ['id' => 'foo', 'email' => 'info@patchlevel.de']);
+
         self::assertEquals(['id' => 'foo', '!email' => 'encrypted'], $result);
     }
 
@@ -148,10 +181,9 @@ public function testDecryptWithMissingKey(): void
             $cipherKeyStore->reveal(),
             $cipherKeyFactory->reveal(),
             $cipher->reveal(),
-            false,
         );
 
-        $result = $cryptographer->decrypt($this->metadata(PersonalDataProfileCreated::class), ['id' => 'foo', '!email' => 'encrypted']);
+        $result = $cryptographer->decrypt($this->metadata(PersonalDataProfileCreated::class), ['id' => 'foo', 'email' => 'encrypted']);
 
         self::assertEquals(['id' => 'foo', 'email' => new Email('unknown')], $result);
     }
@@ -181,15 +213,14 @@ public function testDecryptWithInvalidKey(): void
             $cipherKeyStore->reveal(),
             $cipherKeyFactory->reveal(),
             $cipher->reveal(),
-            false,
         );
 
-        $result = $cryptographer->decrypt($this->metadata(PersonalDataProfileCreated::class), ['id' => 'foo', '!email' => 'encrypted']);
+        $result = $cryptographer->decrypt($this->metadata(PersonalDataProfileCreated::class), ['id' => 'foo', 'email' => 'encrypted']);
 
         self::assertEquals(['id' => 'foo', 'email' => new Email('unknown')], $result);
     }
 
-    public function testDecryptWithExistingKey(): void
+    public function testDecryptWithValidKey(): void
     {
         $cipherKey = new CipherKey(
             'foo',
@@ -217,12 +248,45 @@ public function testDecryptWithExistingKey(): void
             false,
         );
 
+        $result = $cryptographer->decrypt($this->metadata(PersonalDataProfileCreated::class), ['id' => 'foo', 'email' => 'encrypted']);
+
+        self::assertEquals(['id' => 'foo', 'email' => 'info@patchlevel.de'], $result);
+    }
+
+    public function testDecryptWithValidKeyAndEncryptedFieldName(): void
+    {
+        $cipherKey = new CipherKey(
+            'foo',
+            'bar',
+            'baz',
+        );
+
+        $cipherKeyStore = $this->prophesize(CipherKeyStore::class);
+        $cipherKeyStore->get('foo')->willReturn($cipherKey);
+        $cipherKeyStore->store('foo', Argument::type(CipherKey::class))->shouldNotBeCalled();
+
+        $cipherKeyFactory = $this->prophesize(CipherKeyFactory::class);
+        $cipherKeyFactory->__invoke()->shouldNotBeCalled();
+
+        $cipher = $this->prophesize(Cipher::class);
+        $cipher
+            ->decrypt($cipherKey, 'encrypted')
+            ->willReturn('info@patchlevel.de')
+            ->shouldBeCalledOnce();
+
+        $cryptographer = new PersonalDataPayloadCryptographer(
+            $cipherKeyStore->reveal(),
+            $cipherKeyFactory->reveal(),
+            $cipher->reveal(),
+            true,
+        );
+
         $result = $cryptographer->decrypt($this->metadata(PersonalDataProfileCreated::class), ['id' => 'foo', '!email' => 'encrypted']);
 
         self::assertEquals(['id' => 'foo', 'email' => 'info@patchlevel.de'], $result);
     }
 
-    public function testDecryptWithoutPrefixField(): void
+    public function testDecryptWithValidKeyAndEncryptedFieldNameWithoutEncryptedData(): void
     {
         $cipherKey = new CipherKey(
             'foo',
@@ -243,15 +307,15 @@ public function testDecryptWithoutPrefixField(): void
             $cipherKeyStore->reveal(),
             $cipherKeyFactory->reveal(),
             $cipher->reveal(),
-            false,
+            true,
         );
 
         $result = $cryptographer->decrypt($this->metadata(PersonalDataProfileCreated::class), ['id' => 'foo', 'email' => 'info@patchlevel.de']);
 
         self::assertEquals(['id' => 'foo', 'email' => 'info@patchlevel.de'], $result);
     }
 
-    public function testDecryptWithFallbackWithoutPrefix(): void
+    public function testDecryptWithValidKeyAndEncryptedFieldNameAndFallbackFieldName(): void
     {
         $cipherKey = new CipherKey(
             'foo',
@@ -276,6 +340,8 @@ public function testDecryptWithFallbackWithoutPrefix(): void
             $cipherKeyStore->reveal(),
             $cipherKeyFactory->reveal(),
             $cipher->reveal(),
+            true,
+            true,
         );
 
         $result = $cryptographer->decrypt($this->metadata(PersonalDataProfileCreated::class), ['id' => 'foo', 'email' => 'encrypted']);
