mardi 29 janvier 2019

How can I dynamically change the keys that Crypt uses in Laravel?

I have been researching how to use Laravel Encryption as building a homestead encryption platform is frowned upon and rightfully so.

Illuminate\Support\Facades\Crypt::encryptString('This is a secret message from user 1 to user 2');

Take the above example, this is using my APP_KEY which derives from my .env file, generation previously by php artisan key:generate. The issue is that user 1 is never issued two sets of keys to communicate only to user 2. User 3, 4 and so on could still read this message using the Illuminate\Support\Facades\Crypt::decryptString method.

Currently, my database is set up to have a chat header. This contains information about what is communicating. All participants will use these keys for encryption and decryption - thus any outside users not being able to decrypt the messages.

public function up()
{
    Schema::create('chat_headers', function(Blueprint $table) {
        $table->increments('id');

        $table->timestamp('created_at')->default(DB::raw('CURRENT_TIMESTAMP'));
        $table->timestamp('updated_at')->default(DB::raw('CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP'));

        $table->string('private_key')->unique();
        $table->string('public_key')->unique();
    });
}

I also have a chat participants, this contains information about who is communicating:

public function up()
{
    Schema::create('chat_participants', function(Blueprint $table) {
        $table->increments('id');

        $table->timestamp('created_at')->default(DB::raw('CURRENT_TIMESTAMP'));
        $table->timestamp('updated_at')->default(DB::raw('CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP'));

        $table->integer('user_id')->unsigned();

        # TODO: Build RBAC

        $table->index(['user_id']);
        $table->foreign('user_id')->references('id')->on('users')->onDelete('cascade');
    });
}

Finally, I have a table for message logs. This contains the encrypted message followed by what chat room they're associating with.

public function up()
{
    Schema::create('chat_messages', function(Blueprint $table) {
        $table->increments('id');

        $table->timestamp('created_at')->default(DB::raw('CURRENT_TIMESTAMP'));
        $table->timestamp('updated_at')->default(DB::raw('CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP'));

        $table->integer('chat_id')->unsigned();
        $table->string('message');

        $table->index(['chat_id']);
        $table->foreign('chat_id')->references('id')->on('chat_headers')->onDelete('cascade');
    });
}

How can I dynamically assign new keys to the Illuminate\Support\Facades\Crypt to use in order to encrypt messages between a chat party?



via Chebli Mohamed

Aucun commentaire:

Enregistrer un commentaire