Permit empty attributes on decrypt (configurable)

paragonie · Jan 15, 2023 · 1200bc3 · 1200bc3
1 parent d0e5b68
commit 1200bc3
Show file tree

Hide file tree

Showing 3 changed files with 45 additions and 0 deletions.
diff --git a/src/EncryptedMultiRows.php b/src/EncryptedMultiRows.php
@@ -29,6 +29,11 @@ class EncryptedMultiRows
      */
     protected $tables = [];
 
+    /**
+     * @var ?bool $permitEmpty
+     */
+    protected $permitEmpty = null;
+
     /**
      * EncryptedFieldSet constructor.
      *
@@ -432,6 +437,9 @@ public function getEncryptedRowObjectForTable($tableName = '')
         /** @var EncryptedRow $encryptedRow */
         $encryptedRow = $this->tables[$tableName];
         $encryptedRow->setTypedIndexes($this->typedIndexes);
+        if (!is_null($this->permitEmpty)) {
+            $encryptedRow->setPermitEmtpy($this->permitEmpty);
+        }
         return $encryptedRow;
     }
 

diff --git a/src/EncryptedRow.php b/src/EncryptedRow.php
@@ -7,6 +7,7 @@
 use ParagonIE\CipherSweet\Exception\BlindIndexNotFoundException;
 use ParagonIE\CipherSweet\Exception\CipherSweetException;
 use ParagonIE\CipherSweet\Exception\CryptoOperationException;
+use ParagonIE\CipherSweet\Exception\EmptyFieldException;
 use ParagonIE\CipherSweet\Exception\InvalidCiphertextException;
 use ParagonIE\ConstantTime\Hex;
 use SodiumException;
@@ -49,6 +50,11 @@ class EncryptedRow
      */
     protected $blindIndexes = [];
 
+    /**
+     * @var bool $permitEmpty
+     */
+    protected $permitEmpty = false;
+
     /**
      * @var bool $typedIndexes
      */
@@ -379,6 +385,12 @@ public function decryptRow(array $row)
                 $this->tableName,
                 $field
             );
+            if (!array_key_exists($field, $row)) {
+                if (!$this->permitEmpty) {
+                    throw new EmptyFieldException('Field not defined in row: ' . $field);
+                }
+                continue;
+            }
             if (\is_null($row[$field])) {
                 $return[$field] = null;
                 continue;
@@ -765,6 +777,24 @@ public function setFlatIndexes($bool)
         return $this;
     }
 
+    /**
+     * @return bool
+     */
+    public function getPermitEmpty()
+    {
+        return $this->permitEmpty;
+    }
+
+    /**
+     * @param $permitted
+     * @return static
+     */
+    public function setPermitEmpty($permitted)
+    {
+        $this->permitEmpty = !empty($permitted);
+        return $this;
+    }
+
     /**
      * @return bool
      */

diff --git a/src/Exception/EmptyFieldException.php b/src/Exception/EmptyFieldException.php
@@ -0,0 +1,7 @@
+<?php
+namespace ParagonIE\CipherSweet\Exception;
+
+class EmptyFieldException extends CipherSweetException
+{
+
+}