IronCore Labs Home
  1. Docs
  2. SaaS Shield
  3. Suite
  4. SDKs
  5. PHP
  1. Docs
  2. SaaS Shield
  3. Suite
  4. SDKs
  5. PHP

Tenant Security Client PHP

The SDK is published to Packagist. Refer to their docs on how to add this library as a dependency to your existing PHP application. The minimum PHP version supported by this library is PHP 7.4.

Quickstart

This is a minimal example of round tripping a document.

PHP

<?php
declare(strict_types=1);
namespace IronCore;
use Exception;
use IronCore\Exception\TenantSecurityException;

// Initialize the SDK
$TSP_ADDRESS = "http://localhost:32804";
$API_KEY = getenv("API_KEY");
$tenantSecurityClient = new TenantSecurityClient($TSP_ADDRESS, $API_KEY);

$TENANT_ID = getenv("TENANT_ID");

// Create metadata used to associate this document to a tenant, name the document, and
// identify the service or user making the call
$metadata = new RequestMetadata($TENANT_ID, new IclFields("serviceOrUserId", "PII"), []);

// Create a map containing your data
$custRecord = [
    "ssn" => new Bytes("000-12-2345"),
    "address" => new Bytes("2825-519 Stone Creek Rd, Bozeman, MT 59715"),
    "name" => new Bytes("Jim Bridger")
];

// Use the SDK to encrypt the record
try {
    $encryptedResults = $tenantSecurityClient->encrypt($custRecord, $metadata);
} catch (Exception $e) {
    echo 'Caught exception: ',  $e->getMessage(), "\n";
    exit(1);
}

$edek = $encryptedResults->getEdek();
$encryptedDocument = $encryptedResults->getEncryptedFields();
// This is where you would persist the EDEK and encryptedDocument to your persistence layer
// Later, after you retrieve the EDEK and encryptedDocument from your persistence layer...
$retrievedEncryptedDocument = new EncryptedDocument($encryptedDocument, $edek);

try {
    $decryptedPlaintext = $tenantSecurityClient->decrypt($retrievedEncryptedDocument, $metadata);
} catch (Exception $e) {
    echo 'Caught exception: ',  $e->getMessage(), "\n";
    exit(1);
}
$decryptedValues = $decryptedPlaintext->getDecryptedFields();

Examples

Examples of using the Tenant Security Client SDK to protect sensitive data can be found on GitHub.

Docs

See the docs for a more complete register of all exposed classes and methods.

Changelog

The changelog can be viewed in the library repository.