ezimuel / phpcrypto
Cryptographic library for PHP 7 based on OpenSSL
Installs: 15 941
Dependents: 0
Suggesters: 0
Security: 0
Stars: 12
Watchers: 2
Forks: 4
Open Issues: 0
Requires
- php: >=7.0
- ext-openssl: *
Requires (Dev)
- phpunit/phpunit: ^4.7
This package is auto-updated.
Last update: 2024-11-24 00:37:26 UTC
README
About
This is a cryptography library for PHP 7. It's based on OpenSSL and provides the following features:
- Symmetric encryption and authentication (AES + HMAC-SHA256 as default);
- Public Key cryptography (management keys, encryption/decryption)
- Hybrid encryption using symmetric and public key (OpenPGP like)
Version
As this software is ALPHA, Use at your own risk!
Usage
The usage is quite straightforward, after installing the library using composer:
composer require ezimuel/phpcrypto:dev-master
You can consume the following classes Symmetric, PublicKey and Hybrid for symmetric encryption, public key and hybrid encryption.
For instance, if you want to encrypt a string in a symmetric way, you can use the following code:
use PHPCrypto\Symmetric; $plaintext = 'Text to encrypt'; $key = '123456789012'; // This can be also a user's password we generate a new // one for encryption using PBKDF2 algorithm $cipher = new Symmetric(); // AES + HMAC-SHA256 by default $cipher->setKey($key); $ciphertext = $cipher->encrypt($plaintext); // or passing the $key as optional paramter // $ciphertext = $cipher->encrypt($plaintext, $key); $result = $cipher->decrypt($ciphertext); // or passing the $key as optional paramter // $result = $cipher->decrypt($ciphertext, $key); print ($result === $plaintext) ? "OK" : "FAILURE";
SECURITY BEST PRACTICES
In this project we used the following security best practices:
-
Min size of user's key for encryption set to 12
-
Use of PBKDF2 to generate the encryption and authentication key. Set the default iteration number to 80'000 (min 20'000)
Source: https://goo.gl/bzv4dK
-
Encryption-then-authentication using HMAC
-
Use of OAEP padding for OpenSSL public key encryption
TO DO
- encrypt/decrypt functions in PublicKey
- sign/verify functions for digital signature in PublicKey
- support multiple keys in Hybrid schema
- Ca management in public key schemas
NOTES ABOUT OPENSSL EXTENSION
Here I reported some notes about the OpenSSL PHP extension usage:
- it will be nice to have the openssl_cipher_key_size() function to get the key size of the specific cipher choosen;
Copyright
Copyright 2016 by Enrico Zimuel
The license usage is reported in the LICENSE file.