liyu/signature

v0.4.1 2018-09-06 12:28 UTC

README

Use HMAC or RSA to sign data for Laravel and lumen;

Latest Stable Version Total Downloads StyleCI

Install

For Laravel < 5.5, please use the tag 0.2.10

laravel

composer require liyu/signature

lumen

  • bootstrap/app.php

      $app->register(Liyu\Signature\Facade\Signature::class);
    

config

  • you can use these in your ENV

      // default driver
      SIGNATURE_DRIVER
    
      // hmac algo and key
      SIGNATURE_HMAC_ALGO (default sha256)
      SIGNATURE_HMAC_KEY (default null)
    
      // rsa algo, public_key, private_key
      SIGNATURE_RSA_ALGO (default sha256)
      SIGNATURE_RSA_PUBLIC_KEY
      SIGNATURE_RSA_PRIVATE_KEY
    
  • if you want to use config

      laravel
      php artisan vendor:publish
    
      lumen
      copy vendor/liyu/signature/src/config/config.php config/signature.php
    

Usage

sign

$signature = Signature::sign('foobar');

$signature = Signature::setKey('foobar')->sign(['foo'=>'bar']);

$signature = Signature::signer('hmac')
    ->setAlgo('sha256')
    ->setKey('foobar')
    ->sign(['foo'=>'bar']);

$signature = Signature::signer('rsa')
    ->setPrivateKey('./private.pem')
    ->sign(['foo'=>'bar']);

verify

// true or false

Signature::verify($signature, 'foobar');

Signature::setKey('foobar')->verify($signature, ['foo'=>'bar']);

Signature::signer('hmac')
    ->setAlgo('sha256')
    ->setKey('foobar')
    ->verify($sign, ['foo'=>'bar']);

Signature::signer('rsa')
    ->setPublicKey('./public.pem')
    ->verify($signature, ['foo'=>'bar']);

Sign Steps

  • convert array data

      // origin
      $data = [
          'z' => 1,
          'a' => [
              'c' => 'c',
              'b' => 'b',
              'a' => [
                  'b' => 'b',
                  'a' => 'a'
              ]
          ],
      ];
    
      // ksort and convert to string
      $data = [
          'a' => [
              'a' => [
                  'a' => 'a'
                  'b' => 'b',
              ]
              'b' => 'b',
              'c' => 'c',
          ],
          'z' => '1',
      ];
    
      // json_encode
      {"a":{"a":{"a":"a","b":"b"},"b":"b","c":"c"},"z":"1"}
    
  • sign string。

      hmac  => hmac($algo, $convertData, $key);
      // outputs lowercase hexits
    
      rsa => base64_encode(openssl_sign_string);
    

License

MIT LICENSE