codecollab/encryption

Encryption package of the CodeCollab project

Encryption

Encryption package of the CodeCollab project, _(*1)

, _(*2)

Requirements

PHP7+, _(*3)

Installation

Include the library in your project using composer:, _(*4)

{
    "require-dev": {
        "codecollab/encryption": "^2"
    }
}

Usage

This library provides common interfaces and exceptions for handling crypto in your applications., _(*5)

Generating key

Before being able to encrypt/decrypt data a key needs to be generated / added. To generate a new key use:, _(*6)

$key = (new \CodeCollab\Encryption\Defusev2\Key())->generate();

Note: keys should always be stored in a secure location and should never be made public., _(*7)

Note: all key share the common CodeCollab\Encryption\Key interface., _(*8)

Encrypting

$encryptedData = (new \CodeCollab\Encryption\Defusev2\Encryptor($key))->encrypt('the data to encrypt');

Note: all encryptors share the common CodeCollab\Encryption\Encryptor interface., _(*9)

Decrypting

$decryptedData = (new \CodeCollab\Encryption\Defusev2\Decryptor($key))->decrypt($encryptedData);

Note: all decryptors share the common CodeCollab\Encryption\Decryptor interface., _(*10)

To decrypt old data encrypted with v1* of this library use the deprecated:, _(*11)

$decryptedData = (new \CodeCollab\Encryption\Defuse\Decryptor($key))->decrypt($encryptedData);

Using your current key. For newly encrypted data create a new and separate key., _(*12)

Exceptions

This library may emit two different exceptions:, _(*13)

• \CodeCollab\Encryption\CryptoException
• \CodeCollab\Encryption\FraudException

It is important to properly handle these exceptions in your applications., _(*14)

CryptoException

This exception gets thrown when a key could not be generated or when a message could not be en- / decrypted because of system errors., _(*15)

FraudException

This exception gets thrown when there has been suspected tampering with messages. This exception should be handled like the message has been tampered with and precautions should be taken., _(*16)

Upgrading

When upgrading from from v1* to v2* of this library there are breaking changes., _(*17)

It's not possible anymore to generate a new key or encrypt data using the obsolete CodeCollab\Encryption\Defuse\Key and CodeCollab\Encryption\Defuse\Encrypt classes., _(*18)

The CodeCollab\Encryption\Defuse package has been superseded by the ``CodeCollab\Encryption\Defusev2` package., _(*19)

Decrypting of data is still possible using the deprecated CodeCollab\Encryption\Defuse\Decrypt::decrypt() method and will be for the foreseeable future., _(*20)

It is however strongly advised to re-encrypt old data using the new CodeCollab\Encryption\Defusev2 package., _(*21)

The workflow for this will be:, _(*22)

• Generate a new key using the new CodeCollab\Encryption\Defusev2\Key::generate() method (But don't overwrite the current key yet!)
• Decrypt the data using the current key and the CodeCollab\Encryption\Defuse\Decrypt::decrypt() method
• Encrypt the data using the new CodeCollab\Encryption\Defusev2\Encrypt::encrypt() method with the newly generate key
• Newly encrypted data can now be decrypted using the new CodeCollab\Encryption\Defusev2\Decrypt::decrypt() method

Contributing

How to contribute, _(*23)

License

MIT, _(*24)

Security issues

If you found a security issue please contact directly by mail instead of using the issue tracker at codecollab-security@pieterhordijk.com, _(*25)