crecket/secure-functions

Secure-functions makes it easier to secure functionality

secure-functions

, _(*1)

A collection of functions which can be used for security purposes., _(*2)

Instalation

Composer

Install through composer and require the autoloader., _(*3)

composer require crecket/secure-functions, _(*4)

Manual

Download the files and require them in your project., _(*5)

require '/secure-functions/src/SecureFuncs.php';, _(*6)

Scrypt and Encryption

domBlack/php-scrypt

Install the php module if you want to use scrypt hashing, _(*7)

Usage

All functions are static public functions right now so you can simply call the functions like this:, _(*8)

SecureFuncs\SecureFuncs::password_hash('input');, _(*9)

Functions

compareStrings($string1, $string2)

Compare strings while preventing timed attacks, _(*10)

getFormToken('form_token_id', $form_token, $limit = 300)

Verify a form token for the given id. The $limit is optional andm ust be given in seconds, if the limit is 300 and the token is used after 300 seconds it will be considered invalid., _(*11)

password_hash($password)

Hash the given password. This function allows for longer passwords and isn't affected by the null-byte issue., _(*12)

password_verify($password, $hash)

Verify the given password hash, _(*13)

randomHex($length)

Returns a random hexadecimal number for the given length, _(*14)

randomInt($min, $max)

Returns the a secure random integer within the given range., _(*15)

randomString($length)

Returns a random string for the given length, _(*16)

scryptcheck($password, $hash)

Compare a password and hash using DomBlack/php-scrypt, _(*17)

scrypthash($password, $salt, $cpu, $memory, $parallel)

Hash a password using DomBlack's php scrypt library, _(*18)

setFormToken($id)

Set a unique token in the session and returns it, can be used to verify post/get requests, _(*19)

strlen($str)

Returns the length of the given string using mb_strlen when available, _(*20)

pseudoBytes($length)

Returns random bytes for the given length, _(*21)