PHPCrypto

, _(*1)

About

This is a cryptography library for PHP 7. It's based on OpenSSL and provides the following features:, _(*2)

Symmetric encryption and authentication (AES + HMAC-SHA256 as default);
Public Key cryptography (management keys, encryption/decryption)
Hybrid encryption using symmetric and public key (OpenPGP like)

Version

As this software is ALPHA, Use at your own risk!, _(*3)

Usage

The usage is quite straightforward, after installing the library using composer:, _(*4)

composer require ezimuel/phpcrypto:dev-master

You can consume the following classes Symmetric, PublicKey and Hybrid for symmetric encryption, public key and hybrid encryption., _(*5)

For instance, if you want to encrypt a string in a symmetric way, you can use the following code:, _(*6)

use PHPCrypto\Symmetric;

$plaintext = 'Text to encrypt';
$key = '123456789012'; // This can be also a user's password we generate a new
                       // one for encryption using PBKDF2 algorithm

$cipher = new Symmetric(); // AES + HMAC-SHA256 by default
$cipher->setKey($key);
$ciphertext = $cipher->encrypt($plaintext);

// or passing the $key as optional paramter
// $ciphertext = $cipher->encrypt($plaintext, $key);

$result = $cipher->decrypt($ciphertext);

// or passing the $key as optional paramter
// $result = $cipher->decrypt($ciphertext, $key);

print ($result === $plaintext) ? "OK" : "FAILURE";

SECURITY BEST PRACTICES

In this project we used the following security best practices:, _(*7)

Min size of user's key for encryption set to 12, _(*8)

Source: https://en.wikipedia.org/wiki/Password_strength, _(*9)
Use of PBKDF2 to generate the encryption and authentication key. Set the default iteration number to 80'000 (min 20'000), _(*10)

Source: https://goo.gl/bzv4dK, _(*11)
Encryption-then-authentication using HMAC, _(*12)

Source: http://crypto.stackexchange.com/a/205, _(*13)
Use of OAEP padding for OpenSSL public key encryption, _(*14)

Source: http://crypto.stackexchange.com/a/12706, _(*15)

TO DO

[x] encrypt/decrypt functions in PublicKey
[ ] sign/verify functions for digital signature in PublicKey
[ ] support multiple keys in Hybrid schema
[ ] Ca management in public key schemas

NOTES ABOUT OPENSSL EXTENSION

Here I reported some notes about the OpenSSL PHP extension usage:, _(*16)

it will be nice to have the openssl_cipher_key_size() function to get the key size of the specific cipher choosen;

Copyright

The license usage is reported in the LICENSE file., _(*18)

08/04 2016

dev-master

9999999-dev https://github.com/ezimuel/phpcrypto

Cryptographic library for PHP 7 based on OpenSSL

Sources Download

MIT

The Requires

php >=7.0
ext-openssl *

The Development Requires

phpunit/phpunit ^4.7

cryptography php7

library phpcrypto