This is pretty suits for PHP devlovers and also built up for standalone like pro,
our sources does very simply, included Crypsic and Pwsuit for supporting native Ops
- PHP v5.6 (non-tested) or PHP v7.0+ (tested)
- Openssl extensions must be enable
- Composer autoload PSR4
- Composer for installation
composer require "moviet/php-encryption"
- Do not ever encrypt a password
- Use our instant
Pwsuitto protect a password that supply modern hashes - Pwsuit dedicated for non-coverable performed, so do not forget the password
- Do not use
a same keyfor many secret informations, you can do it well - You may need a concern to manage the keys correctly, it must be treat a safely
Encryptiondoesn't same as s-e-c-u-r-i-t-y, so do not construct a bullet proof- You must follow the standard security design that suitable for your system
- A Symmetric Crypto
- Customable Cipher Modes
- Instant Encrypt And Decrypt
- Auto Generate Secure Random Key
- Suitable Password Algorithms
- Secure A Key With Password
It's meant the current crypto available is only for crafting symmetric encryption
-
You can modify the cipher modes using our own mode functions like
Crypsic::mode('CBC-128') // AES-128-CBC
this is optional usage, if nothing, it will set to
AES-256-CBCas default modenotes :
If you want to set mode, please use one for one operation, if you don't know we're highly recommended that you ignore it, and set as default mode for easy usage.
-
You can encrypt a secret ID, texts or any others secret information like
Crypsic::listen('My card number 9999-6666-6666-9999')
-
And simply decrypt your secret information like
$mySecretData = 'Dada/nanana367OYeyeyyHola666HoopYeYEYsipp+imo27blablabla' Crypsic::look($mySecretData)
-
You can not decrypt your secret information without a key, so you must create a key at first
Crypsic::saveKey('This is new key please make em zig-zag, bilbo')
Notes : don't forget to generate a long and heavy characters for your key
it will auto calculate your key with Cryptographically Secure Random functions
for PHP v7.0+ and Openssl pseudo random for PHP v5.6 by very happier
-
After you save a key belong encryption data, so you can confirm like so
Crypsic::key('edfes73ccd0191jbabbdbab0101bdbeb10290abbaba1010edsf820')
-
You can dynamically set a Password like so
Pwsuit::pwhash('Default','hello this is my password')
-
or custom like
Pwsuit::cost(26)->pwhash('Default','Yes dont blow my head')
on above will equivalent like
password_hash('My password', PASSWORD_DEFAULT, ['cost'=>26]) -
If you use new PHP v7.2+ you can try Modern Hashes like
Pwsuit::pwhash('Argon2i','my Argon password is dadada')
-
or any custom like
Pwsuit::memory(4024) ->time(4) ->thread(4) ->pwhash('Argon2id','Hey bob this is my password')
it will give you a nicely smile by PHP 'out of the box'
-
We attach new crazybility to protect your secret with password like below
// First create Keystore and save Crypsic::saveKey('let me burn the typos') // Then create password and save Pwsuit::cost(16)->pwhash('Default','MyPassword')
Notes :
a 'cost' length is optional, if higher may have slow, but that was better
-
Then to decrypt and verify your secret using key with password just simply
$postPassword = $_POST['password'] Crypsic::authKey($postPassword)->hash('My Data Hashed Password')->key('My key') Crypsic::look('My Encrypt Data')
Notes :
Hash and encrypt data has different results, please use correctly
-
You can also use this lib as standalone to generate password and to verify
Pwsuit::pwTrust($myPassword, $dataPassword) // Return Boolen
-
Refresh the old password hashed using like
Pwsuit::pwRehash('Default', $myPassword, $dataPassword)
-
Ensuring the current hashed data that you've decorated
$info = Pwsuit::pwInfo($my_data_hashed) \\ see dump output with yaayy
require '__DIR__' . '/vendor/autoload.php';
use Moviet\Heavy\Crypsic;
use Moviet\Heavy\Hash\Pwsuit;
/*
* Create a long and burn your typos, whatever
*/
$mykey = Crypsic::saveKey('Something a heavy key');
// output : c185128d2ae131b3ecf25779d2ef6120a6d9aa53ea5f422e0e2f6e97385954e9
Crypsic::key($mykey);
$encrypt = Crypsic::listen('this is new metal song : 9999-8888-6666-1717');
// output : J7A2jpefNGp8HBFH0i1Xon5l59EnGFs8zFWdcMlZ1BQ4cYhNv+awNMOLZMcehkc2k6coPlN1oprVCTZPC60t6p5JvLcZHxAPVC5v08XHIYss+yTuLuYZ5CH6RfDpaZzZ
$decrypt = Crypsic::look($encrypt);
// output : this is new metal song : 9999-8888-6666-1717You may want to arrangement the key from sabotage, please follow this rockly 🤘
require '__DIR__' . '/vendor/autoload.php';
use Moviet\Heavy\Crypsic;
use Moviet\Heavy\Hash\Pwsuit;
$thor = Crypsic::saveKey('Do you know locky');
$tonyStark = Pwsuit::pwhash('Default','I know spiderman with Bob');
// Save the Output : $2y$14$yUwjHQmnOeZyHWCcA5mlE.t3nVySA5NomMGmptkbNG170T3IkGQH.
$jarvish = $_POST['password'];
$captainAfrica = Crypsic::authKey($jarvish)->hash($tonyStark)->key($thor);
$thanos = Crypsic::look($captainAfrica); // and thanos doesn't have any idea => who is bob| Attributes | Modes |
|---|---|
| CBC-256 | AES-256-CBC |
| CBC-192 | AES-192-CBC |
| CBC-128 | AES-128-CBC |
| CTR-256 | AES-256-CTR |
| CTR-192 | AES-192-CTR |
| CTR-128 | AES-128-CTR |
| Default | Value |
|---|---|
| cost | 14 |
| memory_cost | 1666 |
| time_cost | 6 |
| threads | 6 |
| Attributes | Modes |
|---|---|
| Default | PASSWORD_DEFAULT |
| Argon2i | PASSWORD_ARGON2I |
| Argon2d | PASSWORD_ARGON2D |
| Argon2id | PASSWORD_ARGON2ID |
By descriptions on above, you may have a short picture of how easy to use this lib
How secure is this ?
- you do not worry about it, even on production, it can do it well
- if you use for commercial projects please follow the best practises
Moviet/php-encryption is released under the MIT public license. See the enclosed LICENSE for details.