matheusgarcez/php-encryption

Release 2.0.0

Secure PHP Encryption Library

Repository Packagist PHP

Keywords
security, cryptography, encryption, crypto, aes, openssl, encrypt, cipher, symmetric key cryptography, authenticated encryption
License
MIT

Documentation

php-encryption

Build Status

This is a library for encrypting data with a key or password in PHP. It requires PHP 5.4 or newer. The current version is v2.0.0, which is expected to remain stable and supported by its authors with security and bugfixes until at least January 1st, 2019.

The library is a joint effort between Taylor Hornby and Scott Arciszewski as well as numerous open-source contributors.

What separates this library from other PHP encryption libraries is, firstly, that it is secure. The authors used to encounter insecure PHP encryption code on a daily basis, so they created this library to bring more security to the ecosystem. Secondly, this library is "difficult to misuse." Like libsodium, its API is designed to be easy to use in a secure way and hard to use in an insecure way.

Dependencies

This library requres no special dependencies except for PHP 5.4 or newer with the OpenSSL extensions enabled (this is the default). It uses random_compat, which is bundled in with this library so that your users will not need to follow any special installation steps.

Getting Started

Start with the Tutorial. You can find instructions for obtaining this library's code securely in the Installing and Verifying documentation.

After you've read the tutorial and got the code, refer to the formal documentation for each of the classes this library provides:

If you encounter difficulties, see the FAQ answers. The fixes to the most commonly-reported problems are explained there.

If you're a cryptographer and want to understand the nitty-gritty details of how this library works, look at the Cryptography Details documentation.

If you're interested in contributing to this library, see the Internal Developer Documentation.

Examples

If the documentation is not enough for you to understand how to use this library, then you can look at an example project that uses this library:

Security Audit Status

This code has not been subjected to a formal, paid, security audit. However, it has received lots of review from members of the PHP security community, and the authors are experienced with cryptography. In all likelihood, you are safer using this library than almost any other encryption library for PHP.

If you use this library as a part of your business and would like to help fund a formal audit, please contact Taylor Hornby.

Public Keys

The GnuPG public key used to sign releases is available in dist/signingkey.asc. Its fingerprint is:

2FA6 1D8D 99B9 2658 6BAC  3D53 385E E055 A129 1538

You can verify it against the Taylor Hornby's contact page and twitter.

Stats

Dependencies
2
Dependent packages
0
Dependent repositories
0
Total releases
7
Latest release
First release
Stars
0
Forks
0
Watchers
1
Contributors
18
Repository size
12.6 MB
SourceRank
3

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

v1.0
v1.1
2.0.2
2.0.1
2.0.0
v1.2.1
v1.2

Contributors

Taylor Hornby Scott Scott Arciszewski Lee Rowlands Elan Ruusamäe Matheus Garcez Chris Leppanen sethbattin Andrey Andreev Sebastiaan Stok Chris Eskow Robert Stoll Adam Bramley Bart Brinkman Raphaël Cohen Michal Špaček Lewis Cowles Anatoly Pulyaevskiy


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2017-11-09 21:42:49 UTC

Login to resync this project