The above badges represent the current development branch. As a rule, I don't push to GitHub unless tests, coverage and usability are acceptable. This may not be true for short periods of time; on holiday, need code for some other downstream project etc. If you need stable code, use a tagged version. Read 'Further Documentation' and 'Installation'.
The Travis tests cover multiple versions of PHP. However, they do not allow usage of system commands, hence the getMac() method of Crypt.php doesn't work on the Travis servers. Check it out for yourself.
Provides a simple encryption capability
Encryption is not generally straightforward. This library tries to ease the pain. At the present time, a single verified encryption method is provided.
As the majority of web encryption requires that you are able to store the value in cookies, database tables etc, by default the encrypted value is encoded using Base 64. You can switch that off if required.
The encryption methods supported by this library all require an encryption key. You can
generate this (on a *nix based system at least,) by running
You need to supply an encryption method to the Crypt class. At present one is provided for you, Rijndael256, but you can implement others by implementing the MethodInterface.
The supplied Rijndael256 method is capable of encrypting any PHP serializable object.
use Chippyash\Crypt\Crypt; use Chippyash\Crypt\Crypt\Method\Rijndael256; use chippyash\Type\String\StringType; use chippyash\Type\BoolType; $crypt = new Crypt(new StringType('my seed value'), new Rijndael256()); $encrypted = $crypt->encrypt($someValue); $decrypted = $crypt->decrypt($encrypted);
By default the encrypted value is encoded using Base64. You can get the raw value thus:
$encrypted = $crypt->encrypt($someValue, new BoolType(false));
If you are not using Base64 encoding to encrypt, you need to switch it off in the decrypt as well:
$decrypted = $crypt->decrypt($encrypted, new BoolType(false));
By default, on *nix based machines, the seed that you supply on construction is mixed with the mac address of the machine that the code is running on, if it can be found. This ensures that only that machine can encrypt and decrypt a given value. If you do not want this, say for instance that you are running on load balanced machines and storing in a central database, you can switch it off:
$crypt = new Crypt(new StringType('my seed value'), new Rijndael256()); $crypt->setUseMacAddress(new BoolType(false));
This library is no longer maintained and serves only as an example of encryption and as a holder for the work of others before me
If you have a wish to pick this up and take it further, please contact me.
only on master branch at present
As an example of how you can wrap other libraries into this, I've supplied the Blowfish method, which requires the Zend Crypt library.
use Chippyash\Crypt\Crypt\Method\Blowfish; $crypt = new Crypt(new StringType('my seed value'), new Blowfish());
If you want to do very serious cryptography
the Zend Crypt library is a good starting point. If you just want sound and simple, use
this library. You will need to use the now default
composer install to bring in dev
dependencies to use the Zend stuff. If you like it then add
to your project composer 'requires' statement;
Test Contract in the docs directory. For Symfony users, you'll also find an example DIC definition in the docs directory
Check out ZF4 Packages for more packages
- fork it
- write the test
- amend it
- do a pull request
Found a bug you can't figure out?
- fork it
- write the test
- do a pull request
NB. Make sure you rebase to HEAD before your pull request
Or - raise an issue ticket.
Or to use the latest, possibly unstable version:
To use the Zend cryptography lib under my lib add the
line to your composer require section.
Clone this repo, and then run Composer in local repo root to pull in dependencies
git clone firstname.lastname@example.org:chippyash/Crypt.git Crypt cd Crypt composer install
To run the tests:
cd Crypt vendor/bin/phpunit -c test/phpunit.xml test/
This software library is released under the GNU GPL V3 or later license
This software library is Copyright (c) 2015, Ashley Kitson, UK
This software library contains code items that are derived from other works:
None of the contained code items breaks the overriding license, or vice versa, as far as I can tell. So as long as you stick to GPL V3+ then you are safe. If at all unsure, please seek appropriate advice.
If the original copyright owners of the derived code items object to this inclusion, please contact the author.
A commercial license is available for this software library, please contact the author. It is normally free to deserving causes, but gets you around the limitation of the GPL license, which does not allow unrestricted inclusion of this code in commercial works.
I didn't do this by myself. I'm deeply indebted to those that trod the path before me.
The Rijndael256 cryptography method is based on code created by Andrew Johnson. I can find no current location or link for Andrew, so if you know him (he created Cryptastic,) please do let me know.
V1.0.0 Initial Release
V1.1.0 Update dependencies
V1.1.1 Add link to packages