exonet / securemessage
Encrypt and decrypt messages in a secure way.
Installs: 16 951
Dependents: 0
Suggesters: 0
Security: 0
Stars: 15
Watchers: 9
Forks: 0
Open Issues: 0
Requires
- php: ^7.3|^8.0
Requires (Dev)
- mockery/mockery: ^1.4
- phpunit/phpunit: ^9
This package is auto-updated.
Last update: 2024-12-05 09:48:04 UTC
README
This package makes it possible to create (very) secure messages and store them in, for example, your database. A secure message is encrypted with a combination of three key 'parts':
- A "database key" - to be saved in a database.
- A "storage key" - to be stored on a disk/filesystem.
- A "verification code" - this code should not be stored anywhere.
This way, if an attacker has access to the database, it still has only access to a small part of the complete key. The same goes if an attacker has access to the file storage. Even if an attacker has access to the database and the file storage, a part of the complete key is still missing.
The verification code can be sent (securely) to the receiver of the secure message and with this code, it can decrypt the message and read it.
Requirements
This package requires at least PHP 7.3 with the sodium extension enabled.
Install
Via Composer
$ composer require exonet/securemessage
Usage
// Create the factory. $secureMessageFactory = new Exonet\SecureMessage\Factory(); // Set the (application wide) meta key. $secureMessageFactory->setMetaKey('A_10_random_characters_long_key.'); // Create a new SecureMessage. Note: it is not encrypted yet! $secureMessage = $secureMessageFactory->make('Hello, world!'); // Encrypt the Secure Message. $encryptedMessage = $secureMessage->encrypt();
Please see the /docs
folder for complete documentation and additional examples.
Change log
Please see releases for more information on what has changed recently.
Testing
$ composer test
Contributing
Please see CONTRIBUTING and CODE_OF_CONDUCT for details.
Security
If you discover any security related issues please email development@exonet.nl instead of using the issue tracker.
Credits
License
The MIT License (MIT). Please see License File for more information.