Wrapper around the Blowfish algorithm (for use in password encryption, etc.)
I want Blowfish password encryption, which is currently the best available.
I also want:
- Strong, fast entropy: mcrypt when available, fall back to dev/urandom or
- Variable cost: prioritize speed vs cipher strength depending on your needs
- Ease of use and a small, simple dependency
I do not want a large, complicated password encryption framework - I feel quite comfortable having a hard dependency on a public API consisting of two methods:
public function hash($value): string; public function check($value, $hash): bool;
Replacing this with something else in the future would be trivial.
You need php version 5.3.7 or newer for working Blowfish implementation - prior versions had a broken Blowfish implementation.
$service = new BlowfishService(); $password = '$up3rS3c3tp@55w0rD'; $hash = $service->hash($password); // encrypt the password $is_valid = $service->check($password, $hash); // check the password