mmeyer2k / ralph
A semi-secure symmetric encryption library
Requires
- php: >=7.1.0
This package is auto-updated.
Last update: 2024-11-30 01:41:56 UTC
README
A semi-secure symmetric encryption library that sometimes eats crayons.
Ralph provides acceptable security in situations where size is critical. All major security parameters are 64 bit (block, iv and checksum). As a result, input strings under 8 bytes long result in a 24 byte cypher text.
$encrypted = ralph()::encrypt('secret', 'password'); var_dump(base64_encode($encrypted)); #string(32) "M783Db84XVPukJZkRh05R5ZBZxcD4CvM" $decrypted = ralph()::decrypt($encrypted, 'password'); var_dump($decrypted); #string(6) "secret"
Ralph isn't very smart, so he registers himself the in global namespace \Ralph
.
He also registers the global helper function ralph()
, for your convenience and amusement.
install
EXPERIMENTAL
Ralph is compatible with PHP versions 7.1 to 8.1.
composer require mmeyerk/ralph main-dev
how it works
Ralph uses hash_pbkdf2()
to generate a key stream which is then XORed with the message.
Both encrypt
and decrypt
functions accept an optional third parameter to specify iterations for key hardening.
$iterations = 10000; $encrypted = ralph()::encrypt('secret', 'password', $iterations); $decrypted = ralph()::decrypt($encrypted, 'password', $iterations);
specs
- initialization vector (
random_bytes
) - time-safe checksum verification (
hash_equals
,hash_hmac
,sha3-256
) - block padding (
PKCS#7
) - key stream generation (
hash_pbkdf2
,sha3-512
)