teakowa/cryptomute

Encrypt numeric data (binary, decimal, hex) preserving it's format (eg. 16-digits card number to 16-digits encrypted number).

v1.5.0 2023-01-31 13:35 UTC

This package is auto-updated.

Last update: 2024-12-25 15:16:20 UTC


README

A small PHP class implementing Format Preserving Encryption via Feistel Network.

Latest Version on Packagist PHP from Packagist LICENSE LICENSE 996.icu Total Downloads

1. Installation

You can install Cryptomute via Composer (packagist has teakowa/cryptomute package). In your composer.json file use:

{
    "require": {
        "teakowa/cryptomute": "^1.4"
    }
}

And run: php composer.phar install. After that you can require the autoloader and use Cryptomute:

2. Usage

use Cryptomute\Cryptomute;

$cryptomute = new Cryptomute(
    'aes-256-cbc',      // cipher
    '0123456789zxcvbn', // base key
    7,                  // number of rounds
);

$password = '0123456789qwerty';
$iv = '0123456789abcdef';

$plainValue = '2048';
$encoded = $cryptomute->encrypt($plainValue, 10, false, $password, $iv);
$decoded = $cryptomute->decrypt($encoded, 10, false, $password, $iv);

var_dump([
  'plainValue' => $plainValue,
  'encoded'    => $encoded,
  'decoded'    => $decoded,
]);
array(3) {              
  ["plainValue"]=>       
  string(4) "2048"       
  ["encoded"]=>          
  string(9) "309034283"  
  ["decoded"]=>          
  string(4) "2048"       
}                        

3. Options

3.1 Cipher

Cipher is the first constructor argument. Supported cipher methods are:

3.2 Key

Key is the second constructor argument. Base key from which all round keys are derrived.

3.3 Rounds

Rounds is the third constructor argument. Must be an odd integer greater or equal to 3. More rounds is more secure, but also slower. Recommended value is at least 7.

4. Public methods

4.1 setValueRange($minValue, $maxValue)

Sets minimum and maximum values. If the result is out of range it will be re-encrypted (or re-decrypted) until output is in range.

4.2 encrypt($plainValue, $base, $pad, $password, $iv)

Encrypts data. Takes following arguments:

  • $plainValue (string) input data to be encrypted
  • $base (int) input data base, accepted values is 2 (binary), 10 (decimal) or 16 (hexadecimal)
  • $pad (bool) pad left output to match $maxValue's length?
  • $password (string) encryption password
  • $iv (string) initialization vector - only if cipher requires it

4.2 decrypt($cryptValue, $base, $pad, $password, $iv)

Decrypts data. Takes following arguments:

  • $cryptValue (string) input data to be decrypted
  • $base (int) input data base, accepted values is 2 (binary), 10 (decimal) or 16 (hexadecimal)
  • $pad (bool) pad left output to match $maxValue's length?
  • $password (string) encryption password
  • $iv (string) initialization vector - only if cipher requires it

LICENSE

The code in this repository, unless otherwise noted, is under the terms of both the Anti 996 License and the Apache License (Version 2.0).