teakowa / cryptomute
Encrypt numeric data (binary, decimal, hex) preserving it's format (eg. 16-digits card number to 16-digits encrypted number).
Installs: 26 432
Dependents: 3
Suggesters: 0
Security: 0
Stars: 4
Watchers: 0
Forks: 5
Open Issues: 0
Requires
- php: ^8.0
- ext-gmp: *
- ext-openssl: *
Requires (Dev)
- friendsofphp/php-cs-fixer: ^3.0
- pestphp/pest: ^1.21
- phpunit/phpunit: ^8.5 || ^9.0
README
A small PHP class implementing Format Preserving Encryption via Feistel Network.
1. Installation
You can install Cryptomute via Composer (packagist has teakowa/cryptomute package). In your composer.json
file use:
{ "require": { "teakowa/cryptomute": "^1.4" } }
And run: php composer.phar install
. After that you can require the autoloader and use Cryptomute:
2. Usage
use Cryptomute\Cryptomute; $cryptomute = new Cryptomute( 'aes-256-cbc', // cipher '0123456789zxcvbn', // base key 7, // number of rounds ); $password = '0123456789qwerty'; $iv = '0123456789abcdef'; $plainValue = '2048'; $encoded = $cryptomute->encrypt($plainValue, 10, false, $password, $iv); $decoded = $cryptomute->decrypt($encoded, 10, false, $password, $iv); var_dump([ 'plainValue' => $plainValue, 'encoded' => $encoded, 'decoded' => $decoded, ]);
array(3) {
["plainValue"]=>
string(4) "2048"
["encoded"]=>
string(9) "309034283"
["decoded"]=>
string(4) "2048"
}
3. Options
3.1 Cipher
Cipher is the first constructor argument. Supported cipher methods are:
3.2 Key
Key is the second constructor argument. Base key from which all round keys are derrived.
3.3 Rounds
Rounds is the third constructor argument. Must be an odd integer greater or equal to 3. More rounds is more secure, but also slower. Recommended value is at least 7.
4. Public methods
4.1 setValueRange($minValue
, $maxValue
)
Sets minimum and maximum values. If the result is out of range it will be re-encrypted (or re-decrypted) until output is in range.
4.2 encrypt($plainValue
, $base
, $pad
, $password
, $iv
)
Encrypts data. Takes following arguments:
$plainValue
(string) input data to be encrypted$base
(int) input data base, accepted values is 2 (binary), 10 (decimal) or 16 (hexadecimal)$pad
(bool) pad left output to match$maxValue
's length?$password
(string) encryption password$iv
(string) initialization vector - only if cipher requires it
4.2 decrypt($cryptValue
, $base
, $pad
, $password
, $iv
)
Decrypts data. Takes following arguments:
$cryptValue
(string) input data to be decrypted$base
(int) input data base, accepted values is 2 (binary), 10 (decimal) or 16 (hexadecimal)$pad
(bool) pad left output to match$maxValue
's length?$password
(string) encryption password$iv
(string) initialization vector - only if cipher requires it
LICENSE
The code in this repository, unless otherwise noted, is under the terms of both the Anti 996 License and the Apache License (Version 2.0).