/CwsCrypto

PHP class for password hashing with multi encryption methods

Primary LanguagePHPMIT LicenseMIT

Latest Stable Version Minimum PHP Version Build Status Code Quality Become a sponsor Donate Paypal

⚠️ Abandoned project

This project is not maintained anymore and is abandoned. Feel free to fork and make your own changes if needed.

Thanks to everyone for their valuable feedback and contributions.

About

PHP class for password hashing with multi encryption methods.

Overview

The PBKDF2 key derivation function

Defined by RSA's PKCS #5: https://www.ietf.org/rfc/rfc2898.txt
This implementation of PBKDF2 was originally created by https://defuse.ca/php-pbkdf2.htm
With improvements by http://www.variations-of-shadow.com

The OpenBSD-style Blowfish-based bcrypt

This hashing method is known in PHP as CRYPT_BLOWFISH.
More infos : http://www.php.net/security/crypt_blowfish.php
This implementation of BCRYPT was originally created by http://www.openwall.com/phpass/

Generate random bytes

A random() function is available to generate secure random bytes with 5 methods :

Encrypt/Decrypt datas

There is also a method to encrypt/decrypt data using a symectric encryption string with the blowfish algorithm and an encryption key in CFB mode but please be advised that you should not use this method for truly sensitive data.

Installation

composer require crazy-max/cws-crypto

And download the code:

composer install # or update

Getting started

See tests/test.php file sample to help you.

Example

Methods

hashPassword - Create a password hash.
checkPassword - Check a hash with the password given.
encrypt - Generate a symectric encryption string with the blowfish algorithm and an encryption key in CFB mode.
decrypt - Return the decrypted string generated from the encrypt method.
random - Generate secure random bytes with 5 methods : mcrypt_create_iv, openssl_random_pseudo_bytes, GetRandom() from CAPICOM Microsoft class, /dev/urandom on Unix systems or mt_rand() and getmypid() functions.

setPbkdf2Mode - Set the pbkdf2 mode for hashing/check password.
setBcryptMode - Set the bcrypt mode for hashing/check password. (default)
setEncryptionKey - Set the encryption key for encrypt/decrypt method (max length 56).
getError - Get the last error.

How can I help ?

All kinds of contributions are welcome 🙌! The most basic way to show your support is to star 🌟 the project, or to raise issues 💬 You can also support this project by becoming a sponsor on GitHub 👏 or by making a Paypal donation to ensure this journey continues indefinitely! 🚀

Thanks again for your support, it is much appreciated! 🙏

License

MIT. See LICENSE for more details.