2017 © Pedro Peláez
 

library php-encryption

Secure PHP Encryption Library

image

defuse/php-encryption

Secure PHP Encryption Library

  • Wednesday, July 25, 2018
  • by DefuseSec
  • Repository
  • 106 Watchers
  • 1930 Stars
  • 3,562,507 Installations
  • PHP
  • 92 Dependents
  • 9 Suggesters
  • 203 Forks
  • 23 Open issues
  • 29 Versions
  • 22 % Grown

The README.md

php-encryption

Build Status codecov Latest Stable Version License Downloads, (*1)

composer require defuse/php-encryption

This is a library for encrypting data with a key or password in PHP. It requires PHP 5.6 or newer and OpenSSL 1.0.1 or newer. We recommend using a version of PHP that still has security support, which at the time of writing means PHP 8.0 or later. Using this library with an unsupported version of PHP could lead to security vulnerabilities., (*2)

The current version of php-encryption is v2.4.0. This library is expected to remain stable and supported by its authors with security and bugfixes until at least January 1st, 2024., (*3)

The library is a joint effort between Taylor Hornby and Scott Arciszewski as well as numerous open-source contributors., (*4)

What separates this library from other PHP encryption libraries is, firstly, that it is secure. The authors used to encounter insecure PHP encryption code on a daily basis, so they created this library to bring more security to the ecosystem. Secondly, this library is "difficult to misuse." Like libsodium, its API is designed to be easy to use in a secure way and hard to use in an insecure way., (*5)

Dependencies

This library requires no special dependencies except for PHP 5.6 or newer with the OpenSSL extensions (version 1.0.1 or later) enabled (this is the default). It uses random_compat, which is bundled in with this library so that your users will not need to follow any special installation steps., (*6)

Getting Started

Start with the Tutorial. You can find instructions for obtaining this library's code securely in the Installing and Verifying documentation., (*7)

After you've read the tutorial and got the code, refer to the formal documentation for each of the classes this library provides:, (*8)

If you encounter difficulties, see the FAQ answers. The fixes to the most commonly-reported problems are explained there., (*9)

If you're a cryptographer and want to understand the nitty-gritty details of how this library works, look at the Cryptography Details documentation., (*10)

If you're interested in contributing to this library, see the Internal Developer Documentation., (*11)

Other Language Support

This library is intended for server-side PHP software that needs to encrypt data at rest. If you are building software that needs to encrypt client-side, or building a system that requires cross-platform encryption/decryption support, we strongly recommend using libsodium instead., (*12)

Examples

If the documentation is not enough for you to understand how to use this library, then you can look at an example project that uses this library:, (*13)

Security Audit Status

This code has not been subjected to a formal, paid, security audit. However, it has received lots of review from members of the PHP security community, and the authors are experienced with cryptography. In all likelihood, you are safer using this library than almost any other encryption library for PHP., (*14)

If you use this library as a part of your business and would like to help fund a formal audit, please contact Taylor Hornby., (*15)

Public Keys

The GnuPG public key used to sign the current and new releases is available in dist/signingkey-new.asc. Its fingerprint is:, (*16)

6DD6 E677 0281 5846 FC85  25A3 DD2E 507F 7BDB 1669

You can verify it against Taylor Hornby's contact page and twitter., (*17)

Older releases were signed with a (now-expired) available in dist/signingkey-old.asc. The old key's fingerprint is:, (*18)

2FA6 1D8D 99B9 2658 6BAC  3D53 385E E055 A129 1538

The old key's fingerprint can be verified against Taylor Hornby's contact page and twitter., (*19)

A signature of this new key by the old key is available in dist/signingkey-new.asc.sig., (*20)

The Versions

25/07 2018

dev-master

9999999-dev

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

25/07 2018

v2.2.1

2.2.1.0

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

25/07 2018

dev-version-num

dev-version-num

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

24/07 2018

dev-random-compat-v9

dev-random-compat-v9

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

23/04 2018

v2.2.0

2.2.0.0

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

23/04 2018

dev-make-throw-ifs-an-assert

dev-make-throw-ifs-an-assert

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

23/04 2018

dev-coverage-badge

dev-coverage-badge

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

23/04 2018

dev-coverage

dev-coverage

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

23/04 2018

dev-more-v2.2-stuff

dev-more-v2.2-stuff

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

23/04 2018

dev-rollback-version-in-composer

dev-rollback-version-in-composer

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

14/11 2017

dev-use-libsodium-readme

dev-use-libsodium-readme

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

26/10 2017

dev-fix-typo-readme-20171026

dev-fix-typo-readme-20171026

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

22/06 2017

dev-fix-typo

dev-fix-typo

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

18/05 2017

v2.1.0

2.1.0.0

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

16/05 2017

dev-psalm

dev-psalm

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

17/04 2017

dev-strip-newlines

dev-strip-newlines

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

06/02 2017

dev-fix-phpunit-links

dev-fix-phpunit-links

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

20/11 2016

dev-remove-composer-version

dev-remove-composer-version

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

10/10 2016

2.0.3

2.0.3.0

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

08/10 2016

dev-make-sign-phar-not-rebuild

dev-make-sign-phar-not-rebuild

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

08/10 2016

dev-separate-phar-signing

dev-separate-phar-signing

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

08/10 2016

dev-doc-fixes

dev-doc-fixes

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

21/09 2016

dev-doc-fixes-and-stuff

dev-doc-fixes-and-stuff

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

09/09 2016

dev-add-hhvm-to-travis

dev-add-hhvm-to-travis

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

12/07 2016

dev-t278-remove-large-jpg

dev-t278-remove-large-jpg

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

21/05 2016

2.0.1

2.0.1.0

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

16/05 2016

2.0.0

2.0.0.0

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

 

The Development Requires

by Taylor Hornby
by Scott Arciszewski

security encrypt encryption cryptography crypto aes openssl cipher symmetric key cryptography authenticated encryption

14/03 2015

v1.2.1

1.2.1.0

Secure PHP Encryption Library

  Sources   Download

MIT

The Requires

  • php >=5.4.0
  • ext-openssl *
  • ext-mcrypt *

 

by Taylor Hornby

security encryption aes cipher mcrypt

14/03 2015

v1.2

1.2.0.0

Secure PHP Encryption Library

  Sources   Download

The Requires

  • php >=5.4.0
  • ext-openssl *
  • ext-mcrypt *