A petite library of encryption functions for PHP

Related tags

Security php encryption openssl aes-256 stream-cipher block-cipher encryption-functions
Overview

πŸ” dcrypt

StyleCI Build Status Code Coverage Scrutinizer Code Quality Code Climate GPA License Latest Stable Version

A petite library of essential encryption functions for PHP 7.1+. For legacy PHP version support, look here. If you need a dcrypt inspired encryption library for .NET, check out harpocrates.

Online Demo

Install

Add dcrypt to your composer.json file requirements. Don't worry, dcrypt does not have any dependencies of its own.

composer require mmeyer2k/dcrypt

Block Ciphers

The dcrypt library helps application developers avoid common mistakes in crypto implementations that leave data at risk.

Specification document

Keys

Safe usage of dcrypt's block cipher functions requires the use of a high entropy 256 bit (minimum) key. Keys should be passed into dcrypt in base64 encoded format. You are responsible for the randomness of your key!

Generate a new key on the linux CLI:

head -c 32 /dev/urandom | base64 -w 0 | xargs echo

Or with PHP...

<?php
$key = \Dcrypt\OpensslKey::create(32);

AES-256 GCM Encryption

Since PHP 7.1 supports native AEAD encryption modes, using GCM would be safest option for most applications. Dcrypt will handle the AEAD authentication tag, SHA3-256 HMAC, initialization vector and encrypted message as a single unencoded string.

<?php
// Create a new random 32 byte key
$key = \Dcrypt\OpensslKey::create(32);

$encrypted = \Dcrypt\Aes::encrypt('a secret', $key);

$plaintext = \Dcrypt\Aes::decrypt($encrypted, $key);

If in doubt, use this example and don't read any further!

Other AES-256 Modes

If you read to this point then you are an experienced cryptonaut, congrats! πŸ‘Œ 🀘

Several AES-256 encryption modes are supported out of the box via hardcoded classes.

Class Name OpenSSL Cipher Security Rating Further Reading
Aes256Gcm or Aes aes-256-gcm πŸ˜ƒ wiki
Aes256Ctr aes-256-ctr ☺️ wiki
Aes256Cbc aes-256-cbc πŸ˜‘ wiki
Aes256Ofb aes-256-ofb 😬 wiki
Aes256Cfb aes-256-cfb 😯 wiki
Aes256Ccm aes-256-ccm 😲 wiki
Aes256Ecb aes-256-ecb 😑 wiki

Custom Encryption Suites

Dcrypt is compatible with most OpenSSL ciphers and hashing algorithms supported by PHP. Run openssl_get_cipher_methods() and hash_algos() to view supported options on your platform.

Static Wrapper

Use any cipher/algo combination by calling the OpensslStatic class.

<?php
$encrypted = \Dcrypt\OpensslStatic::encrypt('a secret', $key, 'bf-ofb', 'crc32');

$plaintext = \Dcrypt\OpensslStatic::decrypt($encrypted, $key, 'bf-ofb', 'crc32');

Class Overloading

Dcrypt's internal functions are easily extendable by overloading the OpensslBridge class.

<?php
class BlowfishCrc32 extends \Dcrypt\OpensslBridge 
{
    const CIPHER = 'bf-ofb';

    const ALGO = 'crc32';
}

$encrypted = BlowfishCrc32::encrypt('a secret', $key);

$plaintext = BlowfishCrc32::decrypt($encrypted, $key);

Layered Encryption Factory

Feeling especially paranoid? Not sure which cipher methods and algos can be trusted? Why not try all of them.

<?php
$stack = (new \Dcrypt\OpensslStack($key))
    ->add('aes-256-ecb', 'snefru')
    ->add('aes-256-ofb', 'sha224')
    ->add('aes-256-cbc', 'sha256')
    ->add('aes-256-ctr', 'sha384')
    ->add('aes-256-gcm', 'sha512');

$encrypted = $stack->encrypt('a secret');

$plaintext = $stack->decrypt($encrypted);

Message Authenticity Checking

By default, \Dcrypt\Exceptions\InvalidChecksumException exception will be raised before decryption is allowed to proceed when the supplied checksum is not valid.

<?php
try {
    $decrypted = \Dcrypt\Aes::decrypt('malformed cyphertext', $key);
} catch (\Dcrypt\Exceptions\InvalidChecksumException $ex) {
    // ...
}

Stream Ciphers

Be sure you understand the risks and inherent issues of using a stream cipher before proceeding.

One Time Pad

A novel counter-based stream cipher. OneTimePad uses SHA3-512 to output a keystream that is βŠ•'d with the input in 512 bit chunks.

Specification document

<?php
$encrypted = \Dcrypt\OneTimePad::crypt('a secret', $key);

$plaintext = \Dcrypt\OneTimePad::crypt($encrypted, $key);

OneTimePad can use any hashing algorithm to generate the pseudorandom keystream.

<?php
$encrypted = \Dcrypt\OneTimePad::crypt('a secret', $key, 'whirlpool');

$plaintext = \Dcrypt\OneTimePad::crypt($encrypted, $key, 'whirlpool');

Show me some love 😍 🍺

Developing dcrypt has been a great journey for many years. If you find dcrypt useful, please consider donating.

LTC: LN97LrLCNiv14V6fntp247H2pj9UiFzUQZ

BTC: 3N7vhA6ghWb1VrP4nGA6m6mzA9T2ASCVEj

ETH: 0xe14a56046f28fCEF56A0EA4a84973bDdFF546923

You might also like...
2 functions which work together to sanitize the the information from a form from SQL_Inyection.

Form_sanitizer 2 functions which work together to sanitize the the information from a form from SQL_Inyection. How to use the 2 functions Once you cop

Gorrian 1 Jul 19, 2022
php-chmod is a PHP library for easily changing permissions recursively.

PHP chmod php-chmod is a PHP library for easily changing the permissions recursively. Versions & Dependencies Version PHP Documentation ^1.1 ^7.4 curr

Mathias Reker ⚑️ 5 Oct 7, 2022
PHP Secure Communications Library

phpseclib - PHP Secure Communications Library Supporting phpseclib Become a backer or sponsor on Patreon One-time donation via PayPal or crypto-curren

null 4.9k Jan 7, 2023
TCrypto is a simple and flexible PHP 5.3+ in-memory key-value storage library

About TCrypto is a simple and flexible PHP 5.3+ in-memory key-value storage library. By default, a cookie will be used as a storage backend. TCrypto h

timoh 57 Dec 2, 2022
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

PHPGGC: PHP Generic Gadget Chains PHPGGC is a library of unserialize() payloads along with a tool to generate them, from command line or programmatica

Ambionics Security 2.5k Jan 4, 2023
Sodium Compat is a pure PHP polyfill for the Sodium cryptography library (libsodium)

Sodium Compat is a pure PHP polyfill for the Sodium cryptography library (libsodium), a core extension in PHP 7.2.0+ and otherwise available in PECL.

Paragon Initiative Enterprises 817 Dec 26, 2022
A PHP library for counting short DNA sequences for use in Bioinformatics

Helix A PHP library for counting short DNA sequences for use in Bioinformatics. Helix consists of tools for data extraction as well as an ultra-low me

Andrew DalPino 2 Jan 25, 2022
A library for generating random numbers and strings

RandomLib A library for generating random numbers and strings of various strengths. This library is useful in security contexts. Install Via Composer

Anthony Ferrara 832 Nov 24, 2022
Fast, general Elliptic Curve Cryptography library. Supports curves used in Bitcoin, Ethereum and other cryptocurrencies (secp256k1, ed25519, ..)

Fast Elliptic Curve Cryptography in PHP Information This library is a PHP port of elliptic, a great JavaScript ECC library. Supported curve types: Sho

Simplito 178 Dec 28, 2022
Comments
  • Using OTP to encrypt urls

    Using OTP to encrypt urls

    Hello, I am trying to use OTP but obviously i am doing something wrong.

    Here is part of my code

    https://pastebin.com/7aU2ZVdH

    Thanks for the help and great library

    opened by khavishbhundoo 6
  • Example doesn't work

    Example doesn't work

    After installing this library via composer, I was trying it out with the example provided in the readme file and got the error

    Steps to reproduce:

    • install the library via composer
    • Run the script below
    <?php
require_once "vendor/autoload.php";
// Create a new random 32 byte key
$key = \Dcrypt\OpensslKey::create(32);

$encrypted = \Dcrypt\Aes::encrypt('a secret', $key);

$plaintext = \Dcrypt\Aes::decrypt($encrypted, $key);
    • Produces the error below
    PHP Fatal error:  Uncaught Dcrypt\Exceptions\InvalidKeyException: Key must be at least 2048 bytes and base64 encoded in /mnt/c/Users/rantsh/Documents/workspace/KOS-Projects/PHPMall/vendor/mmeyer2k/dcrypt/src/OpensslKey.php:136
Stack trace:
#0 /mnt/c/Users/rantsh/Documents/workspace/KOS-Projects/PHPMall/delete.php(4): Dcrypt\OpensslKey::create()
#1 {main}
  thrown in /mnt/c/Users/rantsh/Documents/workspace/KOS-Projects/PHPMall/vendor/mmeyer2k/dcrypt/src/OpensslKey.php on line 136
    opened by rantsh 4
Releases(13.2.0)
Owner
null
GitHub
JSON Object Signing and Encryption library for PHP.

NAMSHI | JOSE Deprecation notice Hi there, as much as we'd like to be able to work on all of the OSS in the world, we don't actively use this library

Namshi 1.7k Dec 22, 2022
A cryptography API wrapping the Sodium library, providing a simple object interface for symmetrical and asymmetrical encryption, decryption, digital signing and message authentication.

PHP Encryption A cryptography API wrapping the Sodium library, providing a simple object interface for symmetrical and asymmetrical encryption, decryp

null 19 Dec 31, 2022
Simple Encryption in PHP.

php-encryption composer require defuse/php-encryption This is a library for encrypting data with a key or password in PHP. It requires PHP 5.6 or new

Taylor Hornby 3.6k Jan 3, 2023
A simple php (lumen) app for sharing sensitive text (basically like onetimesecret), but with full end-to-end AES-256-GCM encryption so even the server has no access to the data, and developed with very simple deployment in mind.

A simple php (lumen) app for sharing sensitive text (basically like onetimesecret), but with full end-to-end AES-256-GCM encryption so even the server has no access to the data, and developed with very simple deployment in mind.

Alan Woo 51 Nov 21, 2022
AES 128 bit Encryption and Decryption algorithm excuted purely on PHP with no external libraries.

AES128 Executed with PHP Advanced Encryption Standard (AES) is a specification for the encryption of electronic data established by the U.S National I

Ahmed Mohamed Mostafa 2 Aug 8, 2022
Encryption-free Private Messaging For Flarum

Whisper - Private Messaging for Flarum A Flarum extension. Add private messaging functionality to your Flarum Community! Simple to install, no setting

Charlie 4 Dec 7, 2021
Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication.

Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications. Phil Zimmermann developed PGP in 1991.

[sCRiPTz-TEAM] 3 Dec 31, 2021
Password manager featuring client-side encryption, vaults, folders and more.

vaults is a password manager featuring client side AES-256 encryption, PBKDF2 hashing, vaults, password generation & more. Features Technical overview

null 27 Nov 18, 2022
Simplest implementation of RSA algorithm encryption and decryption

Simplest RSA (Rivest–Shamir–Adleman) Simplest implementation of RSA algorithm encryption and decryption. Richard Feynman: What I cannot create, I do n

Max Base 8 Aug 30, 2022
Compatibility with the password_* functions that ship with PHP 5.5

password_compat This library is intended to provide forward compatibility with the password_* functions that ship with PHP 5.5. See the RFC for more d

Anthony Ferrara 2.2k Dec 30, 2022