定制 jeslxdev/password-scrambler 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

jeslxdev/password-scrambler

Composer 安装命令:

composer require jeslxdev/password-scrambler

包简介

Password scrambler: reversible time-bound Base64 shuffle + AEAD (XChaCha20-Poly1305) and Argon2id hasher.

README 文档

README

Concise, production-focused PHP library for reversible, time-boxed password tokenization and secure password storage.

What this library provides

  • Deterministic reversible "scrambling" of password strings: Base64 encode -> deterministic shuffle -> AEAD (XChaCha20-Poly1305).
  • Time-boxed keys with TTL and grace window for key rotation.
  • Compact, versioned token format (base64url JSON payload).
  • Argon2id password hashing for long-term storage (recommended).
  • A small PDO-backed repository to persist scrambled tokens without requiring callers to write SQL.

Requirements

  • PHP >= 8.4
  • ext-sodium
  • ext-json
  • PDO + appropriate driver for your DB (SQLite or MySQL supported by repository code)

Quick usage

  1. Create key descriptor and key store
use JeslxDev\PasswordScrambler\KeyStore\KeyDescriptor;
use JeslxDev\PasswordScrambler\KeyStore\InMemoryKeyStore;

$master = random_bytes(32);
$kid = substr(bin2hex(sodium_crypto_generichash($master, '', 16)), 0, 8);
$desc = new KeyDescriptor($kid, base64_encode($master), time(), 86400);
$store = new InMemoryKeyStore([$desc]);
  1. Encrypt / decrypt
use JeslxDev\PasswordScrambler\Cipher\PasswordCipher;
use JeslxDev\PasswordScrambler\Cipher\CipherConfig;

$cipher = new PasswordCipher($store, new CipherConfig());
$token = $cipher->encrypt('my-plain-password');
$plain = $cipher->decrypt($token);
  1. Store tokens with PasswordManager (optional)
use JeslxDev\PasswordScrambler\Storage\DBConfig;
use JeslxDev\PasswordScrambler\Storage\Database;
use JeslxDev\PasswordScrambler\Service\PasswordManagerFactory;

$db = new Database(new DBConfig('sqlite:/path/to/file.db'));
$manager = PasswordManagerFactory::createFromDbAndKeyStore($db, $store);
$manager->store('user-id', 'my-plain-password');

Migration

  • A minimal migration helper is available at bin/migrate.php. It creates a user_passwords table for SQLite or MySQL.
  • For production use, prefer a dedicated migration tool (Phinx, Doctrine Migrations, Flyway, etc.).

Security notes

  • Never commit master key material. Keep keys in an HSM or a secrets manager when possible.
  • The reversible token is intended for workflows that need restoration for a limited time; prefer one-way hashing (Argon2id) when possible.

Testing

  • Unit tests: PHPUnit. An integration test uses SQLite in-memory and will be skipped if the PDO sqlite driver is not present.

License

  • MIT

jeslxdev/password-scrambler 适用场景与选型建议

jeslxdev/password-scrambler 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 0 次下载、GitHub Stars 达 1, 最近一次更新时间为 2025 年 09 月 03 日, 在 PHP 生态内属于活跃度较高的组件。

我们在过去多个企业项目中使用过 jeslxdev/password-scrambler 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 jeslxdev/password-scrambler 我们能提供哪些服务?
定制开发 / 二次开发

基于 jeslxdev/password-scrambler 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 0
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 1
  • 点击次数: 23
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 1
  • Watchers: 0
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2025-09-03