承接 krzysztofzylka/hash 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

krzysztofzylka/hash

Composer 安装命令:

composer require krzysztofzylka/hash

包简介

Versioned hash library with multiple algorithm support

README 文档

README

A modern PHP library for secure password hashing and general-purpose hashing with version support and algorithm migration capabilities.

Features

  • Modern Security: Uses Argon2id as the default algorithm (2024 security standard)
  • Version Management: Built-in versioning system for seamless algorithm migration
  • Multiple Algorithms: Support for 15+ hashing algorithms from secure password hashers to fast checksums
  • Backward Compatibility: Seamlessly works with existing PHP password_hash() outputs
  • Security Assessment: Built-in tools to evaluate hash strength and recommend upgrades
  • Migration Ready: Easy detection of hashes that need security upgrades

Installation

composer require krzysztofzylka/hash

Quick Start

Secure Password Hashing

use Krzysztofzylka\Hash\VersionedHasher;

// Create a secure password hash (uses Argon2id by default)
$hash = VersionedHasher::createSecure('mypassword');
// Output: $014$argon2id$v=19$m=65536,t=4,p=3$base64salt$base64hash

// Verify password
$isValid = VersionedHasher::verify($hash, 'mypassword'); // true

Custom Algorithm Usage

// Use specific algorithm
$hash = VersionedHasher::create('data', 'bcrypt', ['cost' => 12]);
$hash = VersionedHasher::create('data', 'sha256');
$hash = VersionedHasher::create('data', 'xxh64'); // Fast checksum

// Verify any supported hash
$isValid = VersionedHasher::verify($hash, 'data');

Supported Algorithms

Password Hashing (Secure)

  • argon2id ⭐ (Recommended 2024) - Most secure, resistant to all attacks
  • argon2i - Secure alternative to Argon2id
  • bcrypt - Widely supported, good security
  • scrypt - Memory-hard function
  • pbkdf2 - Minimum acceptable security

Cryptographic Hashes

  • sha512 / sha256 - Standard cryptographic hashes
  • ripemd256 - Alternative cryptographic hash
  • snefru / gost - Specialized cryptographic functions

Fast Checksums (Non-secure)

  • xxh128 / xxh64 / xxh32 / xxh3 - Ultra-fast checksums
  • crc32 / crc32c - Standard checksums

Legacy (Deprecated)

  • md5 - Only for compatibility (not secure)

Advanced Usage

Security Assessment

// Check if hash needs upgrade
$needsUpgrade = VersionedHasher::needsRehash($oldHash);
if ($needsUpgrade) {
    $newHash = VersionedHasher::createSecure($password);
    // Update database with new hash
}

// Get hash information
$info = VersionedHasher::getHashInfo($hash);
/*
Array(
    'format' => 'versioned',
    'algorithm' => 'argon2id',
    'version' => '014',
    'secure' => true,
    'strength' => 'high'
)
*/

Algorithm Discovery

// Get recommended algorithm for current system
$recommended = VersionedHasher::getRecommendedAlgorithm(); // 'argon2id'

// Get all supported algorithms
$all = VersionedHasher::getSupportedAlgorithms();

// Get only secure algorithms
$secure = VersionedHasher::getSecureAlgorithms();

// Get algorithms by strength
$high = VersionedHasher::getAlgorithmsByStrength('high');

Custom Configuration

// Custom Argon2id settings
$hash = VersionedHasher::create('password', 'argon2id', [
    'memory_cost' => 131072, // 128 MB
    'time_cost' => 6,        // 6 iterations
    'threads' => 4           // 4 threads
]);

// Custom bcrypt cost
$hash = VersionedHasher::create('password', 'bcrypt', ['cost' => 14]);

// Custom PBKDF2 settings
$hash = VersionedHasher::create('password', 'pbkdf2', [
    'iterations' => 20000
]);

Security Recommendations (2024)

For New Applications

  1. Use createSecure() - Automatically uses Argon2id with optimal settings
  2. Regular Assessment - Check needsRehash() periodically
  3. Monitor Algorithms - Stay updated on algorithm recommendations

For Legacy Applications

  1. Gradual Migration - Use needsRehash() to identify upgrade candidates
  2. Backward Compatibility - Library works with existing password_hash() outputs
  3. User Login Migration - Upgrade hashes during successful logins
// Migration example
if (VersionedHasher::verify($storedHash, $inputPassword)) {
    // Login successful
    if (VersionedHasher::needsRehash($storedHash)) {
        $newHash = VersionedHasher::createSecure($inputPassword);
        // Update database with $newHash
    }
    // Continue with login process
}

Version Format

The library uses a versioned format for all hashes:

$VERSION$HASH_VALUE

Examples:

  • $014$argon2id$v=19$m=65536,t=4,p=3$... - Argon2id
  • $015$2y$12$abcdef... - bcrypt
  • $002$a665a45920422f9d417e4867efdc4fb8a04a1f3fff1fa07e998e86f7f7a27ae3 - SHA256

Performance Guidelines

Password Hashing

  • High Security: Argon2id with 128MB+ memory
  • Balanced: Default createSecure() settings (64MB, 4 iterations)
  • Fast: bcrypt with cost 12

Checksums

  • Ultra Fast: xxh64, xxh3
  • Standard: crc32, crc32c
  • Cryptographic: sha256, sha512

Error Handling

try {
    $hash = VersionedHasher::create('data', 'unsupported_algo');
} catch (Exception $e) {
    echo "Error: " . $e->getMessage();
}

// Check algorithm support before use
if (VersionedHasher::isAlgorithmSupported('argon2id')) {
    $hash = VersionedHasher::create('data', 'argon2id');
}

Requirements

  • PHP 7.4+
  • Hash extension (usually included)
  • For Argon2: PHP 7.2+ with password_hash Argon2 support
  • For scrypt: libsodium or hash extension with scrypt support

Security Notes

⚠️ Important Security Considerations:

  1. Never use fast checksums for passwords (xxh*, crc32, md5)
  2. Upgrade legacy hashes regularly using needsRehash()
  3. Use secure algorithms for sensitive data
  4. Monitor algorithm recommendations as security standards evolve
  5. Test algorithm availability in your environment

License

MIT License - see LICENSE file for details.

Contributing

  1. Fork the repository
  2. Create feature branch
  3. Add tests for new functionality
  4. Submit pull request

Support

For issues and questions:

  • GitHub Issues: [repository-url]
  • Documentation: [docs-url]

krzysztofzylka/hash 适用场景与选型建议

krzysztofzylka/hash 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 1.84k 次下载、GitHub Stars 达 0, 最近一次更新时间为 2023 年 12 月 04 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「security」 「hash」 「pbkdf2」 「crypto」 「versioned」 「argon2」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 krzysztofzylka/hash 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 krzysztofzylka/hash 我们能提供哪些服务?
定制开发 / 二次开发

基于 krzysztofzylka/hash 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 1.84k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 18
  • 依赖项目数: 2
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 1
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2023-12-04