定制 mmeyer2k/dcrypt 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

mmeyer2k/dcrypt

Composer 安装命令:

composer require mmeyer2k/dcrypt

包简介

A petite library of encryption functionality for PHP

README 文档

README

Build Status Code Coverage Scrutinizer Code Quality Code Climate GPA License Latest Stable Version

A petite library of essential encryption functions for PHP 7.1+. For legacy PHP version support, look here.

Install

Add dcrypt to your composer.json file requirements. Don't worry, dcrypt does not have any dependencies of its own.

composer require "mmeyer2k/dcrypt:^13.2"

Block Ciphers

The dcrypt library helps application developers avoid common mistakes in crypto implementations that leave data at risk.

Specification document

Keys

Safe usage of dcrypt's block cipher functions requires the use of a high entropy 256 bit (minimum) key. Keys should be passed into dcrypt in base64 encoded format. You are responsible for the randomness of your key!

Generate a new key on the linux CLI:

head -c 32 /dev/urandom | base64 -w 0 | xargs echo

Or with PHP...

<?php
$key = \Dcrypt\OpensslKey::create(32);

AES-256 GCM Encryption

Since PHP 7.1 supports native AEAD encryption modes, using GCM would be safest option for most applications. Dcrypt will handle the AEAD authentication tag, SHA3-256 HMAC, initialization vector and encrypted message as a single unencoded string.

<?php
$key = '[...BASE64 KEY...]';

$encrypted = \Dcrypt\Aes::encrypt('a secret', $key);

$plaintext = \Dcrypt\Aes::decrypt($encrypted, $key);

If in doubt, use this example and don't read any further!

Other AES-256 Modes

If you read to this point then you are an experienced cryptonaut, congrats! 👌 🤘

Several AES-256 encryption modes are supported out of the box via hardcoded classes.

Class Name OpenSSL Cipher Security Rating Further Reading
Aes256Gcm or Aes aes-256-gcm 😃 wiki
Aes256Ctr aes-256-ctr ☺️ wiki
Aes256Cbc aes-256-cbc 😑 wiki
Aes256Ofb aes-256-ofb 😬 wiki
Aes256Cfb aes-256-cfb 😯 wiki
Aes256Ccm aes-256-ccm 😲 wiki
Aes256Ecb aes-256-ecb 😡 wiki

Custom Encryption Suites

Dcrypt is compatible with most OpenSSL ciphers and hashing algorithms supported by PHP. Run openssl_get_cipher_methods() and hash_algos() to view supported options on your platform.

Static Wrapper

Use any cipher/algo combination by calling the OpensslStatic class.

<?php
$encrypted = \Dcrypt\OpensslStatic::encrypt('a secret', $key, 'bf-ofb', 'crc32');

$plaintext = \Dcrypt\OpensslStatic::decrypt($encrypted, $key, 'bf-ofb', 'crc32');

Class Overloading

Dcrypt's internal functions are easily extendable by overloading the OpensslBridge class.

<?php
class BlowfishCrc32 extends \Dcrypt\OpensslBridge 
{
    const CIPHER = 'bf-ofb';

    const ALGO = 'crc32';
}

$encrypted = BlowfishCrc32::encrypt('a secret', $key);

$plaintext = BlowfishCrc32::decrypt($encrypted, $key);

Layered Encryption Factory

Feeling especially paranoid? Not sure which cipher methods and algos can be trusted? Why not try all of them.

<?php
$stack = (new \Dcrypt\OpensslStack($key))
    ->add('aes-256-ecb', 'snefru')
    ->add('aes-256-ofb', 'sha224')
    ->add('aes-256-cbc', 'sha256')
    ->add('aes-256-ctr', 'sha384')
    ->add('aes-256-gcm', 'sha512');

$encrypted = $stack->encrypt('a secret');

$plaintext = $stack->decrypt($encrypted);

Message Authenticity Checking

By default, \Dcrypt\Exceptions\InvalidChecksumException exception will be raised before decryption is allowed to proceed when the supplied checksum is not valid.

<?php
try {
    $decrypted = \Dcrypt\Aes::decrypt('malformed cyphertext', $key);
} catch (\Dcrypt\Exceptions\InvalidChecksumException $ex) {
    // ...
}

Stream Ciphers

Be sure you understand the risks and inherent issues of using a stream cipher before proceeding.

One Time Pad

A novel counter-based stream cipher. OneTimePad uses SHA3-512 to output a keystream that is ⊕'d with the input in 512 bit chunks.

Specification document

<?php
$encrypted = \Dcrypt\OneTimePad::crypt('a secret', $key);

$plaintext = \Dcrypt\OneTimePad::crypt($encrypted, $key);

OneTimePad can use any hashing algorithm to generate the pseudorandom keystream.

<?php
$encrypted = \Dcrypt\OneTimePad::crypt('a secret', $key, 'whirlpool');

$plaintext = \Dcrypt\OneTimePad::crypt($encrypted, $key, 'whirlpool');

String Helpers

Generate random base62 string tokens with specified number of characters.

$token = \Dcrypt\Str::token(10);

Compare 2 strings in a time-safe manner.

$equal = \Dcrypt\Str::equal($known, $given);

Show me some love 😍🍺

Developing dcrypt has been a great journey for many years. If you find dcrypt useful, please consider donating.

LTC LN97LrLCNiv14V6fntp247H2pj9UiFzUQZ
BTC 3N7vhA6ghWb1VrP4nGA6m6mzA9T2ASCVEj
ETH 0xe14a56046f28fCEF56A0EA4a84973bDdFF546923

Or please consider checking out my dcrypt inspired encryption library for .NET, check out harpocrates.

mmeyer2k/dcrypt 适用场景与选型建议

mmeyer2k/dcrypt 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 791.05k 次下载、GitHub Stars 达 97, 最近一次更新时间为 2015 年 06 月 20 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「encryption」 「aes」 「gcm」 「openssl」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 mmeyer2k/dcrypt 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 mmeyer2k/dcrypt 我们能提供哪些服务?
定制开发 / 二次开发

基于 mmeyer2k/dcrypt 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 791.05k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 98
  • 点击次数: 35
  • 依赖项目数: 1
  • 推荐数: 0

GitHub 信息

  • Stars: 97
  • Watchers: 4
  • Forks: 8
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2015-06-20