Download the PHP package popphp/pop-crypt without Composer
On this page you can find all versions of the php package popphp/pop-crypt. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download popphp/pop-crypt
More information about popphp/pop-crypt
Files in popphp/pop-crypt
Package pop-crypt
Short Description Pop Crypt Component for Pop PHP Framework
License New BSD
Homepage http://www.popphp.org/
Informations about the package pop-crypt
pop-crypt
END OF LIFE
The pop-crypt
component v2.1.1 is now end-of-life and will no longer be maintained.
OVERVIEW
pop-crypt
provides various interfaces to a assist in creating and verifying encryption hashes.
The supported encryption hashes are:
- Crypt
- Bcrypt
- Md5
- Sha
- Mcrypt (2-way hashing)
pop-crypt
is a component of the Pop PHP Framework.
INSTALL
Install pop-crypt
using Composer.
composer require popphp/pop-crypt
BASIC USAGE
Create and verify a hash with Crypt
Using crypt is the simplest way to create an encrypted hash. It's best to use a strong, random salt for better security.
Create and verify a hash with Bcrypt
Bcrypt is considered one of the stronger methods of creating encrypted hashes. With it, you can specify the prefix and performance cost. The higher the cost, the stronger the hash. However, the higher the cost, the longer it will take to generate the hash. The cost range values are between '04' and '31'.
Again, it's best to use a strong salt for better security. In fact, it's considered a best practice to use a strong random string as the salt, which the Bcrypt class generates automatically for you if you don't specify one.
Create and verify a hash with Md5
This isn't to be confused with the basic md5()
function built into PHP. It is not recommended
to use that function for password hashing as it only generates a 32-character hexadecimal number
and is vulnerable to dictionary attacks.
As before, it's best to use a strong salt for better security. In fact, it's considered a best practice to use a strong random string as the salt. Like Bcrypt, the Md5 class will automatically generate a random salt for you if you don't specify one.
Create and verify a hash with Sha
This isn't to be confused with the basic sha1()
function built into PHP. Like md5()
, it is
not recommended to use that function for password hashing as it only generates a 40-character
hexadecimal number and is vulnerable to dictionary attacks.
With the Sha class, you can set the bits (256 or 515) and rounds (between 1000 and 999999999), which will affect the performance and strength of the hash.
As before, it's best to use a strong salt for better security. In fact, it's considered a best practice to use a strong random string as the salt. Like Bcrypt and Md5, the Sha class will automatically generate a random salt for you if you don't specify one.
Two-way encryption hashing with Mcrypt
Mcrypt provides a way to create a two-way encryption hash, in which you can create an unreadable encrypted hash and then decrypt it later to retrieve the value of it.
You have several parameters that you can set with the Mcrypt class to help control the performance and security of the hashing. These values are set by default, or you can set them yourself:
As with the others, it's best to use a strong salt for better security. In fact, it's considered a best practice to use a strong random string as the salt. Like the others, the Mcrypt class will automatically generate a random salt for you if you don't specify one.
You can then retrieve the value of the hash by decrypting it: