Download the PHP package shawm11/iron-crypto without Composer

On this page you can find all versions of the php package shawm11/iron-crypto. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of shawm11/iron-crypto

Informations about the package iron-crypto

Iron Crypto PHP

Version Number PHP Version

A PHP implementation of the 7.0.1 version of the iron cryptographic utility.

[!IMPORTANT] iron is one of those rare projects that can be considered "complete". This means that changes to this repository be infrequent because only the development dependencies may need to be updated once every few years.

If there is a bug or error in the documentation, please create an issue. The issue will receive a response or be resolved as soon as possible.

Table of Contents

What is iron?

According to the iron API:

iron is a cryptographic utility for sealing a JSON object using symmetric key encryption with message integrity verification. Or in other words, it lets you encrypt an object, send it around (in cookies, authentication credentials, etc.), then receive it back and decrypt it. The algorithm ensures that the message was not tampered with, and also provides a simple mechanism for password rotation.

iron can be considered as an alternative to JSON Web Tokens (JWT). Check out this iron issue for a small discussion of the difference between iron and JWT.

[!TIP] iron is often spelled in all lowercase letters; however, the i is capitalized in the class names in this package.

Getting Started

Prerequisites

Installation

Download and install using Composer:

Usage

Iron vs Iron2 Classes

Either the Iron or Iron2 class can be used to seal or unseal iron strings. The Iron2 class includes a fix for an issue with PDKDF2, so it is a bit more secure than the Iron class. However, the iron strings Iron and Iron2 are not compatible with each other. The MAC format version in the sealed string created using Iron2 is 2.1 instead of 2 to indicate the incompatibility.

iron strings created using the Iron class can be unsealed by other iron implementations and it can unseal iron strings from other implementations. This is not true for the Iron2 class.

In summary, use the Iron2 class (RECOMMENDED) if:

and use the Iron class if:

Demonstration

Suppose we want to "seal" this array:

Using this password: some_not_random_password_that_is_at_least_32_characters

Sealing with Iron2::seal() would give us:

Notice how the output begins with Fe26.2.1**.

On the other hand, sealing with Iron::seal() would give us:

Notice how this output begins with Fe26.2** instead of Fe26.2.1**.

Now, suppose we want to seal that same array with one of the passwords in a collection. Doing this allows for increased security through password rotation.

We will choose one of the passwords in our collection to seal the array above:

This gives us:

Notice how the output begins with Fe26.2.1*2* instead of Fe26.2.1**. That extra 2 is the password ID, which, in this case, is the index of our chosen password in the password collection.

Code Examples

API

See the API Reference for details about the API.

Security Considerations

See the Security Considerations section of iron's API document.

Related Projects

Contributing/Development

Please read CONTRIBUTING.md for details on coding style, Git commit message guidelines, and other development information.

Versioning

This project uses SemVer for versioning. For the versions available, see the tags on this repository.

License

This project is open-sourced software licensed under the MIT license.

All versions of iron-crypto with dependencies

PHP Build Version
Package Version
Requires php Version >=5.5.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package shawm11/iron-crypto contains the following files

Loading the files please wait ....