Download the PHP package softcreatr/wsc-crypto-php without Composer
On this page you can find all versions of the php package softcreatr/wsc-crypto-php. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download softcreatr/wsc-crypto-php
More information about softcreatr/wsc-crypto-php
Files in softcreatr/wsc-crypto-php
Package wsc-crypto-php
Short Description PoC of cryptographic utility functions for WoltLab Suite Core, implemented in PHP.
License ISC
Informations about the package wsc-crypto-php
wsc-crypto-php
PoC of cryptographic utility functions for WoltLab Suite Core, implemented in PHP.
Overview
This project provides cryptographic helper functions, including:
- Creating secure signatures based on the Keyed-Hash Message Authentication Code (HMAC) algorithm.
- Base64 encoding and decoding without cache-timing leaks.
- Parsing and verifying signed strings to ensure data integrity and authenticity.
Installation
Use Composer to install the package:
Usage
For detailed usage examples, please refer to the examples directory.
Examples
- Creating and Verifying a Signed String
- Handling a Session Cookie
- Parsing a Signed String Directly
Testing
The project includes a comprehensive test suite using PHPUnit.
Running Tests
-
Install Dependencies:
Ensure all dependencies are installed via Composer:
-
Run PHPUnit with Coverage:
Execute the following command to run your tests and generate an HTML coverage report:
-
View Coverage Report:
Open
coverage/index.html
in your browser to view detailed coverage statistics.
License
This project is licensed under the ISC License. See the LICENSE file for details.
Author
- Sascha Greuel
- Email: [email protected]
- GitHub: SoftCreatR
Security Considerations
- Protect the
signatureSecret
: Ensure that the signature secret is stored securely and not exposed in version control or logs. - Validate Inputs: Always validate and sanitize inputs when dealing with signed strings to prevent security vulnerabilities.
Contributing
Contributions are welcome! Please open issues or submit pull requests for improvements and bug fixes.
Acknowledgments
- ParagonIE for their constant-time encoding library.
- Inspired by WoltLab's WCF Crypto utilities.