PHP download

Download the PHP package yarri/my-blowfish without Composer

On this page you can find all versions of the php package yarri/my-blowfish. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download yarri/my-blowfish
More information about yarri/my-blowfish
Files in yarri/my-blowfish

Vendor yarri
Package my-blowfish
Short Description Simple class for passwords hashing and checking using Blowfish algorithm
License MIT
Homepage https://github.com/yarri/MyBlowfish

Keywords password hash hashing blowfish passwords

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Informations about the package my-blowfish

MyBlowfish

MyBlowfish is a simple PHP class for passwords hashing and checking using Blowfish algorithm. It is fully tested in PHP from version 5.3 to 8.0.

It was originally developed for ATK14 Framework. But it can be fit in any other application.

Basic usage

$password = "honeyBump";
MyBlowfish::IsHash($password); // false

$hash = MyBlowfish::Filter($password);
MyBlowfish::IsHash($hash); // true

// A different salt is used automatically in another call of Filter().
// So the new hash from the same password differs from the old one.
$hash2 = MyBlowfish::Filter($password); // $hash2 !== $hash

// Filter() doesn't make hash from a hash!
$hash3 = MyBlowfish::Filter($hash); // $hash3 === $hash

// There is also method GetHash() which makes hash in every case.
$hash4 = MyBlowfish::GetHash($hash); // $hash4 !== $hash

MyBlowfish::CheckPassword($password,$hash); // true
MyBlowfish::CheckPassword("badTry",$hash); // false
MyBlowfish::CheckPassword($hash,$hash); // false

MyBlowfish::CheckPassword($password,$hash2); // true

MyBlowfish::CheckPassword($password,$hash4); // false
MyBlowfish::CheckPassword($hash,$hash4); // true

MyBlowfish::CheckPassword($password,$password); // false; 2nd params is not a blowfish hash

Blowfish rounds

Complexity of calculation of a Blowfish hash can be affected by the number of Blowfish rounds. The higher value of Blowfish rounds is, the more time consumption the password cracking process can be. In MyBlowfish the default value is set to 12.

Number of Blowfish rounds can be set by the constant MY_BLOWFISH_ROUNDS.

// min .. 4
// max .. 31
// optimal .. 10, 11, 12
// default .. 12
define('MY_BLOWFISH_ROUNDS',12);

Beware that high values of Blowfish rounds may lead to unwanted long time of hash calculation.

Blowfish hash prefixes

Blowfish hashes are prefixed either with $2a$, $2b$ or $2y$. MyBlowfish can handle all of them.

Default prefix can be set by the constant MY_BLOWFISH_PREFIX. By default it is $2a$.

// default .. '$2a$'
define('MY_BLOWFISH_PREFIX','$2b$');

Popular integration into a ATK14 project

Consider a table 'users' which has among the others textual fields 'login' and 'password'. In the field 'password' we don't want to store passwords in the readable form. We just want to store Blowfish hashes in there. This can be achieved in the model class User.

<?php
// file: app/models/user.php
class User extends ApplicationModel {

  /**
   * During a new user creation it provides transparent password hashing when it's needed
   *
   *    $user = User::CreateNewRecord([
   *      "login" => "rambo",
   *      "password" => "secret123"
   *    ]);
   */
  static function CreateNewRecord($values,$options = []){
    if(isset($values["password"])){
      $values["password"] = MyBlowfish::Filter($values["password"]);
    }
    return parent::CreateNewRecord($values,$options);
  }

  /**
   * It provides transparent password hashing during setting new values
   *
   *    $rambo->setValues(["password" => "newModelArmy"]);
   */
  function setValues($values,$options = []){
    if(isset($values["password"])){
      $values["password"] = MyBlowfish::Filter($values["password"]);
    }
    return parent::setValues($values,$options);
  }

  /**
   * Returns user when a correct combination of login and password is given.
   *
   *    $user = User::Login("rambo","secret123");
   */
  static function Login($login,$password){
    $user = User::FindByLogin($login);
    if(!$user){ return; }
    if(MyBlowfish::CheckPassword($password,$user->getPassword())){
      return $user;
    }
  }
}

Let's test it in the ATK14 console:

php > $user = User::CreateNewRecord(['login' => 'rambo', 'password' => 'secret123']);
php > echo $user->getPassword();
$2a$12$w984Nf6g67ZZKqvXgQWqwuj4mOn9Ptmw.dMNs/A7G9Cj/mt/w5buy
php > $user->setValue('password','newModelArmy');
php > echo $user->getPassword();
$2a$12$2ljCknUGAtf5lSAo0txoFO9qqGH2dxLDr31Ii4VSHca0Zb8cHZZgu
php > $user->setValue('password','$2a$12$2ljCknUGAtf5lSAo0txoFO9qqGH2dxLDr31Ii4VSHca0Zb8cHZZgu');
php > echo $user->getPassword();
$2a$12$2ljCknUGAtf5lSAo0txoFO9qqGH2dxLDr31Ii4VSHca0Zb8cHZZgu

Installation

The best way how to install MyBlowfish is to use the Composer:

composer require yarri/my-blowfish

License

MyBlowfish is free software distributed under the terms of the MIT license

All versions of my-blowfish with dependencies

PHP Build Version

Package Version

Version v1.4.1 Release 24. Feb 2020
create-project require 15 people chose require and
0 people chose create-project.

Download

Download latest version of my-blowfish from vendor yarri

Requires php Version >=5.3.0

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package yarri/my-blowfish contains the following files

Loading the files please wait ....