added required packages to composer

added security notes
brainfoolong · Jan 15, 2021 · 1ed7d7c · 1ed7d7c
1 parent 229053d
commit 1ed7d7c
Show file tree

Hide file tree

Showing 5 changed files with 16 additions and 6 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1 +1,3 @@
-.idea
+.idea
+vendor
+composer.lock
diff --git a/README.md b/README.md
@@ -2,13 +2,14 @@
 
 A tool to AES encrypt/decrypt data in javascript and/or PHP. You can use it for PHP only, for Javascript only or mix it together. 
 
-It uses default aes-256-cbc implementation with random salts and initialization vector.
+It uses default `aes-256-cbc` implementation with random salts and random initialization vector. This library does not support other ciphers or modes.
 
 ## Features
 * Encrypt any value in Javascript (objects/array/etc...) - Everything that can be passed to `JSON.stringify`
 * Encrypt any value in PHP  (object/array/etc...) - Everything that can be passed to `json_encode`
 * Decrypt in PHP/Javascript, doesn't matter where you have encrypted the values
 
+
 ## How to use
 ###### PHP | See [dist/example-php.php](https://github.com/brainfoolong/cryptojs-aes-php/blob/master/dist/example-php.php)
 You need the file `src/CryptoJsAes.php`
@@ -65,6 +66,11 @@ You need the file `dist/cryptojs-aes.min.js` and `dist/cryptojs-aes-format.js`
 * 7.x
 * 5.x (head to the [legacy branch](https://github.com/brainfoolong/cryptojs-aes-php/tree/legacy))
 
+## Security Notes
+Since the time that this library has been created, encyption technologies has been evolved. Using AES-256-CBC encryption is still good and safe but there are already better alternatives than this library or CryptoJS. If you require really high security than you should invest more time for what is suitable for you.
+
+Also, there's a good article about PHP issues/info related to this library: https://stackoverflow.com/questions/16600708/how-do-you-encrypt-and-decrypt-a-php-string/30159120#30159120
+
 ## Upgrade Info
 Breaking changes: This library has changed to PSR-4 namespaces as of 7. April 2020. Also parameters and behaviour has changed to the previous version. For the old version of this library head to the [legacy branch](https://github.com/brainfoolong/cryptojs-aes-php/tree/legacy).
 

diff --git a/composer.json b/composer.json
@@ -22,8 +22,10 @@
       "Nullix\\CryptoJsAes\\": "src/"
     }
   },
-  "version": "2.1.0",
+  "version": "2.1.1",
   "require": {
-    "php": ">=7.0.0"
+    "php": ">=7.0.0",
+    "ext-openssl": "*",
+    "ext-json": "*"
   }
 }
diff --git a/dist/cryptojs-aes-format.js b/dist/cryptojs-aes-format.js
@@ -1,7 +1,7 @@
 /**
  * AES JSON formatter for CryptoJS
  * @link https://github.com/brainfoolong/cryptojs-aes-php
- * @version 2.1.0
+ * @version 2.1.1
  */
 
 var CryptoJSAesJson = {

diff --git a/src/CryptoJsAes.php b/src/CryptoJsAes.php
@@ -7,7 +7,7 @@
  * PHP 7.x and later supported
  * If you need PHP 5.x support, goto the legacy branch https://github.com/brainfoolong/cryptojs-aes-php/tree/legacy
  * @link https://github.com/brainfoolong/cryptojs-aes-php
- * @version 2.1.0
+ * @version 2.1.1
  */
 class CryptoJsAes
 {