|
| 1 | +Cryptography Abstraction Layer |
| 2 | +============================== |
| 3 | + |
| 4 | +Rationale |
| 5 | +--------- |
| 6 | + |
| 7 | +There are several extensions & libraries that provide cryptography primitives |
| 8 | +for PHP: |
| 9 | + |
| 10 | +* the legacy `mcrypt <http://php.net/mcrypt>`_ extension |
| 11 | +* the `OpenSSL <http://php.net/openssl>`_ extension |
| 12 | +* the `libsodium <https://github.com/jedisct1/libsodium-php>`_ extension |
| 13 | +* my very own `tomcrypt <https://github.com/fpoirotte/tomcrypt>`_ extension |
| 14 | +* and probably others... |
| 15 | + |
| 16 | +Although these extensions all provide roughtly the same features, |
| 17 | +the programmatic interface they expose is very different. |
| 18 | + |
| 19 | +This project exists is comprised of a unified API (this package), |
| 20 | +which serves to abstract those differences away, and various packages |
| 21 | +that provide implementations for the unified interface |
| 22 | +(see `https://packagist.org/providers/psr/log-implementation`_ for a list |
| 23 | +of all available implementations). |
| 24 | + |
| 25 | + |
| 26 | +How to use it? |
| 27 | +-------------- |
| 28 | + |
| 29 | +First, add a requirement in your own project on either: |
| 30 | + |
| 31 | +* ``fpoirotte/cryptal-implementation`` to let Composer select a compatible |
| 32 | + implementation automatically for your PHP installation. |
| 33 | + |
| 34 | +* Or a specific implementation if you want to precisely control which |
| 35 | + implementation is used. |
| 36 | + Again, see `https://packagist.org/providers/psr/log-implementation`_ |
| 37 | + for a list of available implementations. |
| 38 | + |
| 39 | +Then, whenever you would like to apply some cryptographic operation, |
| 40 | +retrieve an instance of the implementation using the following snippet: |
| 41 | + |
| 42 | +.. sourcecode:: php |
| 43 | + |
| 44 | + <?php |
| 45 | + |
| 46 | + // One of the CIPHER_* constants from \fpoirotte\Cryptal\CryptoInterface |
| 47 | + $cipher = CIPHER_AES; |
| 48 | + |
| 49 | + // One of the MODE_* constants from \fpoirotte\Cryptal\CryptoInterface |
| 50 | + $cipher = MODE_CBC; |
| 51 | + |
| 52 | + $impl = \fpoirotte\Cryptal\CryptoFactory::getImplementation($cipher, mode); |
| 53 | + |
| 54 | + ?> |
| 55 | + |
| 56 | +Now, use whatever method you need to from the interface. |
| 57 | +For example: |
| 58 | + |
| 59 | +.. sourcecode:: php |
| 60 | + |
| 61 | + <?php |
| 62 | + |
| 63 | + // Generate an appropriate Initialization Vector |
| 64 | + $iv = openssl_random_pseudo_bytes($impl->getIVSize(), true); |
| 65 | + |
| 66 | + // Define a secret key of an appropriate size |
| 67 | + // for the cipher we're using. |
| 68 | + // Eg. 16 bytes for AES-128. |
| 69 | + $key = "Use a secret key"; |
| 70 | + |
| 71 | + // The plaintext's length should be a multiple of the cipher's block size. |
| 72 | + // Again, that's 16 bytes for AES. |
| 73 | + // Use $impl->getBlockSize() if necessary to retrieve the block size. |
| 74 | + $plaintext = "Some secret text"; |
| 75 | + var_dump(bin2hex($plaintext)); |
| 76 | + |
| 77 | + $ciphertext = $impl->encrypt($iv, $key, $plaintext); |
| 78 | + var_dump(bin2hex($ciphertext)); |
| 79 | + |
| 80 | + $decoded = $impl->decrypt($iv, $key, $ciphertext); |
| 81 | + var_dump(bin2hex($decoded)); |
| 82 | + |
| 83 | + ?> |
| 84 | + |
| 85 | + |
| 86 | +How to contribute a new implementation? |
| 87 | +--------------------------------------- |
| 88 | + |
| 89 | +New implementations MUST be delivered as Composer packages. |
| 90 | +Each such package MUST: |
| 91 | + |
| 92 | +* Provide a concrete implementation for every interface in this package |
| 93 | +* Name the entry point for the implementation (the class that implements |
| 94 | + the ``\fpoirotte\Cryptal\CryptoInterface`` interface) |
| 95 | + ``\fpoirotte\Cryptal\Implemenration``. |
| 96 | +* Add ``fpoirotte/cryptal`` to their requirements |
| 97 | +* Add ``fpoirotte/cryptal-implementation`` to their provides |
| 98 | + |
| 99 | + |
| 100 | + |
0 commit comments