Skip to content
/ laravel-crypto Public

Laravel wrapper for common hashing algorithms used in web applications

License

MIT license
17 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

MalusevDevelopment/laravel-crypto

BranchesTags

Repository files navigation

Laravel Crypto

Run Tests GitHub issues GitHub stars GitHub license

What's Laravel Crypto and why should I use it?

Laravel Crypto is a library that provides easy to use API for most common cryptographic functions. It is designed to be easy to use and secure. It uses the best and most secure algorithms available today.

Laravel's default encryption is secure, but it is slow. Laravel Crypto provides faster and more secure algorithms for encryption and hashing. It's drop in replacement for Laravel's EncryptionServiceProvider and it uses libsodium under the hood. As long as you use default laravel encryption, you don't need to change anything in your code.

Getting started

Installing

composer require codelieutenant/laravel-crypto

Publishing config file

php artisan vendor:publish --provider="CodeLieutenant\LaravelCrypto\ServiceProvider"

Replacing Laravel's EncryptionServiceProvider with LaravelCrypto's ServiceProvider

In order to activate this package, you need to replace Laravel's EncryptionServiceProvider with LaravelCryptoServiceProvider.

In config/app.php replace Illuminate\Encryption\EncryptionServiceProvider::class with CodeLieutenant\LaravelCrypto\ServiceProvider::class Depending on the laravel version you are using, you can do it in two ways.

Laravel 9.0 and above:

use CodeLieutenant\LaravelCrypto\ServiceProvider as LaravelCryptoServiceProvider;
use Illuminate\Encryption\EncryptionServiceProvider as LaravelEncryptionServiceProvider;

// ...
'providers' => ServiceProvider::defaultProviders()
+    ->replace([
+        LaravelEncryptionServiceProvider::class => LaravelCryptoServiceProvider::class,
+    ])
    ->merge([
     // ...
    ])
    ->toArray(),

// ...

Laravel 8.0:

use CodeLieutenant\LaravelCrypto\ServiceProvider as LaravelCryptoServiceProvider;

'providers' => [
    // ...
-   Illuminate\Encryption\EncryptionServiceProvider::class,
+   LaravelCryptoServiceProvider::class,
    // ...
],

Configuration

In order to use Laravel Crypto, you need to change cipher in the config/app.php file. Possible values:

Unique to Laravel Crypto:

  • Sodium_AES256GCM
  • Sodium_XChaCha20Poly1305
  • Sodium_AEGIS128 (Planned on php8.4)
  • Sodium_AEGIS256 (Planned on php8.4)

Coming from Laravel Encryption (supported as LaravelCrypto falls back to EncryptionServiceProvider implementation):

  • AES-256-GCM
  • AES-128-GCM
  • AES-256-CBC (default)
  • AES-128-CBC
'cipher' => 'Sodium_AES256GCM',

Generating Keys

For encryption Laravel command php artisan key:generate is good and can be used, but since this package can be used for hashing and signing the data, command for generating keys is provided.

php artisan crypto:keys

It generates backwards compatible keys for laravel cipher configuration and keys for Sodium algorithms. There are multiple option for this command, you can check them by running php artisan crypto:keys --help, so this command can be used as a drop in replacement for key:generate.

Using in existing laravel project

This package does not provide backward compatibility with Laravel's default encryption (if configuration is changed). If you want to use Laravel Crypto in an existing project, you need to re-encrypt all your data.

About

Laravel wrapper for common hashing algorithms used in web applications

Topics

hashing laravel cryptography algorithm base64 base64url random-generation blake2b sha256 programmers hashing-algorithms blake2b-hash-algorithm

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

17 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases 7

v1.0.1 Latest
Mar 15, 2024
+ 6 releases

Sponsor this project

 
Learn more about GitHub Sponsors

Packages

No packages published

Languages