This package makes it possible to create (very) secure messages and store them in, for example, your database. A secure message is encrypted with a combination of three key 'parts':
- A "database key" - to be saved in a database.
- A "storage key" - to be stored on a disk/filesystem.
- A "verification code" - this code should not be stored anywhere.
This way, if an attacker has access to the database, it still has only access to a small part of the complete key. The same goes if an attacker has access to the file storage. Even if an attacker has access to the database and the file storage, a part of the complete key is still missing.
The verification code can be sent (securely) to the receiver of the secure message and with this code, it can decrypt the message and read it.
This package requires at least PHP 7.3 with the sodium extension enabled.
Via Composer
$ composer require exonet/securemessage
// Create the factory.
$secureMessageFactory = new Exonet\SecureMessage\Factory();
// Set the (application wide) meta key.
$secureMessageFactory->setMetaKey('A_10_random_characters_long_key.');
// Create a new SecureMessage. Note: it is not encrypted yet!
$secureMessage = $secureMessageFactory->make('Hello, world!');
// Encrypt the Secure Message.
$encryptedMessage = $secureMessage->encrypt();
Please see the /docs
folder for complete documentation and additional examples.
Please see releases for more information on what has changed recently.
$ composer test
Please see CONTRIBUTING and CODE_OF_CONDUCT for details.
If you discover any security related issues please email development@exonet.nl instead of using the issue tracker.
The MIT License (MIT). Please see License File for more information.