PHPackages kangyasin/signature - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. kangyasin/signature ActiveLibrary[Security](/categories/security) kangyasin/signature =================== 01PHP Since May 16Pushed 2y ago1 watchersCompare [ Source](https://github.com/kangyasin/signature)[ Packagist](https://packagist.org/packages/kangyasin/signature)[ RSS](/packages/kangyasin-signature/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependenciesVersions (1)Used By (0) Laravel signature ================= [](#laravel-signature) Use HMAC or RSA to sign data for Laravel and lumen; [![Latest Stable Version](https://camo.githubusercontent.com/135cef299b1d712ef6421a5d5d1c442c0d34d742b221a625a67b09fba26d55c3/68747470733a2f2f706f7365722e707567782e6f72672f6b616e67796173696e2f7369676e61747572652f76657273696f6e)](https://packagist.org/packages/kangyasin/signature)[![Total Downloads](https://camo.githubusercontent.com/3a9b8b90f5bcbce4c5f3fa268beb10e836b40cd9f46b991ea5fd6b6164f387eb/68747470733a2f2f706f7365722e707567782e6f72672f6b616e67796173696e2f7369676e61747572652f646f776e6c6f616473)](https://packagist.org/packages/kangyasin/signature)[![StyleCI](https://camo.githubusercontent.com/3d979e385be2e6b0c19d90e02e5bb7ac4d6d5899694b184f6ff5a7591854f8fb/68747470733a2f2f7374796c6563692e696f2f7265706f732f37363236313031362f736869656c64)](https://styleci.io/repos/76261016096) Install ------- [](#install) For Laravel < 5.5, please use the tag [0.2.10](https://github.com/kangyasin/signature/tree/v0.2.10) ### laravel [](#laravel) `composer require kangyasin/signature` ### lumen [](#lumen) - bootstrap/app.php ``` $app->register(Kangyasin\Signature\Facade\Signature::class); ``` ### config [](#config) - you can use these in your ENV ``` // default driver SIGNATURE_DRIVER // hmac algo and key SIGNATURE_HMAC_ALGO (default sha256) SIGNATURE_HMAC_KEY (default null) // rsa algo, public_key, private_key SIGNATURE_RSA_ALGO (default sha256) SIGNATURE_RSA_PUBLIC_KEY SIGNATURE_RSA_PRIVATE_KEY ``` - if you want to use config ``` laravel php artisan vendor:publish lumen copy vendor/kangyasin/signature/src/config/config.php config/signature.php ``` Usage ----- [](#usage) sign ``` $signature = Signature::sign('foobar'); $signature = Signature::setKey('foobar')->sign(['foo'=>'bar']); $signature = Signature::signer('hmac') ->setAlgo('sha256') ->setKey('foobar') ->sign(['foo'=>'bar']); $signature = Signature::signer('rsa') ->setPrivateKey('./private.pem') ->sign(['foo'=>'bar']); ``` verify ``` // true or false Signature::verify($signature, 'foobar'); Signature::setKey('foobar')->verify($signature, ['foo'=>'bar']); Signature::signer('hmac') ->setAlgo('sha256') ->setKey('foobar') ->verify($sign, ['foo'=>'bar']); Signature::signer('rsa') ->setPublicKey('./public.pem') ->verify($signature, ['foo'=>'bar']); ``` Sign Steps ---------- [](#sign-steps) - convert array data ``` // origin $data = [ 'z' => 1, 'a' => [ 'c' => 'c', 'b' => 'b', 'a' => [ 'b' => 'b', 'a' => 'a' ] ], ]; // ksort and convert to string $data = [ 'a' => [ 'a' => [ 'a' => 'a' 'b' => 'b', ] 'b' => 'b', 'c' => 'c', ], 'z' => '1', ]; // json_encode {"a":{"a":{"a":"a","b":"b"},"b":"b","c":"c"},"z":"1"} ``` - sign string。 ``` hmac => hmac($algo, $convertData, $key); // outputs lowercase hexits rsa => base64_encode(openssl_sign_string); ``` License ------- [](#license) [MIT LICENSE](https://github.com/kangyasin/signature/blob/master/LICENSE) ### Health Score 13 — LowBetter than 1% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity1 Limited adoption so far Community7 Small or concentrated contributor base Maturity22 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/f27d8c7aa02ab1a94bb0c1c172a3159d3d203cd0d19c7042f1747b05b755534d?d=identicon)[kangyasin](/maintainers/kangyasin) --- Top Contributors [![kangyasin](https://avatars.githubusercontent.com/u/31263789?v=4)](https://github.com/kangyasin "kangyasin (2 commits)") ### Embed Badge ![Health badge](/badges/kangyasin-signature/health.svg) ``` [![Health](https://phpackages.com/badges/kangyasin-signature/health.svg)](https://phpackages.com/packages/kangyasin-signature) ``` ### Alternatives [defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[roave/security-advisories Prevents installation of composer packages with known security vulnerabilities: no API, simply require it 2.9k97.3M6.4k](/packages/roave-security-advisories)[mews/purifier Laravel 5/6/7/8/9/10 HtmlPurifier Package 2.0k16.7M113](/packages/mews-purifier)[robrichards/xmlseclibs A PHP library for XML Security 41278.1M118](/packages/robrichards-xmlseclibs)[bjeavons/zxcvbn-php Realistic password strength estimation PHP library based on Zxcvbn JS 86917.5M63](/packages/bjeavons-zxcvbn-php)[enlightn/security-checker A PHP dependency vulnerabilities scanner based on the Security Advisories Database. 33732.2M110](/packages/enlightn-security-checker) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)