PHPackages miranj/craft-cryptographer - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Templating & Views](/categories/templating) 4. / 5. miranj/craft-cryptographer ActiveCraft-plugin[Templating & Views](/categories/templating) miranj/craft-cryptographer ========================== Adds Twig filters to perform cryptographic operations. 1.2.0(2y ago)1412.4k—0%2[2 issues](https://github.com/miranj/craft-cryptographer/issues)MITPHPPHP ^7.2.5 || ^8.0 Since Mar 15Pushed 2y ago1 watchersCompare [ Source](https://github.com/miranj/craft-cryptographer)[ Packagist](https://packagist.org/packages/miranj/craft-cryptographer)[ RSS](/packages/miranj-craft-cryptographer/feed)WikiDiscussions v1 Synced 1mo ago READMEChangelog (1)Dependencies (4)Versions (8)Used By (0) [![Cryptographer icon](./src/icon.svg)](./src/icon.svg) Cryptographer ============= [](#cryptographer) A [Craft CMS](https://craftcms.com/) plugin that adds [Twig](https://twig.symfony.com/) filters to encrypt and decrypt content via URL-safe strings. Useful for situations such as: - Generating single-use URLs, such as for private pages - Masking numeric IDs like 521 as strings, as in [`youtube.com/watch?v=dQw4w9WgXcQ`](https://youtube.com/watch?v=dQw4w9WgXcQ) - Generating URLs for users or entries without revealing their usernames, slugs or IDs Contents -------- [](#contents) - [Usage](#usage) - [Secure Encryption](#secure-encryption) - [Masking Numbers](#masking-numbers) - [Legacy Methods](#legacy-methods) - [Configuration](#configuration) - [Installation](#installation) - [Requirements](#requirements) - [Changelog](./CHANGELOG.md) - [Contributors](https://github.com/miranj/craft-cryptographer/graphs/contributors) - [License](./LICENSE) Usage ----- [](#usage) Cryptographer offers two broad options to transform data into ciphertext, and back from ciphertext to original data. One is cryptographically secure and based on Craft's [security component](https://docs.craftcms.com/api/v3/craft-services-security.html) (which is in turn [based on Yii's](https://www.yiiframework.com/doc/guide/2.0/en/security-cryptography)). The other is *not secure* and based on the popular [Hashids](https://hashids.org/php/) library. Both options produce URL-safe strings. ### Secure Encryption [](#secure-encryption) Use this method to encrypt sensitive information. It differs from the native [`encenc`](https://docs.craftcms.com/v3/dev/filters.html#encenc) filter in that the output is always a URL-safe string. Note that the cipher generated each time will be different. So this is good for generating single use tokens, but not a good candidate for generating permanent URLs. #### Templating [](#templating) ``` {{ 'Sensitive data' | encrypt }} {{ 'Y3J5cHQ64Q8YoiXmSUYq6c2mcg6YjmVjNTBkNGViNmE4M2FiNTVmYTdkZTUyYjJhZmNjNzY5NWRiNDc5M2ExNzRhZTE1ZWZmMjU2NzFkMDNhMzEyZWIX9Rj4f4vOKB2XCljjXha3aKfJw4c6D-T7zMoXhKpeFw==' | decrypt }} ``` #### API [](#api) ``` $ciphertext = \miranj\cryptographer\Plugin::getInstance()->cryptographer->encrypt('Sensitive data'); $originaltext = \miranj\cryptographer\Plugin::getInstance()->cryptographer->decrypt($ciphertext); ``` ### Masking Numbers [](#masking-numbers) *Important: This method should not be considered cryptographically secure. Avoid using it for encoding sensitive data like passwords.* This method converts numbers like 457 into strings like `'qan8deK8'`. Use this method to mask numbers such as element IDs (or a list of IDs) for use inside URLs. It is a wrapper for the popular [Hashids](https://hashids.org/php/) library. #### Templating [](#templating-1) ``` {{ user.id | maskNumbers }} {{ 'qan8deK8' | unmaskNumbers }} ``` #### API [](#api-1) ``` $mask = \miranj\cryptographer\Plugin::getInstance()->cryptographer->maskNumbers([521]); $numbers = \miranj\cryptographer\Plugin::getInstance()->cryptographer->unmaskNumbers('qan8deK8'); ``` ### Legacy Methods [](#legacy-methods) *Important: This method should not be considered cryptographically secure. Avoid using it for encoding sensitive data like passwords.* Cryptographer provides a third method of masking and unmasking strings which is deprecated in v1.x. It is offerred purely for backwards compatibility of sites that were using the Craft 2 version of this plugin (v0.x) and have content that needs to be converted back to the original. #### `maskLegacy` [](#masklegacy) ``` {{ 'Do not use for sensitive data' | maskLegacy }} {{ 'Do not use for sensitive data' | maskLegacy | url_encode }} {{ 'Do not use for sensitive data' | maskLegacy('AES-128-CFB') }} ``` This filter takes two optional arguments. - `$method` — Cipher method to be used. Possible methods can be determined using [`openssl_get_cipher_methods()`](http://php.net/manual/en/function.openssl-get-cipher-methods.php). By default the `AES-256-CBC` method is used. - `$iv` — The initialisation vector. If no initialisation vector is provided, a random value is used every time. #### `unmaskLegacy` [](#unmasklegacy) ``` {{ '66e46cfa6029c1484jTssikEhQXOk4BvYXWfu1M82R3Ifh1kVxQYmxoGwKc=' | unmaskLegacy }} {{ '9b3c72940c8318b7dGbekO6uMVIAxk7UFA1f0A5tTuoqBo1Vn0jRb3ZjN54=' | unmaskLegacy('AES-128-CBC') }} ``` This filter takes one optional argument. - `$method` — Cipher method to be used. Possible methods can be determined using [`openssl_get_cipher_methods()`](http://php.net/manual/en/function.openssl-get-cipher-methods.php). By default the `AES-256-CBC` method is used. Configuration ------------- [](#configuration) To configue Cryptographer, create a `cryptographer.php` file in your [`config/`](https://docs.craftcms.com/v3/config/) folder, which returns an array. This file supports Craft's standard [multi-environment configurations](https://docs.craftcms.com/v3/config/environments.html#multi-environment-configs). Here is a sample config file along with a list of all possible settings and their default values: ```