PHPackages popphp/pop-crypt - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. popphp/pop-crypt ActiveLibrary[Security](/categories/security) popphp/pop-crypt ================ Pop Crypt Component for Pop PHP Framework 3.0.1(5mo ago)21.9k↓33.3%2BSD-3-ClausePHPPHP >=8.3.0CI passing Since Jul 16Pushed 5mo ago1 watchersCompare [ Source](https://github.com/popphp/pop-crypt)[ Packagist](https://packagist.org/packages/popphp/pop-crypt)[ Docs](https://github.com/popphp/pop-crypt)[ RSS](/packages/popphp-pop-crypt/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (9)Dependencies (1)Versions (12)Used By (2) pop-crypt ========= [](#pop-crypt) [![Build Status](https://github.com/popphp/pop-crypt/workflows/phpunit/badge.svg)](https://github.com/popphp/pop-crypt/actions)[![Coverage Status](https://camo.githubusercontent.com/c5efdd9b395a82119d4be991193f72d662496c9b891201ff8197355a95f9887a/687474703a2f2f63632e706f707068702e6f72672f636f7665726167652e7068703f636f6d703d706f702d6372797074)](http://cc.popphp.org/pop-crypt/) [![Join the chat at https://discord.gg/TZjgT74U7E](https://camo.githubusercontent.com/acad7b0eeb78b78d08ffd2b85681ab243436388b5f86f8bcb956a69246e53739/68747470733a2f2f6d656469612e706f707068702e6f72672f696d672f646973636f72642e737667)](https://discord.gg/TZjgT74U7E) - [Overview](#overview) - [Install](#install) - [Quickstart](#quickstart) - [Hashing](#hashing) - [Encryption](#encryption) Overview -------- [](#overview) `pop-crypt` provides various interfaces to assist in encrypting and decrypting secure hashes or creating and verifying one-way password hashes. `pop-crypt` is a component of the [Pop PHP Framework](http://www.popphp.org/). Install ------- [](#install) Install `pop-crypt` using Composer. ``` composer require popphp/pop-crypt ``` Or, require it in your composer.json file ``` "require": { "popphp/pop-crypt" : "^3.0.0" } ``` [Top](#pop-crypt) Quickstart ---------- [](#quickstart) Create a password hash: ``` use Pop\Crypt\Hashing; $hasher = Hashing\BcryptHasher::create(); $hashedValue = $hasher->make('password'); if ($hasher->verify('password', $hashedValue)) { echo 'You shall pass!' . PHP_EOL; } else { echo 'YOU SHALL NOT PASS!' . PHP_EOL; } ``` Create an encrypted value: ``` use Pop\Crypt\Encryption; $encrypter = new Encryption\Encrypter($mySecureKey, 'aes-256-cbc'); // Returns a base-64 encoded string of the encrypted data $encryptedData = $encrypter->encrypt('SENSITIVE_DATA'); // Returns the valid, decrypted data try { $decryptedData = $encrypter->decrypt($encryptedData); // Else, throws an error exception is something is incorrect or invalid } catch (\Exception $e) { echo $e->getMessage(); } ``` [Top](#pop-crypt) Hashing ------- [](#hashing) The standard PHP password hashing algorithms are supported: - `PASSWORD_BCRYPT` - `PASSWORD_ARGON2I` - `PASSWORD_ARGON2ID` The `PASSWORD_BCRYPT` algorithm supports the `cost` option. The `salt` has been deprecated as of PHP 8.0.0. The `PASSWORD_ARGON2I` and `PASSWORD_ARGON2ID` algorithms support the following options: - `memory_cost` - `time_cost` - `threads` All the algorithms use the standard default values for the options if none are passed. [Top](#pop-crypt) Encryption ---------- [](#encryption) The Encryption classes are built using the `openssl` extension and its related functions. Supported ciphers are: - `aes-128-cbc` - `aes-256-cbc` - `aes-128-gcm` - `aes-256-gcm` It is important to safely store the key or keys used to generate the encrypted data. When correctly paired with their cipher, the encrypted data can successfully be decrypted. However, if the key is incorrect or matched with the wrong cipher, decryption will fail. ### Generate Key [](#generate-key) A key that matches the chosen cipher can be generated with the following method: ``` use Pop\Crypt\Encryption; $key = Encryption\Encrypter::generateKey($cipher, false); ``` ##### Raw vs Base-64 [](#raw-vs-base-64) Methods that manage the key values have an optional `$raw` parameter. In the case of generating or getting key values from the encrypter, if `$raw` is true, then the key value will be returned as a raw string of bytes. Otherwise, if `$raw` is false, the key value will be base-64 encoded before it is returned. In the case of setting key values or previous key values in the encrypter, if `$raw` is false, then the key values will be treated was base-64 encoded values and will be decoded as they are stored in the object. If `$raw` is true, the key values will not be processed or decoded in any way. ### Previous Keys [](#previous-keys) In order to preserve legacy keys that have been previously used and rotated out of use, you can load those previous keys to have the encrypter object attempt to use them if the latest key does not work. This provides graceful rotation of keys. ``` use Pop\Crypt\Encryption; $encrypter = new Encryption\Encrypter($currentKey, 'aes-256-cbc'); $encrypter->setPreviousKeys([$oldKey1, $oldKey2, $oldKey3]); ``` [Top](#pop-crypt) ### Health Score 52 — FairBetter than 96% of packages Maintenance70 Regular maintenance activity Popularity24 Limited adoption so far Community11 Small or concentrated contributor base Maturity85 Battle-tested with a long release history Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~474 days Recently: every ~860 days Total 9 Last Release 168d ago Major Versions 2.1.1p1 → 3.0.02025-11-04 PHP version history (2 changes)2.0.0PHP >=5.4.0 3.0.0PHP >=8.3.0 ### Community Maintainers ![](https://www.gravatar.com/avatar/c19dee900e9e20039c723cc403f76b5c22ac2dddb3f86773ae64fb082d4949e2?d=identicon)[nicksagona](/maintainers/nicksagona) --- Top Contributors [![nicksagona](https://avatars.githubusercontent.com/u/898670?v=4)](https://github.com/nicksagona "nicksagona (41 commits)") --- Tags phpencryptioncryptbcryptpoppop php ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/popphp-pop-crypt/health.svg) ``` [![Health](https://phpackages.com/badges/popphp-pop-crypt/health.svg)](https://phpackages.com/packages/popphp-pop-crypt) ``` ### Alternatives [vlucas/pikirasa PKI public/private RSA key encryption using the OpenSSL extension 104101.1k1](/packages/vlucas-pikirasa)[poly-crypto/poly-crypto High-level cryptographic functions that are interoperable between NodeJS and PHP 7.1+ 127.8k1](/packages/poly-crypto-poly-crypto)[stymiee/php-simple-encryption The PHP Simple Encryption library is designed to simplify the process of encrypting and decrypting data while ensuring best practices are followed. By default is uses a secure encryption algorithm and generates a cryptologically strong initialization vector so developers do not need to becomes experts in encryption to securely store sensitive data. 448.0k](/packages/stymiee-php-simple-encryption) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)