PHPackages tcrypto/tcrypto - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. tcrypto/tcrypto ActiveLibrary tcrypto/tcrypto =============== Simple and flexible PHP 5.3+ key-value storage library. v0.9(11y ago)5925412Public DomainPHPPHP >=5.3.0 Since Apr 7Pushed 9y ago4 watchersCompare [ Source](https://github.com/timoh6/TCrypto)[ Packagist](https://packagist.org/packages/tcrypto/tcrypto)[ Docs](https://github.com/timoh6/TCrypto)[ RSS](/packages/tcrypto-tcrypto/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (2)Used By (0) About ===== [](#about) [![Build Status](https://camo.githubusercontent.com/8738eb4b29fab2ba56cb74d7aa7614bd9dd7467ae6ec0180dc7b3768a038a275/68747470733a2f2f7365637572652e7472617669732d63692e6f72672f74696d6f68362f5443727970746f2e706e67)](http://travis-ci.org/timoh6/TCrypto) TCrypto is a simple and flexible PHP 5.3+ in-memory key-value storage library. By default, a cookie will be used as a storage backend. TCrypto has been designed from the ground up with security in mind. Safe algorithms and modes. Automatic and safe initialization vector creation. Encryption and authentication key creation (Keytool) using strong randomness. Key rotation (versioned keys). TCrypto can be used as a scalable "session handler". Especially scalable, if cookies are used as a storage backend. This is a bit like Ruby on Rails sessions. There's an article outlining basic TCrypto usage at [websec.io](http://websec.io/): [TCrypto: Encrypted data storage for PHP applications](http://websec.io/2012/08/29/TCrypto-Encrypted-Data-Storage-for-PHP.html) This is a preview release (although considered stable). Keyfile encryption will be available in version 1.0.0. Otherwise no other changes are planned between current dev-master and 1.0.0. **Important security note about data compression:** Prior to August 6 2013, TCrypto allowed to use data compression when the data was also being encrypted. This may lead to disclosure of the (confidential) plain text. All TCrypto users are encouraged to update to the current dev-master. Especially if CompressPlugin() was used with data encryption. TCrypto is placed in the public domain. Requirements ------------ [](#requirements) TCrypto requires PHP version 5.3 or greater. To use encryption, either Mcrypt or OpenSSL extension must be available. If OpenSSL is used for encryption, PHP 5.3.3 or greater is required. Optional compression plugin requires zlib. Installation note ----------------- [](#installation-note) TCrypto supports installation using Composer, but make sure you use at least Composer version 1.0.0-beta1 to install TCrypto (Composer was vulnerable to MITM attacks before 1.0.0-beta1): [tcrypto/tcrypto](https://packagist.org/packages/tcrypto/tcrypto) Backward incompatible changes ----------------------------- [](#backward-incompatible-changes) 04 Dec 2015 String() StorageHandler was renamed to PlainString(). TCrypto Keymanager and Keytool ------------------------------ [](#tcrypto-keymanager-and-keytool) Keytool is a small command-line application, which is used to create encryption and authentication keys. Keytool can also be used to remove inactive keys. Before you start using TCrypto, run Keytool and create your first set of keys: ``` $ cd /path/to/TCrypto/bin $ php keytool ``` Make sure the right keyfile is selected (if necessary, change keyfile) and select option 1 "Add new keys". To remove inactive keys, run Keytool and select option 2 "Remove inactive keys". You should always remove inactive keys before you add new keys. This is because inactive keys are determined comparing the (current) primary key timestamp and key lifetime (keys that can not be active are removed). There are a few Keytool settings you can tweak. File `TCrypto/bin/keytool.config.php`: - **'keyfile\_permissions'**: the default filesystem permissions for the keyfile - **'bytes\_in\_key\_name'**: key name length - **'key\_max\_lifetime'**: this should be the same as $\_macMaxLifetime in TCrypto - **'keyfile\_location'**: the default keyfile location If you remove or comment out 'keyfile\_permissions' setting, chmod() won't be run at all for the keyfile. Keytool stores keys as a plain PHP array. The key format is as follows: ```