I was looking for an easy to use library for encrypting files in PHP. PHP provides encryption functionality through the mcrypt library. Yet, there is a lot of configuration options and choices, enough of them to make a lot of mistakes.
So, instead of making those mistakes ourself, I searched for a drop in class (open source license, no framework constraints) which has already figured out how to apply the functionality securely. There is a lot of examples out there, but I cannot seem to find any code which has been reviewed by anyone with any background knowledge on this.
The best candidate I have found so far is on github: Pixelfck/SymmetricEncryption
The code seems pretty well written, the class is quite compact and well commented, so that is at least a good sign. Yet I don't think ourselves qualified to judge the security part of it.
Could anyone with more background on this read through the code and see if there are any issues?
Aucun commentaire:
Enregistrer un commentaire