More info about Zend\Crypt

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

More info about Zend\Crypt

Enrico Zimuel-2
Hi all,

i just posted an article on my blog about the usage of the new component
Zend\Crypt:

http://www.zimuel.it/en/english-cryptography-made-easy-with-zend-framework/

I hope you will find it useful.

Regards,
Enrico

--
Enrico Zimuel
Senior PHP Engineer     | [hidden email]
Zend Framework Team     | http://framework.zend.com
Zend Technologies Ltd.
http://www.zend.com

Reply | Threaded
Open this post in threaded view
|

Re: More info about Zend\Crypt

DeNix
Hi Enrico,
Thanks for the great post.

I have one note on Crypt component in general. Many subcomponents work
with input/output in different formats: binary, base64, string.
But the way to controll it is not unified. What if we provide a common
way for this?
Options I see are:
-- PHP way, extra parameter (e.g md5($message, $binaryOutput))
-- flags, setBinaryInput(true/false) setBinaryOutput(true/false)
-- all of the above

What do you think?

Thanks
Denis


On 30.05.2012 21:36, Enrico Zimuel wrote:

> Hi all,
>
> i just posted an article on my blog about the usage of the new
> component Zend\Crypt:
>
> http://www.zimuel.it/en/english-cryptography-made-easy-with-zend-framework/ 
>
>
> I hope you will find it useful.
>
> Regards,
> Enrico
>

Reply | Threaded
Open this post in threaded view
|

Re: More info about Zend\Crypt

Enrico Zimuel-2
Hi Denis,


> I have one note on Crypt component in general. Many subcomponents work
> with input/output in different formats: binary, base64, string.
> But the way to controll it is not unified. What if we provide a common
> way for this?
> Options I see are:
> -- PHP way, extra parameter (e.g md5($message, $binaryOutput))
> -- flags, setBinaryInput(true/false) setBinaryOutput(true/false)
> -- all of the above
>

I think we can use the setBinaryOutput(true/false) in components with
class (like I did in the Zend\Crypt\BlockCipher) and the optional
parameter for static methods (like compute() in Zend\Crypt\Hash and
Zend\Crypt\Hmac). I think is enough to have binary or string (base64 or
hex depending on the context).
I don't think we need setBinaryInput(), do you see a use cases for that?

Regards,
Enrico

>
> On 30.05.2012 21:36, Enrico Zimuel wrote:
>> Hi all,
>>
>> i just posted an article on my blog about the usage of the new
>> component Zend\Crypt:
>>
>> http://www.zimuel.it/en/english-cryptography-made-easy-with-zend-framework/ 
>>
>>
>> I hope you will find it useful.
>>
>> Regards,
>> Enrico
>>
>


--
Enrico Zimuel
Senior PHP Engineer     | [hidden email]
Zend Framework Team     | http://framework.zend.com
Zend Technologies Ltd.
http://www.zend.com

Reply | Threaded
Open this post in threaded view
|

Re: More info about Zend\Crypt

DeNix
On 04.06.2012 18:21, Enrico Zimuel wrote:

> Hi Denis,
>
>
>> I have one note on Crypt component in general. Many subcomponents
>> work with input/output in different formats: binary, base64, string.
>> But the way to controll it is not unified. What if we provide a
>> common way for this?
>> Options I see are:
>> -- PHP way, extra parameter (e.g md5($message, $binaryOutput))
>> -- flags, setBinaryInput(true/false) setBinaryOutput(true/false)
>> -- all of the above
>>
>
> I think we can use the setBinaryOutput(true/false) in components with
> class (like I did in the Zend\Crypt\BlockCipher) and the optional
> parameter for static methods (like compute() in Zend\Crypt\Hash and
> Zend\Crypt\Hmac). I think is enough to have binary or string (base64
> or hex depending on the context).
> I don't think we need setBinaryInput(), do you see a use cases for that?
>
I like that. The only subcomponent that does not fully fit is
Deffie-Hellman, but I think it could be refactored a bit

>
>>
>> On 30.05.2012 21:36, Enrico Zimuel wrote:
>>> Hi all,
>>>
>>> i just posted an article on my blog about the usage of the new
>>> component Zend\Crypt:
>>>
>>> http://www.zimuel.it/en/english-cryptography-made-easy-with-zend-framework/ 
>>>
>>>
>>> I hope you will find it useful.
>>>
>>> Regards,
>>> Enrico
>>>
>>
>
>

Reply | Threaded
Open this post in threaded view
|

Re: More info about Zend\Crypt

padraicb
In reply to this post by Enrico Zimuel-2
Hi Enrico,

Nice work!

Paddy
 
Pádraic Brady

http://blog.astrumfutura.com
http://www.survivethedeepend.com
Zend Framework Community Review Team


From: Enrico Zimuel <[hidden email]>
To: [hidden email]
Sent: Wednesday, May 30, 2012 6:36 PM
Subject: [zf-contributors] More info about Zend\Crypt

Hi all,

i just posted an article on my blog about the usage of the new component Zend\Crypt:

http://www.zimuel.it/en/english-cryptography-made-easy-with-zend-framework/

I hope you will find it useful.

Regards,
Enrico

-- Enrico Zimuel
Senior PHP Engineer    | [hidden email]
Zend Framework Team    | http://framework.zend.com
Zend Technologies Ltd.
http://www.zend.com



Reply | Threaded
Open this post in threaded view
|

Re: More info about Zend\Crypt

Goran Jurić
In reply to this post by Enrico Zimuel-2

On 30. svi. 2012., at 19:36, Enrico Zimuel wrote:

Hi all,

i just posted an article on my blog about the usage of the new component Zend\Crypt:

http://www.zimuel.it/en/english-cryptography-made-easy-with-zend-framework/

I hope you will find it useful.

Nice work!

Is the password generation interchangeable with the PHP_PasswordLib?

Regards,

Goran Jurić
Reply | Threaded
Open this post in threaded view
|

Re: More info about Zend\Crypt

Enrico Zimuel-2
Hi Goran,

the Zend\Crypt component supports the PBKDF2, SaltedS2K and bcrypt algorithms for password management.
The PHP_PasswordLib implements the PBKDF2 and bcrypt algorithms (and more) for key derivation (i'm not sure about SaltedS2K).
If you use the algorithms PBKDF2 or bcrypt they can be considered interchangeable.

Of course, PHP_PasswordLib supports more features  and algorithms for password security compared with the Zend\Crypt of ZF2.

Regards,
Enrico Zimuel

On 06/12/2012 04:35 PM, Goran Jurić wrote:

On 30. svi. 2012., at 19:36, Enrico Zimuel wrote:

Hi all,

i just posted an article on my blog about the usage of the new component Zend\Crypt:

http://www.zimuel.it/en/english-cryptography-made-easy-with-zend-framework/

I hope you will find it useful.

Nice work!

Is the password generation interchangeable with the PHP_PasswordLib?

Regards,

Goran Jurić


-- 
Enrico Zimuel
Senior PHP Engineer     | [hidden email]
Zend Framework Team     | http://framework.zend.com
Zend Technologies Ltd.
http://www.zend.com