paragonie/constant_time_encoding 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.| Name | Version | Size | License | Type | Vulnerabilities |
|---|
The paragonie/constant_time_encoding package provides constant-time implementations for RFC 4648 encoding, which includes Base-64, Base-32, and Base-16. The primary goal is to offer character encoding functions that do not reveal any information about what you are encoding/decoding via processor cache misses, thereby mitigating cache-timing attacks. It's robust against vulnerabilities such as mbstring.func_overload and includes enhancements such as Base16 encoding, Base32 encoding, and the use of pack() and unpack() instead of chr() and ord(). This offers a safer route for character encoding and decoding in your PHP applications, particularly where security is paramount.
To use the paragonie/constant_time_encoding package, you will first need to install it using composer:
composer require paragonie/constant_time_encoding
Then you can use the package in your code using the following example:
use ParagonIE\ConstantTime\Encoding;
$data = random_bytes(32);
echo Encoding::base64Encode($data), "\n";
echo Encoding::base32EncodeUpper($data), "\n";
echo Encoding::base32Encode($data), "\n";
echo Encoding::hexEncode($data), "\n";
echo Encoding::hexEncodeUpper($data), "\n";
If you need a particular encoding variant, you can directly refer to the required class like so:
use ParagonIE\ConstantTime\Base64;
use ParagonIE\ConstantTime\Base32;
$data = random_bytes(32);
echo Base64::encode($data), "\n";
echo Base32::encode($data), "\n";
The paragonie/constant_time_encoding documentation can be found in the README file in the project's GitHub repository.
