{"id":19341876,"url":"https://github.com/matchory/php-id-mask","last_synced_at":"2025-02-24T08:42:02.770Z","repository":{"id":103091367,"uuid":"503706198","full_name":"matchory/php-id-mask","owner":"matchory","description":"IDMask implementation in PHP. IDMask is a library for masking internal IDs when they need to be published to hide their actual value and to prevent forging. It supports optional randomisation.","archived":false,"fork":false,"pushed_at":"2022-06-22T07:46:06.000Z","size":42,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-06T11:45:23.692Z","etag":null,"topics":["aes-encryption","hashids","hkdf","hmac","id","obfuscation","uuid"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/matchory.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-06-15T09:49:45.000Z","updated_at":"2024-09-09T14:19:51.000Z","dependencies_parsed_at":null,"dependency_job_id":"7653260c-4434-42dc-adc0-1d57dd281023","html_url":"https://github.com/matchory/php-id-mask","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matchory%2Fphp-id-mask","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matchory%2Fphp-id-mask/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matchory%2Fphp-id-mask/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/matchory%2Fphp-id-mask/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/matchory","download_url":"https://codeload.github.com/matchory/php-id-mask/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240449464,"owners_count":19803120,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aes-encryption","hashids","hkdf","hmac","id","obfuscation","uuid"],"created_at":"2024-11-10T03:32:58.655Z","updated_at":"2025-02-24T08:42:02.741Z","avatar_url":"https://github.com/matchory.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"IDMask\n======\n\u003e IDMask is an implementation of [IDMask](https://github.com/patrickfav/id-mask) in PHP.\n\nIDMask is a PHP library for masking **internal IDs** (e.g. from your DB) when they need to be publicly published to\n**hide their actual value and to prevent forging**. This should make it very hard for an attacker to **understand**\nprovided IDs (e.g. by witnessing a sequence, deducting how many orders you had, etc.) and **prevent guessing** of\npossible valid ones. Masking is **fully reversible** and also supports optional **randomization** for e.g.\n**shareable links** or **one-time tokens**.  \nIt has a wide support for various **data types** including (big) integers, UUIDs and arbitrary strings. This library\nbases its security on **strong cryptographic primitives** ([AES](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard),\n[HMAC](https://en.wikipedia.org/wiki/HMAC), [HKDF](https://en.wikipedia.org/wiki/HKDF)) to create a secure encryption\nschema. It was inspired by [HashIds](https://hashids.org/), but tries to tackle most of its shortcomings.\n\n## Feature Overview\n\n- **Secure**: Creates encrypted IDs with **proper cryptography** ([AES](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard),\n  [HKDF](https://en.wikipedia.org/wiki/HKDF)) including **forgery protection** ([HMAC](https://en.wikipedia.org/wiki/HMAC))\n- **Wide range of data types supported**: Masks IDs from integers, UUIDs, strings, or byte sequences\n- **Full support of types**: Has no arbitrary restrictions like \"only positive numbers\", etc.\n- **ID randomization**: If enabled, IDs are generated which appear uncorrelated with the same underlying value.\n- **No collisions possible**: As IDs are not hashed or otherwise compressed, collisions are impossible.\n- **Lightweight \u0026 Easy-to-use**: Has only minimal dependencies and a straight forward API.\n- **Supports multiple encodings**: Depending on your requirement (short IDs vs. readability vs. should not contain\n  words) multiple encodings are available including [Base64](https://en.wikipedia.org/wiki/Base64),\n  [Base32](https://en.wikipedia.org/wiki/Base32) and [Hex](https://en.wikipedia.org/wiki/Hexadecimal) with the option of\n  providing a custom one.\n\n\u003c!-- - **Built-in caching support**: To increase performance a PSR-6 cache implementation can be used. --\u003e\n\u003c!-- - **Framework integrations included**: Includes support for Laravel and Symfony out of the box --\u003e\n\nInstallation\n------------\nInstall IDMask from Composer:\n\n```bash\ncomposer require matchory/id-mask\n```\n\nQuickstart\n----------\n\n```php\nuse Matchory\\IdMask\\IdMask;\nuse Matchory\\IdMask\\KeyManagement\\KeyStore;\nuse Matchory\\IdMask\\KeyManagement\\SecretKey;\n\n$keyStore = KeyStore::with(SecretKey::generate())\n$mask = IdMask::forInteger($keyStore)-\u003emask('foo');\n\nassert('foo' === IdMask::forInteger($keyStore)-\u003eunmask($mask))\n```\n\nTODO: More content will be available as the library gets fully implemented.\n\nFurther Reading\n---------------\n\n### Main Article\n\n- [A Better Way to Protect Your IDs](https://medium.com/@patrickfav/a-better-way-to-protect-your-database-ids-a33fa9867552)\n\n### Discussions\n\n- [Exposing database IDs - security risk?](https://stackoverflow.com/questions/396164/exposing-database-ids-security-risk)\n- [Prevent Business Intelligence Leaks by Using UUIDs Instead of Database IDs on URLs and in APIs](https://medium.com/lightrail/prevent-business-intelligence-leaks-by-using-uuids-instead-of-database-ids-on-urls-and-in-apis-17f15669fd2e)\n- [Why not expose a primary key](https://softwareengineering.stackexchange.com/questions/218306/why-not-expose-a-primary-key)\n- [Sharding \u0026 IDs at Instagram](https://instagram-engineering.com/sharding-ids-at-instagram-1cf5a71e5a5c)\n- [HashId Cryptanalysis](https://carnage.github.io/2015/08/cryptanalysis-of-hashids)\n- [Discussion about IDMask encryption schema](https://crypto.stackexchange.com/q/68415/44838)\n\n### Similar Libraries\n\n- [HashIds](https://github.com/10cella/hashids-java)\n- [NanoId](https://github.com/ai/nanoid)\n\nContributing\n------------\nSubmit a pull request or open an issue on GitHub. We welcome contributions from all kinds of people!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmatchory%2Fphp-id-mask","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmatchory%2Fphp-id-mask","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmatchory%2Fphp-id-mask/lists"}