Kirin 2bd919e148 commit преди 3 години
..
src 2bd919e148 commit преди 3 години
.gitattributes 2bd919e148 commit преди 3 години
.gitignore 2bd919e148 commit преди 3 години
.gitmodules 2bd919e148 commit преди 3 години
.scrutinizer.yml 2bd919e148 commit преди 3 години
.travis.yml 2bd919e148 commit преди 3 години
Makefile 2bd919e148 commit преди 3 години
README.md 2bd919e148 commit преди 3 години
composer.json 2bd919e148 commit преди 3 години
phpunit.full.xml 2bd919e148 commit преди 3 години
phpunit.xml 2bd919e148 commit преди 3 години
validate_examples.sh 2bd919e148 commit преди 3 години

README.md

Pure PHP Elliptic Curve DSA and DH

Build Status

Scrutinizer Code Quality Code Coverage

Latest Stable Version Total Downloads Latest Unstable Version License

Information

This library is a rewrite/update of Matyas Danter's ECC library. All credit goes to him.

For more information on Elliptic Curve Cryptography please read this fine article.

The library supports the following curves:

  • secp112r1
  • secp256k1
  • nistp192
  • nistp224
  • nistp256 / secp256r1
  • nistp384 / secp384r1
  • nistp521

During ECDSA, a random value k is required. It is acceptable to use a true RNG to generate this value, but should the same k value ever be repeatedly used for a key, an attacker can recover that signing key. The HMAC random generator can derive a deterministic k value from the message hash and private key, voiding this concern.

The library uses a non-branching Montgomery ladder for scalar multiplication, as it's constant time and avoids secret dependant branches.

License

This package is released under the MIT license.

Requirements

  • PHP 7.0+
  • composer
  • ext-gmp

For PHP5.6 compatibility, use the v0.4.x releases.

Installation

You can install this library via Composer :

composer require mdanter/ecc

Contribute

When sending in pull requests, please make sure to run the make command.

The default target runs all PHPUnit and PHPCS tests. All tests must validate for your contribution to be accepted.

It's also always a good idea to check the results of the Scrutinizer analysis for your pull requests.

Usage

Examples: