Kickass Crypto

Application

Interfaces, Classes, Traits and Enums

IKickassCrypto

2023-04-05 jj5 - the IKickassCrypto interface is the interface provided by an encryption service. You can use the framework to create your own encryption services or you can use one (or more) of the four encryption services provided by this library.

KickassCrypto

2023-04-05 jj5 - this class provides the base framework for a crypto service; you can extend it yourself or use one (or more) of the services implemented as modules in this library.

KickassCryptoException

2023-04-05 jj5 - this exception is thrown from crypto service constructors (and elsewhere) if there's a problem that will prevent them from operating.

KickassOpenSsl

2023-04-05 jj5 - this is the base class for the OpenSSL crypto services.

KickassOpenSslAtRest

2023-04-05 jj5 - this is the OpenSSL at-rest crypto service.

KickassOpenSslRoundTrip

2023-04-05 jj5 - this is the OpenSSL round-trip crypto service.

KickassSodium

2023-04-05 jj5 - this is the base class for the Sodium crypto services.

KickassSodiumAtRest

2023-04-05 jj5 - this is the Sodium at-rest crypto service.

KickassSodiumRoundTrip

2023-04-05 jj5 - this is the Sodium round-trip crypto service.

KICKASS_CRYPTO_AT_REST

2023-04-07 jj5 - defines how the passphrase list is generated for at-rest use cases.

KICKASS_CRYPTO_ROUND_TRIP

2023-04-07 jj5 - defines how the passphrase list is generated for round-tripo use cases.

KICKASS_DEBUG

2023-04-07 jj5 - these traits are defined for debugging purposes; they redefine the logging function so that a log is not actually written unless the DEBUG constant is defined as true; they generate single use secret keys and declare a valid environment so you don't have to worry about providing a valid config file; and the delay for the minimum amount of time when delay is invoked due to error.

KICKASS_DEBUG_KEYS

2023-04-07 jj5 - these traits are defined for debugging purposes; they generate single use secret keys and declare a valid environment so you don't have to worry about providing a valid config file; and the delay for the minimum amount of time when delay is invoked due to error.

KICKASS_DEBUG_LOG

2023-04-07 jj5 - these traits are defined for debugging purposes; they redefine the logging function so that a log is not actually written unless the DEBUG constant is defined as true.

KICKASS_DEBUG_WITHOUT_DELAY

2023-04-07 jj5 - these traits are defined for debugging purposes; will delay for the minimum amount of time when delay is invoked due to error.

KICKASS_WRAPPER_PHP

2023-04-07 jj5 - thin wrappers around PHP functions.

KICKASS_WRAPPER_PHP_OPENSSL

2023-04-07 jj5 - thin wrappers around PHP functions for the OpenSSL library.

KICKASS_WRAPPER_PHP_SODIUM

2023-04-07 jj5 - thin wrappers around PHP functions for the Sodium library.

Table of Contents

KICKASS_CRYPTO_CONFIG_PROBLEM_INVALID_OPENSSL_SECRET_CURR  = 'config invalid: CONFIG_OPENSSL_SECRET_CURR.'

2023-04-05 jj5 - this happens when CONFIG_OPENSSL_SECRET_CURR is defined for the round-trip use case and the OpenSSL module but it is not valid.

KICKASS_CRYPTO_CONFIG_PROBLEM_INVALID_OPENSSL_SECRET_LIST  = 'config invalid: CONFIG_OPENSSL_SECRET_LIST.'

2023-04-05 jj5 - this happens when CONFIG_OPENSSL_SECRET_LIST is defined for the at-rest use case and the OpenSSL module but it is not valid.

KICKASS_CRYPTO_CONFIG_PROBLEM_INVALID_OPENSSL_SECRET_PREV  = 'config invalid: CONFIG_OPENSSL_SECRET_PREV.'

2023-04-05 jj5 - this happens when CONFIG_OPENSSL_SECRET_PREV is defined for the round-trip use case and the OpenSSL module but it is not valid.

KICKASS_CRYPTO_CONFIG_PROBLEM_INVALID_SODIUM_SECRET_CURR  = 'config invalid: CONFIG_SODIUM_SECRET_CURR.'

2023-04-05 jj5 - this happens when CONFIG_SODIUM_SECRET_CURR is defined for the round-trip use case and the Sodium module but it is not valid.

KICKASS_CRYPTO_CONFIG_PROBLEM_INVALID_SODIUM_SECRET_LIST  = 'config invalid: CONFIG_SODIUM_SECRET_LIST.'

2023-04-05 jj5 - this happens when CONFIG_SODIUM_SECRET_LIST is defined for the at-rest use case and the Sodium module but it is not valid.

KICKASS_CRYPTO_CONFIG_PROBLEM_INVALID_SODIUM_SECRET_PREV  = 'config invalid: CONFIG_SODIUM_SECRET_PREV.'

2023-04-05 jj5 - this happens when CONFIG_SODIUM_SECRET_PREV is defined for the round-trip use case and the Sodium module but it is not valid.

KICKASS_CRYPTO_CONFIG_PROBLEM_MISSING_OPENSSL_SECRET_CURR  = 'config missing: CONFIG_OPENSSL_SECRET_CURR.'

2023-04-05 jj5 - this happens when CONFIG_OPENSSL_SECRET_CURR is not defined for the round-trip use case and the OpenSSL module.

KICKASS_CRYPTO_CONFIG_PROBLEM_MISSING_OPENSSL_SECRET_LIST  = 'config missing: CONFIG_OPENSSL_SECRET_LIST.'

2023-04-05 jj5 - this happens when CONFIG_OPENSSL_SECRET_LIST is not defined for the at-rest use case and the OpenSSL module.

KICKASS_CRYPTO_CONFIG_PROBLEM_MISSING_SODIUM_SECRET_CURR  = 'config missing: CONFIG_SODIUM_SECRET_CURR.'

2023-04-05 jj5 - this happens when CONFIG_SODIUM_SECRET_CURR is not defined for the round-trip use case and the Sodium module.

KICKASS_CRYPTO_CONFIG_PROBLEM_MISSING_SODIUM_SECRET_LIST  = 'config missing: CONFIG_SODIUM_SECRET_LIST.'

2023-04-05 jj5 - this happens when CONFIG_SODIUM_SECRET_LIST is not defined for the at-rest use case and the Sodium module.

KICKASS_CRYPTO_DATA_ENCODING_JSON  = 'json'

2023-04-04 jj5 - the JSON format uses the PHP json_encode() and json_decode() functions; the encoding format strings must be four characters long.

KICKASS_CRYPTO_DATA_ENCODING_PHPS  = 'phps'

2023-04-04 jj5 - uses the PHP serialize() and unserialize() functions (not enabled by default due to potential security issues, enable with CONFIG_ENCRYPTION_PHPS_ENABLE); the encoding format strings must be four characters long.

KICKASS_CRYPTO_DATA_ENCODING_TEXT  = 'text'

2023-04-07 jj5 - encode as text.

KICKASS_CRYPTO_DATA_FORMAT_LENGTH_MAX  = 8

2023-04-05 jj5 - the data format indicator must meet this maximum character length.

KICKASS_CRYPTO_DATA_FORMAT_LENGTH_MIN  = 2

2023-04-05 jj5 - the data format indicator must meet this minimum character length.

KICKASS_CRYPTO_DATA_FORMAT_OPENSSL  = 'KA0'

2023-04-05 jj5 - the OpenSSL data format.

KICKASS_CRYPTO_DATA_FORMAT_SODIUM  = 'KAS0'

2023-04-05 jj5 - the Sodium data format.

KICKASS_CRYPTO_DEFAULT_CHUNK_SIZE  = \pow(2, 12)

2023-04-05 jj5 - this is the default chunk size; messages are padded up to the message length modulo the chunk size; 2^12 is 4KiB; this value might be changed in future.

KICKASS_CRYPTO_DEFAULT_CHUNK_SIZE_MAX  = \pow(2, 26)

2023-04-05 jj5 - this is the default maximum chunk size; 2^26 is 64 MiB; this value might be changed in future.

KICKASS_CRYPTO_DEFAULT_DATA_ENCODING  = \KICKASS_CRYPTO_DATA_ENCODING_JSON

2023-04-05 jj5 - default data encoding format is JSON.

KICKASS_CRYPTO_DEFAULT_DATA_LENGTH_MAX  = \pow(2, 26)

2023-04-05 jj5 - this is the maximum data length supported; 2^26 is 64 MiB; this value might be changed in future.

KICKASS_CRYPTO_DEFAULT_FALSE_ENABLE  = \false

2023-04-05 jj5 - by default you can't encrypt false.

KICKASS_CRYPTO_DEFAULT_JSON_DECODE_OPTIONS  = \JSON_THROW_ON_ERROR

2023-04-05 jj5 - these are the default JSON decoding options passed to the PHP json_decode() function.

KICKASS_CRYPTO_DEFAULT_JSON_ENCODE_OPTIONS  = \JSON_UNESCAPED_SLASHES | \JSON_UNESCAPED_UNICODE

2023-04-05 jj5 - these are the default JSON encoding options passed to the PHP json_encode() function.

KICKASS_CRYPTO_DEFAULT_PHPS_ENABLE  = \false

2023-04-05 jj5 - PHP serialization is disabled by default because it can lead to code execution vulnerabilities... (I don't have a source for this claim, that might be a rumor or not true any more).

KICKASS_CRYPTO_DELAY_NANOSECONDS_MAX  = 10000000000

2023-04-05 jj5 - the maximum random delay (in nanoseconds) used for timing attack mitigation; this value might be changed in future.

KICKASS_CRYPTO_DELAY_NANOSECONDS_MIN  = 1000000

2023-04-05 jj5 - the minimum random delay (in nanoseconds) used for timing attack mitigation; this value might be changed in future.

KICKASS_CRYPTO_DELAY_SECONDS_MIN  = 1.0 / (\KICKASS_CRYPTO_DELAY_NANOSECONDS_MIN / 1000)

2023-04-03 jj5 - this delay is a floating-point value in seconds, it's for comparison of the value returned from the PHP microtime() to check that our delay implementation did actually delay for at least this minimum amount of time.

KICKASS_CRYPTO_DISABLE_CIPHER_VALIDATION  = false

2023-04-07 jj5 - programmers can disable cipher validation by defining this constant as true.

KICKASS_CRYPTO_DISABLE_CONFIG_VALIDATION  = false

2023-04-07 jj5 - programmers can disable config validation by defining this constant as true.

KICKASS_CRYPTO_DISABLE_IV_LENGTH_VALIDATION  = false

2023-04-07 jj5 - programmers can disable initialization vector length validation by defining this constant as true.

KICKASS_CRYPTO_DISABLE_KEY_HASH_VALIDATION  = false

2023-04-07 jj5 - programmers can disable secret key hash function validation by defining this constant as true.

KICKASS_CRYPTO_DISABLE_PHP_VERSION_CHECK  = false

2023-04-05 jj5 - defines whether the PHP version check is disabled or not.

KICKASS_CRYPTO_DISABLE_RANDOM_BYTES_VALIDATION  = false

2023-04-07 jj5 - programmers can disable validation of the random_bytes() function by defining this constant as true.

KICKASS_CRYPTO_ERROR_BASE64_DECODING_FAILED  = 'base64 decoding failed.'

KICKASS_CRYPTO_ERROR_BASE64_DECODING_FAILED_2  = 'base64 decoding failed (2).'

KICKASS_CRYPTO_ERROR_BINARY_DATA_INVALID  = 'binary data invalid.'

KICKASS_CRYPTO_ERROR_BINARY_LENGTH_INVALID  = 'binary length invalid.'

KICKASS_CRYPTO_ERROR_CANNOT_ENCRYPT_FALSE  = 'cannot encrypt false.'

KICKASS_CRYPTO_ERROR_CHUNK_SIZE_INVALID  = 'chunk size invalid.'

KICKASS_CRYPTO_ERROR_CIPHERTEXT_INVALID  = 'ciphertext invalid.'

KICKASS_CRYPTO_ERROR_CIPHERTEXT_INVALID_2  = 'ciphertext invalid (2).'

KICKASS_CRYPTO_ERROR_DATA_DECODING_FAILED  = 'data decoding failed.'

KICKASS_CRYPTO_ERROR_DATA_DECODING_FAILED_2  = 'data decoding failed (2).'

KICKASS_CRYPTO_ERROR_DATA_DECODING_FAILED_3  = 'data decoding failed (3).'

KICKASS_CRYPTO_ERROR_DATA_DECODING_FAILED_4  = 'data decoding failed (4).'

KICKASS_CRYPTO_ERROR_DATA_ENCODING_FAILED  = 'data encoding failed.'

KICKASS_CRYPTO_ERROR_DATA_ENCODING_FAILED_2  = 'data encoding failed (2).'

KICKASS_CRYPTO_ERROR_DATA_ENCODING_FAILED_3  = 'data encoding failed (3).'

KICKASS_CRYPTO_ERROR_DATA_ENCODING_FAILED_4  = 'data encoding failed (4).'

KICKASS_CRYPTO_ERROR_DATA_ENCODING_INVALID  = 'data encoding invalid.'

KICKASS_CRYPTO_ERROR_DATA_ENCODING_INVALID_2  = 'data encoding invalid (2).'

KICKASS_CRYPTO_ERROR_DATA_ENCODING_INVALID_3  = 'data encoding invalid (3).'

KICKASS_CRYPTO_ERROR_DATA_ENCODING_TOO_LARGE  = 'data encoding too large.'

KICKASS_CRYPTO_ERROR_DECRYPTION_FAILED  = 'decryption failed.'

KICKASS_CRYPTO_ERROR_DECRYPTION_FAILED_2  = 'decryption failed (2).'

KICKASS_CRYPTO_ERROR_ENCRYPTION_FAILED  = 'encryption failed.'

KICKASS_CRYPTO_ERROR_ENCRYPTION_FAILED_2  = 'encryption failed (2).'

KICKASS_CRYPTO_ERROR_EXCEPTION_RAISED  = 'exception raised.'

KICKASS_CRYPTO_ERROR_EXCEPTION_RAISED_2  = 'exception raised (2).'

KICKASS_CRYPTO_ERROR_EXCEPTION_RAISED_3  = 'exception raised (3).'

KICKASS_CRYPTO_ERROR_EXCEPTION_RAISED_4  = 'exception raised (4).'

KICKASS_CRYPTO_ERROR_IV_LENGTH_INVALID  = 'IV length invalid.'

KICKASS_CRYPTO_ERROR_IV_LENGTH_INVALID_2  = 'IV length invalid (2).'

KICKASS_CRYPTO_ERROR_JSON_DECODING_FAILED  = 'JSON decoding failed.'

KICKASS_CRYPTO_ERROR_JSON_DECODING_FAILED_2  = 'JSON decoding failed (2).'

KICKASS_CRYPTO_ERROR_JSON_DECODING_FAILED_3  = 'JSON decoding failed (3).'

KICKASS_CRYPTO_ERROR_JSON_DECODING_FAILED_4  = 'JSON decoding failed (4).'

KICKASS_CRYPTO_ERROR_JSON_ENCODING_FAILED  = 'JSON encoding failed.'

KICKASS_CRYPTO_ERROR_JSON_ENCODING_FAILED_2  = 'JSON encoding failed (2).'

KICKASS_CRYPTO_ERROR_JSON_ENCODING_FAILED_3  = 'JSON encoding failed (3).'

KICKASS_CRYPTO_ERROR_JSON_ENCODING_FAILED_4  = 'JSON encoding failed (4).'

KICKASS_CRYPTO_ERROR_MESSAGE_DATA_LENGTH_RANGE_INVALID  = 'message data length range invalid.'

KICKASS_CRYPTO_ERROR_MESSAGE_DATA_LENGTH_SPEC_INVALID  = 'message data length spec invalid.'

KICKASS_CRYPTO_ERROR_MESSAGE_DECODING_FAILED  = 'message decoding failed.'

KICKASS_CRYPTO_ERROR_MESSAGE_ENCODING_FAILED  = 'message encoding failed.'

KICKASS_CRYPTO_ERROR_MESSAGE_ENCODING_FAILED_2  = 'message encoding failed (2).'

KICKASS_CRYPTO_ERROR_MESSAGE_ENCODING_FAILED_3  = 'message encoding failed (3).'

KICKASS_CRYPTO_ERROR_MESSAGE_ENCODING_FAILED_4  = 'message encoding failed (4).'

KICKASS_CRYPTO_ERROR_MESSAGE_ENCODING_INVALID  = 'message encoding invalid.'

KICKASS_CRYPTO_ERROR_MESSAGE_ENCODING_UNKNOWN  = 'message encoding unknown.'

KICKASS_CRYPTO_ERROR_MESSAGE_FORMAT_INVALID  = 'message format invalid.'

KICKASS_CRYPTO_ERROR_MESSAGE_LENGTH_INVALID  = 'message length invalid.'

KICKASS_CRYPTO_ERROR_NO_VALID_KEY  = 'no valid key.'

KICKASS_CRYPTO_ERROR_PASSPHRASE_INVALID  = 'passphrase invalid.'

KICKASS_CRYPTO_ERROR_PASSPHRASE_LENGTH_INVALID  = 'passphrase length invalid.'

KICKASS_CRYPTO_ERROR_PASSPHRASE_LENGTH_INVALID_2  = 'passphrase length invalid (2).'

KICKASS_CRYPTO_ERROR_PASSPHRASE_MISSING  = 'passphrase missing.'

KICKASS_CRYPTO_ERROR_PHPS_DECODING_FAILED  = 'PHPS decoding failed.'

KICKASS_CRYPTO_ERROR_PHPS_DECODING_FAILED_2  = 'PHPS decoding failed (2).'

KICKASS_CRYPTO_ERROR_PHPS_ENCODING_DISABLED  = 'PHPS encoding disabled.'

KICKASS_CRYPTO_ERROR_PHPS_ENCODING_DISABLED_2  = 'PHPS encoding disabled (2).'

KICKASS_CRYPTO_ERROR_PHPS_ENCODING_FAILED  = 'PHPS encoding failed.'

KICKASS_CRYPTO_ERROR_PHPS_ENCODING_FAILED_2  = 'PHPS encoding failed (2).'

KICKASS_CRYPTO_ERROR_PHPS_ENCODING_FAILED_3  = 'PHPS encoding failed (3).'

KICKASS_CRYPTO_ERROR_RESULT_INVALID  = 'result invalid.'

KICKASS_CRYPTO_ERROR_TAG_LENGTH_INVALID  = 'tag length invalid.'

KICKASS_CRYPTO_ERROR_TAG_LENGTH_INVALID_2  = 'tag length invalid (2).'

KICKASS_CRYPTO_ERROR_TEXT_DECODING_FAILED  = 'text decoding failed.'

KICKASS_CRYPTO_ERROR_TEXT_DECODING_FAILED_2  = 'text decoding failed (2).'

KICKASS_CRYPTO_ERROR_TEXT_DECODING_FAILED_3  = 'text decoding failed (3).'

KICKASS_CRYPTO_ERROR_TEXT_ENCODING_FAILED  = 'text encoding failed.'

KICKASS_CRYPTO_ERROR_TEXT_ENCODING_FAILED_2  = 'text encoding failed (2).'

KICKASS_CRYPTO_ERROR_TEXT_ENCODING_FAILED_3  = 'text encoding failed (3).'

KICKASS_CRYPTO_EXCEPTION_INSECURE_RANDOM  = 6000

2023-04-05 jj5 - if the PHP random_bytes() implementation is not using a secure PRNG then this exception is supposed to be raised.

KICKASS_CRYPTO_EXCEPTION_INVALID_CIPHER  = 4000

2023-04-05 jj5 - if the cipher nominated for the OpenSSL library is not available in the environment this exception is raise.

KICKASS_CRYPTO_EXCEPTION_INVALID_CONFIG  = 2000

2023-04-05 jj5 - this exception is raise if the config is invalid. Modules define what constitutes a valid config based on the use case.

KICKASS_CRYPTO_EXCEPTION_INVALID_ERROR_LIST  = 7000

2023-04-06 jj5 - if we can't get a valid error list from an implementation we bail with an exception.

KICKASS_CRYPTO_EXCEPTION_INVALID_EXCEPTION_CODE  = 1000

2023-04-05 jj5 - if an invalid exception code is passed to the exception raising facility this exception is raised instead.

KICKASS_CRYPTO_EXCEPTION_INVALID_IV_LENGTH  = 5000

2023-04-05 jj5 - if the initialization vector for the OpenSSL library is not what we've been coded to expect then this exception is raise.

KICKASS_CRYPTO_EXCEPTION_INVALID_KEY_HASH  = 3000

2023-04-05 jj5 - if the hash algorithm is invalid or not available this exception is raised.

KICKASS_CRYPTO_EXCEPTION_MESSAGE  = [\KICKASS_CRYPTO_EXCEPTION_INVALID_EXCEPTION_CODE => 'invalid exception code.', \KICKASS_CRYPTO_EXCEPTION_INVALID_CONFIG => 'invalid config.', \KICKASS_CRYPTO_EXCEPTION_INVALID_KEY_HASH => 'invalid key hash.', \KICKASS_CRYPTO_EXCEPTION_INVALID_CIPHER => 'invalid cipher.', \KICKASS_CRYPTO_EXCEPTION_INVALID_IV_LENGTH => 'invalid IV length.', \KICKASS_CRYPTO_EXCEPTION_INSECURE_RANDOM => 'insecure random.', \KICKASS_CRYPTO_EXCEPTION_INVALID_ERROR_LIST => 'invalid error list.', \KICKASS_CRYPTO_EXCEPTION_RECURSION_DETECTED => 'recursion detected.']

2023-03-30 jj5 - these are the exception messages for each exception code. These exception messages should be stable, you can add new ones but don't change existing ones.

KICKASS_CRYPTO_EXCEPTION_RECURSION_DETECTED  = 8000

2023-04-07 jj5 - called if recursion/reentrancy is detected.

KICKASS_CRYPTO_EXIT_ASSERT  = 83

2023-04-05 jj5 - the error level to return when the program exits due to an assertion violation.

KICKASS_CRYPTO_EXIT_BAD_ENVIRONMENT  = 60

2023-04-05 jj5 - the error level to return when the program can't run due to an invalid run-time environment.

KICKASS_CRYPTO_EXIT_CANNOT_CONTINUE  = 10

2023-04-05 jj5 - the error level to return when nothing is broken or wrong but the program cannot continue.

KICKASS_CRYPTO_EXIT_ERROR  = 81

2023-04-05 jj5 - the error level to return when the program exits due to an error.

KICKASS_CRYPTO_EXIT_EXCEPTION  = 82

2023-04-05 jj5 - the error level to return when the program exits due to an exception.

KICKASS_CRYPTO_EXIT_FILE_MISSING  = 61

2023-04-05 jj5 - the error level to return when a file is missing.

KICKASS_CRYPTO_EXIT_HELP  = 99

2023-04-05 jj5 - the error level to return when help (or version) has been requested; this is not an error but it does return a non-zero error level for safety.

KICKASS_CRYPTO_EXIT_INVALID  = 89

2023-04-05 jj5 - the error level to return when the program tries to exit with an invalid error level.

KICKASS_CRYPTO_EXIT_OPTIONS_LISTED  = 98

2023-04-05 jj5 - the error level to return when program options have been requested; this is not an error but it does return a non-zero error level for safety.

KICKASS_CRYPTO_EXIT_PROBLEM  = 80

2023-04-05 jj5 - the error level to return when there's a problem with the program.

KICKASS_CRYPTO_EXIT_SUCCESS  = 0

2023-04-05 jj5 - the error level to return upon success.

KICKASS_CRYPTO_EXIT_TEST_FAILED  = 84

2023-04-05 jj5 - the error level to return when a unit-test failed.

KICKASS_CRYPTO_KEY_HASH  = 'sha512/256'

2023-04-05 jj5 - the key has is used to convert a secret key into a 32 byte (256-bit) passphrase for use with either the OpenSSL or Sodium encryption library.

KICKASS_CRYPTO_KEY_LENGTH_MIN  = 88

2023-04-05 jj5 - the minimum key length is used to ensure that secret keys meet at least a minimal requirement.

KICKASS_CRYPTO_LOG_ERROR_INVALID_PASSPHRASE  = 'error: invalid passphrase.'

KICKASS_CRYPTO_LOG_PREFIX_EMERGENCY_DELAY  = 'emergency delay: '

KICKASS_CRYPTO_LOG_PREFIX_EXCEPTION_HANDLE  = 'handled exception: '

KICKASS_CRYPTO_LOG_PREFIX_EXCEPTION_IGNORE  = 'ignored exception: '

KICKASS_CRYPTO_LOG_PREFIX_EXCEPTION_NOTIFY  = 'caught exception: '

KICKASS_CRYPTO_LOG_PREFIX_EXCEPTION_THROW  = 'throwing exception: '

KICKASS_CRYPTO_LOG_WARNING_DELAY  = 'warning: delayed due to error.'

KICKASS_CRYPTO_LOG_WARNING_SHORT_PASSPHRASE  = 'warning: passphrase shorter than recommended.'

KICKASS_CRYPTO_LOG_WARNING_SHORT_SECRET  = 'warning: secret shorter than recommended.'

KICKASS_CRYPTO_OPENSSL_CIPHER  = 'aes-256-gcm'

2023-04-05 jj5 - this is the OpenSSL cipher we use, this should never be changed... at least not without a lot of support to upgrading to a new cipher.

KICKASS_CRYPTO_OPENSSL_IV_LENGTH  = 12

2023-04-05 jj5 - this is the length of the initialization vector expected by the openssl_encrypt() and openssl_decrypt() fucntions, this should not be changed.

KICKASS_CRYPTO_OPENSSL_OPTIONS  = \OPENSSL_RAW_DATA

2023-04-05 jj5 - these are the options for the OpenSSL openssl_encrypt() function, these should not be changed.

KICKASS_CRYPTO_OPENSSL_PASSPHRASE_LENGTH  = 32

2023-04-05 jj5 - this is the passphrase length excepted by the openssl_encrypt() function, this should not be changed.

KICKASS_CRYPTO_OPENSSL_TAG_LENGTH  = 16

2023-04-05 jj5 - this is the tag length of the tag generated by the openssl_encrypt() function and expected by the openssl_decrypt() function, this should not be changed.

KICKASS_CRYPTO_PASSPHRASE_LENGTH_MIN  = 32

2023-04-05 jj5 - the minimum key length is used to ensure that passphrases meet at least a minimal requirement.

KICKASS_CRYPTO_RECURSION_LIMIT  = 100

2023-04-07 jj5 - this is the limit of recursion that we allow... the Xdebug limit is 256 and PHP by itself has no limit (it will recurse until it runs out of memory); we pick a value less than the Xdebug limit so that we can handle things ourselves.

KICKASS_CRYPTO_REGEX_BASE64  = '/^[a-zA-Z0-9\\/+]{2,}={0,2}$/'

2023-04-05 jj5 - this is our Base64 validation regex; see the link for discussion concerning the previous regex and poor performance.

KICKASS_CRYPTO_SODIUM_PASSPHRASE_LENGTH  = \SODIUM_CRYPTO_SECRETBOX_KEYBYTES

2023-04-05 jj5 - this is the length of the passphrase (it's the $key parameter) expected by the sodium_crypto_secretbox() function.

kickass_crypto_autoload()  : bool

2023-04-05 jj5 - this function registered with PHP's spl_autoload_register() to provide automatic loading of namespace elements.

kickass_crypto_validate_environment()  : void

2023-03-31 jj5 - this function is for validating our run-time environment. If there's a problem then we exit, unless the programmer has overridden that behavior by defining certain constants.

kickass_crypto_validate_environment_openssl()  : void

2023-03-31 jj5 - this function is for validating our run-time environment. If there's a problem then we exit, unless the programmer has overridden that behavior by defining certain constants.

kickass_crypto_validate_environment_sodium()  : void

2023-04-03 jj5 - this function is for validating our run-time environment. If there's a problem then we exit, unless the programmer has overridden that behavior by defining certain constants.

main()  : void

2023-03-31 jj5 - this function hosts a unit test, it's just for convenience. It sets up your environment and then calls run_test() which you should define. If debugging is enabled then no try-catch block is used, otherwise it is. Also we make sure DEBUG is defined before we run your code so you shouldn't have to worry about whether it is defined or not.

kickass_crypto_validate_php()  : void

2023-04-04 jj5 - this function makes sure we're running a supported version of PHP; don't use fancy PHP features because they might not be available in older versions.

kickass_round_trip()  : IKickassCrypto

2023-04-05 jj5 - this is the round-trip service locator defined for use by the OpenSSL module.

kickass_at_rest()  : IKickassCrypto

2023-04-05 jj5 - this is the at-rest service locator defined for use by the OpenSSL module.

kickass_round_trip()  : IKickassCrypto

2023-04-05 jj5 - this is the round-trip service locator defined for use by the Sodium module.

kickass_at_rest()  : IKickassCrypto

2023-04-05 jj5 - this is the at-rest service locator defined for use by the Sodium module.

kickass_crypto_setup_unit_test_environment()  : void

2023-04-05 jj5 - this function will set up a test environment.

kickass_crypto_get_floats()  : void

2023-04-05 jj5 - this function will generate a bunch of special purpose floating-point values.

kickass_crypto_setup_environment()  : void

2023-04-05 jj5 - this function will set up a standard run-time environment.

kickass_crypto_handle_error()  : mixed

2023-04-05 jj5 - this function handles a PHP error by throwing it as an ErrorException. This function is called by PHP when it's registered as an error handler with the set_error_handler() function. This function doesn't throw if error reporting is disabled.

kickass_crypto_exit()  : void

2023-04-05 jj5 - this function will exit the process with a suitable error level.

kickass_crypto_change_dir()  : void

2023-04-05 jj5 - this function will change the current directory; if there's any sort of problem the program will be immediately aborted with an appropriate error level; this function is for command-line scripts, not web services.

kickass_crypto_report_error()  : void

2023-04-05 jj5 - this function prints a line of text to STDERR.

kickass_crypto_is_set()  : bool

2023-04-05 jj5 - this function tests to see if a given flag is set within a set of flags.

kickass_crypto_bits_split()  : array<int, int>

2023-04-05 jj5 - this function splits a set of flags into a list of singular flag values.