I was faced with a challenge of making sure that i pass data back and forth securely via an api
on cakephp 3.0 from a windows forms (C#) application.It was a challenge considering the fact
that cakephp 3.0 is still a release candidate. But i must say i am so impressed with what the cakephp community has produced. I can proudly boast that i use cakephp :).
xcryto is a cakephp 3.0 library that allows you to encrypt your data using. It should pretty work in other php frameworks too;
- PHP HASH
To protect my .NET software that i have just put out for sale. I wrote my own encryption and decryption algorithm on top Xcrypto.
- all data is encrypted using my own proprietary encryption and decryption algorithm that i cant disclose here.
- on top of that i added another layer of encryption/decryption using xcrypto. So all communications back and forth have 2 layers of encryption.
- I use RSA and AES
Using RSA allows for use of Public key and Private key cryptography and the result is sound. On top of that the nginx is using SSL.
Feel free to use xcrpto, forking it on github.