PHP Classes

File: README.md

Recommend this page to a friend!
  Classes of Scott Arciszewski   PHP HPKP Builder   README.md   Download  
File: README.md
Role: Documentation
Content type: text/markdown
Description: Read me
Class: PHP HPKP Builder
Generate Public Key Pinning headers
Author: By
Last change:
Date: 5 years ago
Size: 1,643 bytes
 

Contents

Class file image Download

HTTP Public-Key-Pinning Builder

Build Status

This library aims to make it easy to build HTTP Public-Key-Pinning headers in your PHP projects. HPKP Builder was was created by Paragon Initiative Enterprises as part of our effort to encourage better application security practices.

Check out our other open source projects too.

PHP Version requirements

  • PHP 7.0 or newer

Build a Public-Key-Pinning header from a JSON configuration file

<?php

use \ParagonIE\HPKPBuilder\HPKPBuilder;

$hpkp = HPKPBuilder::fromFile('/path/to/source.json');
$hpkp->sendHPKPHeader();

Example JSON configuration

{
    "hashes": [
        {
            "algo": "sha256",
            "hash": "hwGEkxDWJ2oHtKv6lsvylKvhotXAAZQR1e0nq0eb2Vw="
        },
        {
            "algo": "sha256",
            "hash": "0jum0Eiu4Eg6vjn3zTmyd/RobfN6e4EagFQcz6E5ZKI="
        }
    ],
    "include-subdomains": false,
    "max-age": 5184000,
    "report-only": false,
    "report-uri": null
}

Build a Public-Key-Pinning Header

<?php

use \ParagonIE\HPKPBuilder\HPKPBuilder;

$hpkp = (new HPKPBuilder)
    ->addHash('hwGEkxDWJ2oHtKv6lsvylKvhotXAAZQR1e0nq0eb2Vw=')
    ->addHash('0jum0Eiu4Eg6vjn3zTmyd/RobfN6e4EagFQcz6E5ZKI=')
    ->addHash('JDR7yv7lvdKaM26fnKriSPiyryeYw9qi5sO8Ot7SNUQ=')
    ->includeSubdomains(true)
    ->reportOnly(true)
    ->reportUri('https://report-uri.io')
    ->sendHPKPHeader();