Symmetric encryption via OpenSSL AES-256-GCM. Use this driver when libsodium is not available on the host.
- PHP 8.1+ (covered by CakePHP 5)
- OpenSSL with
aes-256-gcmsupport (OpenSSL 1.1.1+)
Verify support:
php -r "var_dump(in_array('aes-256-gcm', openssl_get_cipher_methods(true)));"
# bool(true)php -r "echo base64_encode(random_bytes(32)), PHP_EOL;"Store the result in your environment — never hardcode it:
VERIFICATION_AESGCM_KEY="...base64-key..."
// config/verification.php
'crypto' => [
'driver' => 'aes-gcm',
'key' => base64_decode(env('VERIFICATION_AESGCM_KEY', '')),
],See configuration.md for the full crypto reference.
Both drivers are secure. Prefer SodiumCrypto when libsodium is available.
See sodium_crypto.md.
| Topic | File |
|---|---|
| README | ../../README.md |
| Verification flows (setup, login, OTP choice) | ../verification_flow.md |
| Installation | ../installation.md |
| Configuration reference | ../configuration.md |
| Environment variables | ../env.md |
| UsersController actions | ../users_controller.md |
| VerificationComponent | ../verification_component.md |
| VerificationHelper | ../verification_helper.md |
| Email verification & Email OTP | ../email_verification.md |
| SMS OTP | ../sms_verification.md |
| TOTP | ../totp_verification.md |
| Enable / disable individual steps | ../verificator_enable_disable.md |
| API reference index | index.md |