paragonie/paserk-wrap-aws-kms

Use AWS KMS for key-wrapping with PASERK

Maintainers

Details

github.com/paragonie/paserk-php-wrap-aws-kms

Source

Issues

Installs: 0

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 4

Forks: 0

Open Issues: 1

v0.1.0 2023-08-25 13:41 UTC

Requires

Requires (Dev)

ISC 887268c5ea6c4692aacf5771885a1065737d4161

This package is auto-updated.

Last update: 2024-05-25 15:39:54 UTC

README

Build Status Latest Stable Version Latest Unstable Version License Downloads

Integrates PASERK with AWS KMS for key-wrapping. Requires PHP 8.1 or newer.

This repository is an extension of PASERK for PHP.

PASERK Specification

The PASERK Specification can be found in this repository.

Installing

composer require paragonie/paserk-aws-kms

Usage

Initialization

You will need a KmsClient object and a PASETO protocol version object.

<?php
use Aws\Kms\KmsClient;
use ParagonIE\Paseto\ProtocolInterface;
use ParagonIE\Paserk\Operations\Wrap\AwsKms;

/** 
 * @var KmsClient $kmsClient
 * @var ProtocolInterface $pasetoProtocol
 */

$awsKmsWrapper = new AwsKms($kmsClient, $pasetoProtocol);

If you'd like to specify custom Encryption Context:

$awsKmsWrapper->setEncryptionContex([
    'department' => '10103.0'
]);

You can then pass the AwsKms object to the constructor of the PASERK Wrap Operation class.

/**
 * @var AwsKms $awsKmsWrapper
 */ 
$wrapper = new \ParagonIE\Paserk\Operations\Wrap($awsKmsWrapper);

See the paserk-php documentation for further details.