gmtls/openssl-crypto-kit

A modern and extensible PHP cryptography toolkit powered by OpenSSL.

Maintainers

Details

github.com/GmTLS/openssl-crypto-kit

Homepage

Source

Issues

Installs: 13

Dependents: 1

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

v1.0.0 2025-04-30 11:23 UTC

Requires

MIT a7b20046c4f494ea7a7ee8fffab0857d5e8d91c1

  • jundayw <jundayw.woop@126.com>

encryptionsigningrsaopenssldecryptionverificationec

This package is auto-updated.

Last update: 2025-04-30 11:23:58 UTC

README

A modern and extensible PHP cryptography toolkit powered by OpenSSL.
Supports RSA for encryption, decryption, and digital signatures, and EC for high-performance digital signing and key exchange.
Also includes X.509 certificate generation, passphrase protection, and pluggable algorithm support.

GitHub Tag Total Downloads Packagist Version Packagist PHP Version Support Packagist License

A modern PHP cryptography toolkit powered by OpenSSL.
Features include:

  • RSA: key generation, signing, verification, encryption, decryption
  • EC: key generation, signing, verification
  • X.509 certificate creation
  • Passphrase protection and pluggable algorithm support

Installation

You can install the package via Composer:

composer require gmtls/openssl-crypto-kit

Usage

Generation

use GmTLS\CryptoKit\Providers\EcProvider;
use GmTLS\CryptoKit\Providers\RsaProvider;

$key = EcProvider::generateKeypair('secp521r1', 'password');
$key = RsaProvider::generateKeypair(1024, 'password');

Or, load from an existing key

use GmTLS\CryptoKit\Keypair;

$key = new Keypair();
$key->fromPrivateKeyFile(realpath('private.pem'), 'password');
$key->fromPublicKeyFile(realpath('public.pem'));
$key->fromFile(realpath('key.pem'), 'password');

Save the key to a file

$key->savePrivateKey(__DIR__ . '/private.pem');
$key->savePublicKey(__DIR__ . '/public.pem');
$key->saveKeys(__DIR__ . '/key.pem');

Signing && Verification

use GmTLS\CryptoKit\Factory;

$rsa = Factory::provider($key);
// or
$rsa = Factory::createRsaProvider($key);
// or
$rsa = new RsaProvider($key);

$data   = '...';
$sign   = $rsa->sign($data);
$verify = $rsa->verify($data, $sign);
var_dump($sign, $verify);

$sign   = $rsa->base64Sign($data);
$verify = $rsa->base64Verify($data, $sign);
var_dump($sign, $verify);

Encryption && Decryption

$data    = '...';
$encrypt = $rsa->encrypt($data);
$decrypt = $rsa->decrypt($encrypt);
var_dump($encrypt, $decrypt);

$encrypt = $rsa->base64Encrypt($data);
$decrypt = $rsa->base64Decrypt($encrypt);
var_dump($encrypt, $decrypt);

Export public key and private key signatures

var_dump($rsa->getPrivateKeys());
var_dump($rsa->getPublicKeys());

Advanced

Create a new YourProvider class that extends \GmTLS\CryptoKit\Providers\AbstractProvider and implement generateKeypair, converterToKeys and the methods you need to override.

use GmTLS\CryptoKit\Contracts\Keypair as KeypairContract;
use GmTLS\CryptoKit\Keypair;
use GmTLS\CryptoKit\Providers\AbstractProvider;
use RuntimeException;

class YourProvider extends AbstractProvider
{
    public static function generateKeypair(): KeypairContract
    {
        // ...
        return new Keypair(
            $privateKey,
            $details['key'],
            $passphrase,
            $details,
        );
    }

    protected function converterToKeys(array $details): array
    {
        // ...
        return [];
    }
}

Extending Provider:

use GmTLS\CryptoKit\Factory;
use GmTLS\CryptoKit\Keypair;

Factory::extend(YourProvider::class, function (Keypair $keypair) {
    return new YourProvider($keypair);
});

Calling using Factory:

Factory::provider(YourProvider::class)->getPrivateKeys();
Factory::provider(YourProvider::class)->getPublicKeys();
Factory::provider(YourProvider::class)->sign($data);
Factory::provider(YourProvider::class)->verify($data, $sign);
// ...

License

Nacosvel Contracts is made available under the MIT License (MIT). Please see License File for more information.