iweron / aws-kms-jwt
JWT token generation using symmetric encryption with AWS KMS
Installs: 3 999
Dependents: 0
Suggesters: 0
Security: 0
Stars: 2
Watchers: 2
Forks: 0
Open Issues: 0
Requires
- php: >=7.0
- ext-openssl: *
- aws/aws-sdk-php: 3.*
README
About AWS KMS JWT
- Utilizes AWS KMS data keys for JWT generation using an envelope encryption method.
- Supports PHP >=5.3 (excluding GCM and CCM cipher algorithms)
Installing via Composer
You can install AWS KMS JWT using Composer.
# Install Composer curl -sS https://getcomposer.org/installer | php # Add it as a dependency php composer.phar require iweron/aws-kms-jwt
After installing, you need to require Composer's autoloader:
require 'vendor/autoload.php';
Before using this lib, you will need to issue a spare AWS KMS master key. Check this article to figure out how to create one https://nsmith.net/aws-kms-cli
You can check an examples directory to get more info on usage.
Envelope encryption
This lib implements envelope encryption with symmetric keys based on AWS KMS initially proposed by Latacora.
NB! This repo does not have the code for token verification/decryption. You might need to implement it yourself as it is shown in the following diagram: