wpjscc / phpseclib
PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc.
Maintainers
Requires
- php: >=8.1
- paragonie/constant_time_encoding: ^2|^3
- react/async: ^4.3
- symfony/polyfill-php82: ^1.26
Requires (Dev)
- ext-xml: *
- brianium/paratest: ^7.8.5
- php-parallel-lint/php-parallel-lint: ^1.3
- phpunit/phpunit: ^11.5 || ^12.5 || ^13.1
- squizlabs/php_codesniffer: ^3.7
- vimeo/psalm: *
Suggests
- ext-dom: Install the DOM extension to load XML formatted public keys.
- ext-gmp: Install the GMP (GNU Multiple Precision) extension in order to speed up arbitrary precision integer arithmetic operations.
- ext-libsodium: SSH2/SFTP can make use of some algorithms provided by the libsodium-php extension.
- ext-openssl: Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations.
- react/async: Use SSH2 async I/O mode (constructor flag) with React\EventLoop; same integration style as non-blocking stream + await().
This package is auto-updated.
Last update: 2026-05-08 04:18:38 UTC
README
Supporting phpseclib
- Become a backer or sponsor on Patreon
- One-time donation via PayPal or crypto-currencies
- Subscribe to Tidelift
Introduction
MIT-licensed pure-PHP implementations of the following:
SSH-2, SFTP, X.509, an arbitrary-precision integer arithmetic library, Ed25519 / Ed449 / Curve25519 / Curve449, ECDSA / ECDH (with support for 66 curves), RSA (PKCS#1 v2.2 compliant), DSA / DH, DES / 3DES / RC4 / Rijndael / AES / Blowfish / Twofish / Salsa20 / ChaCha20, GCM / Poly1305
Documentation
- Documentation / Manual
- API Documentation (generated by Doctum)
Branches
master
- Development Branch
- Unstable API
- Do not use in production
4.0
- Expected Release Date: September 2026
- Long term support (LTS) release
- X509 split into separate X509, CRL, CSR and SPKAC classes
- PFX and CMS classes added
- All ASN1 classes are lazy loaded by default
- Minimum PHP version: 8.1.0
- PSR-4 autoloading with namespace rooted at
\phpseclib4 - Install via Composer:
composer require phpseclib/phpseclib:4.0.x-dev
3.0
- Long term support (LTS) release
- Major expansion of cryptographic primitives
- Minimum PHP version: 5.6.1
- PSR-4 autoloading with namespace rooted at
\phpseclib3 - Install via Composer:
composer require phpseclib/phpseclib:~3.0
2.0
- Long term support (LTS) release
- Modernized version of 1.0
- Minimum PHP version: 5.3.3
- PSR-4 autoloading with namespace rooted at
\phpseclib - Install via Composer:
composer require phpseclib/phpseclib:~2.0
1.0
- Long term support (LTS) release
- PHP4 compatible
- Composer compatible (PSR-0 autoloading)
- Install using Composer:
composer require phpseclib/phpseclib:~1.0 - Download 1.0.25 as ZIP
Security contact information
To report a security vulnerability, please use the Tidelift security contact. Tidelift will coordinate the fix and disclosure.
Support
Need Support?
Special Thanks
Additional Thanks
- Allan Simon
- Anna Filina
- delovelady
- ChargeOver
Contributing
-
Fork the Project
-
Ensure you have Composer installed (see Composer Download Instructions)
-
Install Development Dependencies
composer install
-
Create a Feature Branch
-
Run continuous integration checks:
composer run-script all-quality-tools
-
Send us a Pull Request