PHPackages gmtls/openssl-crypto-kit - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. gmtls/openssl-crypto-kit ActiveLibrary[Security](/categories/security) gmtls/openssl-crypto-kit ======================== A modern and extensible PHP cryptography toolkit powered by OpenSSL. v3.0.1(11mo ago)09.9k1MITPHPPHP ^8.0 Since Apr 30Pushed 11mo ago1 watchersCompare [ Source](https://github.com/GmTLS/openssl-crypto-kit)[ Packagist](https://packagist.org/packages/gmtls/openssl-crypto-kit)[ Docs](https://github.com/dependencies-packagist/openssl-crypto-kit)[ RSS](/packages/gmtls-openssl-crypto-kit/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependenciesVersions (7)Used By (1) OpenSSL Crypto Kit ================== [](#openssl-crypto-kit) A modern and extensible PHP cryptography toolkit powered by OpenSSL. Supports RSA for encryption, decryption, and digital signatures, and EC for high-performance digital signing and key exchange. Also includes X.509 certificate generation, passphrase protection, and pluggable algorithm support. [![GitHub Tag](https://camo.githubusercontent.com/f79f1b56b8f5de86e151ab527f51a2d254cd9a66b32a36fbc572c763793ef04a/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f762f7461672f676d746c732f6f70656e73736c2d63727970746f2d6b6974)](https://github.com/gmtls/openssl-crypto-kit/tags)[![Total Downloads](https://camo.githubusercontent.com/2ea3a9e0e24fa0a8ae922a9f2668ee7c04ad0bb2253388f22d967f5a594469f1/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f676d746c732f6f70656e73736c2d63727970746f2d6b69743f7374796c653d666c61742d737175617265)](https://packagist.org/packages/gmtls/openssl-crypto-kit)[![Packagist Version](https://camo.githubusercontent.com/babdb88517f4f0c1094c5bd8981a4eb520577a3c16c6c6ada20867dceb84b644/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f676d746c732f6f70656e73736c2d63727970746f2d6b6974)](https://packagist.org/packages/gmtls/openssl-crypto-kit)[![Packagist PHP Version Support](https://camo.githubusercontent.com/24a539f6afd36bccf3ef455c9ab92788eb3c1228e14f1b2ae3082bfc839e6db2/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f7068702d762f676d746c732f6f70656e73736c2d63727970746f2d6b6974)](https://github.com/gmtls/openssl-crypto-kit)[![Packagist License](https://camo.githubusercontent.com/3b6501346e0b56014a17c193fd90e4408dd42fb10e6f6980f718a5f3614a00b2/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f676d746c732f6f70656e73736c2d63727970746f2d6b6974)](https://github.com/gmtls/openssl-crypto-kit) A modern PHP cryptography toolkit powered by OpenSSL. Features include: - RSA: key generation, signing, verification, encryption, decryption - EC: key generation, signing, verification - X.509 certificate creation - Passphrase protection and pluggable algorithm support Installation ------------ [](#installation) You can install the package via [Composer](https://getcomposer.org/): ``` composer require gmtls/openssl-crypto-kit ``` Usage ----- [](#usage) ### Generation [](#generation) ``` use GmTLS\CryptoKit\EC; use GmTLS\CryptoKit\RSA; $key = EC::createKey('secp521r1', 'password'); $key = RSA::createKey(1024, 'password'); ``` Or, load from an existing key ``` use GmTLS\CryptoKit\KeypairLoader; KeypairLoader::fromPrivateKeyFile(realpath('private.pem'), 'password'); KeypairLoader::fromPublicKeyFile(realpath('public.pem')); KeypairLoader::fromFile(realpath('key.pem'), 'password'); ``` ### Exporter [](#exporter) Save the key to a file ``` use GmTLS\CryptoKit\KeypairExporter; $keypairExporter = KeypairExporter::create($key); $keypairExporter->savePrivateKey(__DIR__ . '/private1.pem'); $keypairExporter->savePublicKey(__DIR__ . '/public1.pem'); $keypairExporter->saveKeys(__DIR__ . '/key1.pem'); ``` ### Parser [](#parser) ``` use GmTLS\CryptoKit\KeypairParser; $keypairParser = KeypairParser::create($key); var_dump( $keypairParser->toPublicKey(), $keypairParser->toPrivateKey() ); $keypairParser = KeypairParser::load($keypairParser->toPrivateKey()); var_dump( $keypairParser->getPublicKey(), $keypairParser->getPrivateKey() ); ``` Required `phpseclib/phpseclib` to use KeypairParser: ``` composer require phpseclib/phpseclib^3.0 ``` ### Signing && Verification [](#signing--verification) ``` use GmTLS\CryptoKit\CryptoKit; use GmTLS\CryptoKit\RSA; $key = RSA::createKey(1024, 'password'); $rsa = CryptoKit::keypair($key); $data = '...'; $sign = $rsa->getPrivateKey()->sign($data); $verify = $rsa->getPublicKey()->verify($data, $sign); var_dump($sign, $verify); $sign = $rsa->getPrivateKey()->base64Sign($data); $verify = $rsa->getPublicKey()->base64Verify($data, $sign); var_dump($sign, $verify); ``` ### Encryption && Decryption [](#encryption--decryption) ``` use GmTLS\CryptoKit\CryptoKit; use GmTLS\CryptoKit\RSA; $key = RSA::createKey(1024, 'password'); $rsa = CryptoKit::RSA($key); $data = '...'; $encrypt = $rsa->getPublicKey()->encrypt($data); $decrypt = $rsa->getPrivateKey()->decrypt($encrypt); var_dump($encrypt, $decrypt); $encrypt = $rsa->getPublicKey()->base64Encrypt($data); $decrypt = $rsa->getPrivateKey()->base64Decrypt($encrypt); var_dump($encrypt, $decrypt); ``` Advanced -------- [](#advanced) ### Extension Algorithm [](#extension-algorithm) Create a new `DSA` class that extends `\GmTLS\CryptoKit\Concerns\AsymmetricKey` and implement the methods you need to override. - Generate DSA Key Pair Using OpenSSL: ``` openssl dsaparam -out dsaparam.pem 1024 openssl gendsa -out private_dsa.pem dsaparam.pem openssl dsa -in private_dsa.pem -pubout -out public_dsa.pem ``` - Extension Class – DSA Key Wrapper > The DSA class provides a wrapper for handling DSA asymmetric keys in the GmTLS\\CryptoKit framework, and it extends the base class AsymmetricKey. ``` use GmTLS\CryptoKit\Concerns\AsymmetricKey; use GmTLS\CryptoKit\Keypair; use GmTLS\CryptoKit\Crypto\PrivateKey; use GmTLS\CryptoKit\Crypto\PublicKey; use RuntimeException; class DSA extends AsymmetricKey { public static function createKey(): Keypair { throw new RuntimeException('Direct generation of DSA keys is not supported'); } public function getPublicKey(): PublicKey { return new PublicKey(new Keypair( publicKey: $this->getKeypair()->getPublicKey() )); } public function getPrivateKey(): PrivateKey { return new PrivateKey(new Keypair( privateKey: $this->getKeypair()->getPrivateKey(), publicKey: $this->getKeypair()->getPublicKey(), passphrase: $this->getKeypair()->getPassphrase(), )); } } ``` - Extending CryptoKit: ``` use GmTLS\CryptoKit\CryptoKit; use GmTLS\CryptoKit\Keypair; use GmTLS\CryptoKit\KeypairLoader; CryptoKit::extend(OPENSSL_KEYTYPE_DSA, function (Keypair $keypair) { return new DSA($keypair); }); ``` - Calling using CryptoKit: ``` $keypair = KeypairLoader::fromFile(realpath('dsa.pem')); $dsa = CryptoKit::keypair($keypair); $data = '...'; $sign = $dsa->getPrivateKey()->sign($data); $verify = $dsa->getPublicKey()->verify($data, $sign); var_dump($sign, $verify); $sign = $dsa->getPrivateKey()->base64Sign($data); $verify = $dsa->getPublicKey()->base64Verify($data, $sign); var_dump($sign, $verify); ``` ### JWK [](#jwk) Generate JWK using `RSA`: ``` use GmTLS\CryptoKit\RSA; $key = RSA::createKey(1024, 'password'); echo $key->parse()->toPrivateKey('JWK'); ``` Output: ``` { "keys": [ { "kty": "RSA", "n": "0J9js7Tmn5meaal0h1eooKtVkiAykS8WQLOjdGXHq5MX6iimYHna04N_u18bWu02OsULOFj96nuA9C4MvYdFMxPGN8v6j_a2CQRnuIoAtizy1umYkZyBT5LnTmOMG3UOqAFIXDyVrsegYHRTsn0cr8ncYUhHhpBZX7A-Ly7gbYk=", "e": "AQAB", "d": "yEAmmKnNMWdoam3w37ThtQ-g_LmRMFDtYD_OZv0HcwanTumkAjkVNjAkHHvHKzlE85aOFZE-caQI_Nly-z3rycbHxouVDoWSKaPFZ89yPyo-CEJYLSoEuyYVrjUthl285-5mgXf1Oi8T_EUrT_yn-QDKWpGL1YIiOLMlpsPmIB0=", "p": "6GXT1Kr0u3viwmiX80ajArGnwNsL6cetlnnpN3naJ0c5Yto6tn-2mOMsCZXT0M8Uch0IDK8wT2ZPUi4y0qpaZw==", "q": "5c9s6uFY0Ie8131Nx_rSenayMxZYW-tHrCH6YYRi1NQNj2AWb8MEJlSvtspE2aVLL9H0-RLJtrOXtqI4My_ijw==", "dp": "h9IrUVlwmro2tuQmGjooPwTRQ_dBKSpYG1-4m4GNq_MGaO2d7tcJQqVSMW_tUVYVXvP0pmUk2OK0bRUvAswo9Q==", "dq": "X8WB7qDbEox-9o8RyzWMYdz1hrTZPfVfeSzv25QAXBHDVO0GbK0pHZBNajABYXKxUsx8-xAJYEqX_1S7dxmNoQ==", "qi": "sHJGFOo2PGOw0wYc8qkhDa-Qzuf4UNM-XoXwMy7UqtTgjaK_7QCaXjF5E7it3oBBnOiNutyrl2zXIerXm7-TiQ==" } ] } ``` Get the public or private key based on the JWK using KeypairParser: ``` use GmTLS\CryptoKit\KeypairParser; echo KeypairParser::load($jwk)->getPublicKey(); // -----BEGIN PRIVATE KEY----- // MIICdwIBAD... // -----END PRIVATE KEY----- echo KeypairParser::load($jwk)->getPrivateKey(); // -----BEGIN PUBLIC KEY----- // MIGfMA0GCS... // -----END PUBLIC KEY----- ``` License ------- [](#license) Nacosvel Contracts is made available under the MIT License (MIT). Please see [License File](LICENSE) for more information. ### Health Score 34 — LowBetter than 77% of packages Maintenance54 Moderate activity, may be stable Popularity18 Limited adoption so far Community9 Small or concentrated contributor base Maturity46 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~4 days Total 6 Last Release 351d ago Major Versions v1.0.0 → v2.0.02025-05-02 v2.2.0 → v3.0.02025-05-08 ### Community Maintainers ![](https://www.gravatar.com/avatar/2da9b458375a1b7972b7c4d26a5bf8f3e48db305e8805da36f253956f33c5568?d=identicon)[jundayw](/maintainers/jundayw) --- Top Contributors [![jundayw](https://avatars.githubusercontent.com/u/16873970?v=4)](https://github.com/jundayw "jundayw (32 commits)") --- Tags encryptionsigningrsaecopensslverificationdecryption ### Embed Badge ![Health badge](/badges/gmtls-openssl-crypto-kit/health.svg) ``` [![Health](https://phpackages.com/badges/gmtls-openssl-crypto-kit/health.svg)](https://phpackages.com/packages/gmtls-openssl-crypto-kit) ``` ### Alternatives [phpseclib/phpseclib PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc. 5.6k434.8M1.3k](/packages/phpseclib-phpseclib)[vlucas/pikirasa PKI public/private RSA key encryption using the OpenSSL extension 104101.1k1](/packages/vlucas-pikirasa) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)