PHPackages godaddy/asherah - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. godaddy/asherah ActiveLibrary[Security](/categories/security) godaddy/asherah =============== PHP FFI bindings for Asherah envelope encryption. v0.6.107(2w ago)0352[5 PRs](https://github.com/godaddy/asherah-ffi/pulls)Apache-2.0RustPHP >=8.1 Since May 7Pushed yesterdayCompare [ Source](https://github.com/godaddy/asherah-ffi)[ Packagist](https://packagist.org/packages/godaddy/asherah)[ Docs](https://github.com/godaddy/asherah-ffi)[ RSS](/packages/godaddy-asherah/feed)WikiDiscussions main Synced 1w ago READMEChangelog (10)Dependencies (3)Versions (23)Used By (0) Asherah ======= [](#asherah) Application-layer encryption with automatic key rotation. Rust implementation with bindings for Node.js, Python, .NET, Java, Ruby, and Go. What is Asherah? ---------------- [](#what-is-asherah) Asherah implements envelope encryption: data is encrypted with a random data key, which is itself encrypted with an intermediate key, which is encrypted by a master key held in a KMS. Keys rotate automatically based on configurable intervals, and old keys remain accessible for decryption while new data is always encrypted with fresh keys. This design means application code never handles raw master keys, key rotation happens transparently, and compromise of a single data key exposes only one record. **KMS backends:** AWS KMS (recommended), [HashiCorp Vault Transit](docs/vault-transit-kms.md) (on-prem), [AWS Secrets Manager](docs/secrets-manager-kms.md) (migration only), static (testing only) **Metastores:** DynamoDB, MySQL, Postgres, SQLite, in-memory (testing only) Language Bindings ----------------- [](#language-bindings) LanguagePackageDocsNode.js[`asherah`](https://www.npmjs.com/package/asherah) on npm[README](asherah-node/)Python[`asherah`](https://pypi.org/project/asherah) on PyPI[README](asherah-py/).NET`GoDaddy.Asherah.Encryption` on [NuGet](https://www.nuget.org/packages/GoDaddy.Asherah.Encryption)[README](asherah-dotnet/)Java`com.godaddy.asherah.encryption:appencryption` on [Maven Central](https://central.sonatype.com/artifact/com.godaddy.asherah.encryption/appencryption)[README](asherah-java/)Ruby`asherah` on [GitHub Packages](https://github.com/godaddy/asherah-ffi/packages)[README](asherah-ruby/)Go[`github.com/godaddy/asherah-ffi/asherah-go`](https://pkg.go.dev/github.com/godaddy/asherah-ffi/asherah-go)[README](asherah-go/)PHP`godaddy/asherah` on Composer[README](asherah-php/)Platform Support ---------------- [](#platform-support) PlatformArchitectureStatusLinuxx86\_64 (glibc)SupportedLinuxx86\_64 (musl)SupportedLinuxARM64 (glibc)SupportedLinuxARM64 (musl)SupportedmacOSx86\_64SupportedmacOSARM64 (Apple Silicon)SupportedWindowsx64SupportedWindowsARM64SupportedQuick Start ----------- [](#quick-start) ``` const asherah = require('asherah'); asherah.setup({ serviceName: 'my-service', productId: 'my-product', metastore: 'memory', // testing only — use 'rdbms' or 'dynamodb' in production kms: 'static', // testing only — use 'aws' in production }); const ct = asherah.encryptString('partition', 'secret data'); const pt = asherah.decryptString('partition', ct); asherah.shutdown(); ``` See each binding's README for complete examples including async APIs, session-based usage, and production configuration. Input contract -------------- [](#input-contract) There are two argument categories with different rules: - **Partition ID** (the tenancy/isolation identifier): `null`, `nil`, `undefined`, and the empty string `""` are **always programming errors**. Bindings reject them at the API boundary with the language-native exception type — no row is ever written to the metastore under a degenerate ID. (Stricter than canonical asherah-csharp / asherah-java, which silently accept null and persist `_IK__service_product` rows.) - **Plaintext** (input to encrypt): `null`/`nil`/`undefined` is rejected as a programming error. Empty `String` and empty byte array are **valid** plaintexts that produce a real `DataRowRecord` envelope and round-trip back to empty on decrypt. **Do not short-circuit empty plaintext encryption in caller code** — empty data is real data, encrypting it is a real cryptographic operation, and skipping it leaks the fact that the value was empty as a side channel. - **Ciphertext** (input to decrypt): `null`/`nil`/`undefined` and empty string/bytes are all rejected — empty input cannot be a valid `DataRowRecord` JSON envelope. See [docs/input-contract.md](docs/input-contract.md) for the full per-binding behavior matrix, exception types, and rationale. Performance ----------- [](#performance) The Rust core delivers sub-microsecond encrypt/decrypt. All language bindings stay under 2μs for sync operations. The table includes both sync and async variants, plus head-to-head comparison with the canonical Go/C#/Java implementations: Benchmark results — hot cache, Apple M4 Max See each binding's README for detailed async behavior and per-metastore performance characteristics. Architecture: Key Hierarchy and Secure Caching ---------------------------------------------- [](#architecture-key-hierarchy-and-secure-caching) Asherah uses a four-level key hierarchy with envelope encryption: ``` +------------------------------------------------------+ | KMS Backend | | (AWS KMS / HashiCorp Vault Transit API) | | | | Master Key -- never exposed, encrypt/decrypt via API | +------------------+-----------------------------------+ | encrypts +------------------v-----------------------------------+ | System Key (SK) | | Stored in metastore, cached in memory, auto-rotated | +------------------+-----------------------------------+ | encrypts +------------------v-----------------------------------+ | Intermediate Key (IK) | | Per-partition, stored in metastore, auto-rotated | +------------------+-----------------------------------+ | encrypts +------------------v-----------------------------------+ | Data Row Key (DRK) | | Unique per write -- effectively rotated every time | +------------------+-----------------------------------+ | encrypts v Your Data ``` ### Secure Memory and Tiered Key Cache [](#secure-memory-and-tiered-key-cache) Keys are protected at rest by a three-tier cache with hardware-enforced memory protection: ``` TIER 1: mlock'd Slab (hot cache, ~400ns access) ======================================================== Guard Page [PROT_NONE -- segfaults on access] +----------------------------------------------------+ | mlock'd Page (4KB, pinned in RAM, never swapped) | | | | Slot 0: Coffer Left (XOR'd master key half) | | Slot 1: Coffer Right (random, key derivation) | | [neither half alone reveals the key] | | | | Slot 2: SK decrypt key Session Cache (LRU, per-factory) | miss v IK Cache (stale-while-revalidate) | miss v SK Cache (shared, stale-while-revalidate) | miss v Metastore load --> Tier 2/1 promotion ``` On cache expiry, the stale key is returned immediately while a background refresh loads the latest version from the metastore. Testing ------- [](#testing) - **127 Rust unit tests** covering core encryption engine, key management, metastore adapters, and memory protection - **64 .NET tests** (34 core + 30 compatibility layer) across net8.0 and net10.0 - **49 Node.js tests** including async context, unicode, binary edge cases, and Factory/Session API - **21 Go tests** covering Factory/Session API and compatibility layer - **21 Python tests** including session-based and async APIs - **16 Java tests** including JNI lifecycle and async CompletableFuture - **74 Ruby tests** including thread safety, session lifecycle, and async callbacks - **5 cross-language interop tests** verifying Python, Node.js, Rust, and Ruby encrypt/decrypt compatibility - **6 fuzz targets** for Cargo-fuzz continuous fuzzing - **Memory safety**: Miri (undefined behavior detection), AddressSanitizer, and Valgrind on every PR - **12 publish dry-run jobs** that replicate every unique compilation path in the release pipeline - **56+ CI jobs** on every pull request across x86\_64 and ARM64 ``` # Run all tests scripts/test.sh --all # Individual test modes scripts/test.sh --unit scripts/test.sh --integration # requires Docker (MySQL, Postgres, DynamoDB) scripts/test.sh --bindings # requires language toolchains scripts/test.sh --interop scripts/test.sh --lint scripts/test.sh --sanitizers # Miri, AddressSanitizer, Valgrind scripts/test.sh --fuzz # requires nightly ``` Project Structure ----------------- [](#project-structure) DirectoryDescription`asherah/`Rust core library`asherah-node/`Node.js bindings`asherah-py/`Python bindings`asherah-dotnet/`.NET bindings`asherah-java/`Java bindings (JNI)`asherah-ruby/`Ruby bindings`asherah-go/`Go bindings (purego, no CGO)`asherah-ffi/`C ABI for language bindings`asherah-server/`gRPC sidecar server`samples/`Usage examples for each language`benchmarks/`Cross-language benchmark suiteSecurity -------- [](#security) - **mlock'd memory**: All key material lives in pages pinned to RAM (`mlock`), preventing the OS from swapping secrets to disk - **Guard pages**: Buffer overflows and underflows are caught by hardware-enforced guard pages around protected memory regions - **Canary bytes**: Optional buffer overflow detection via randomized canary values at buffer boundaries - **Wipe-on-free**: All key material is cryptographically scrubbed before memory is released — no residual secrets in freed pages - **Core dump protection**: Disabled at process initialization to prevent secrets from appearing in crash dumps - **Coffer key splitting**: The Enclave master key is split across two mlock'd slots using XOR + hash derivation — neither slot alone reveals the key - **AES-256-GCM Enclaves**: Keys at rest in regular memory are encrypted with authenticated encryption; only the mlock'd Coffer can decrypt them License ------- [](#license) [Apache-2.0](LICENSE) ### Health Score 43 — FairBetter than 89% of packages Maintenance98 Actively maintained with recent releases Popularity12 Limited adoption so far Community13 Small or concentrated contributor base Maturity42 Maturing project, gaining track record Bus Factor1 Top contributor holds 77.5% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~1 days Total 10 Last Release 19d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/0a4f8b6059dda96df4564f8a5667999cfaf21aac5b0f6f9abceb65ed544dadc0?d=identicon)[godaddy-oswg](/maintainers/godaddy-oswg) --- Top Contributors [![jgowdy-godaddy](https://avatars.githubusercontent.com/u/130084966?v=4)](https://github.com/jgowdy-godaddy "jgowdy-godaddy (503 commits)")[![jgowdy](https://avatars.githubusercontent.com/u/1331960?v=4)](https://github.com/jgowdy "jgowdy (96 commits)")[![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)](https://github.com/dependabot[bot] "dependabot[bot] (33 commits)")[![chief-micco](https://avatars.githubusercontent.com/u/194434024?v=4)](https://github.com/chief-micco "chief-micco (8 commits)")[![scourtney-godaddy](https://avatars.githubusercontent.com/u/109175789?v=4)](https://github.com/scourtney-godaddy "scourtney-godaddy (7 commits)")[![dnasevic-godaddy](https://avatars.githubusercontent.com/u/84343272?v=4)](https://github.com/dnasevic-godaddy "dnasevic-godaddy (2 commits)") --- Tags cryptographydotnetencryptionenvelope-encryptionffigojavakey-rotationnodejspythonrubyrustsecurityencryptionkmsffienvelope-encryptionasherah ### Code Quality TestsPHPUnit Static AnalysisPHPStan Code StylePHP CS Fixer Type Coverage Yes ### Embed Badge ![Health badge](/badges/godaddy-asherah/health.svg) ``` [![Health](https://phpackages.com/badges/godaddy-asherah/health.svg)](https://phpackages.com/packages/godaddy-asherah) ``` ### Alternatives [phpseclib/phpseclib PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc. 5.6k455.2M1.4k](/packages/phpseclib-phpseclib)[defuse/php-encryption Secure PHP Encryption Library 3.9k170.7M239](/packages/defuse-php-encryption)[paragonie/ciphersweet Searchable field-level encryption library for relational databases 4661.3M22](/packages/paragonie-ciphersweet)[ass/xmlsecurity The XmlSecurity library is written in PHP for working with XML Encryption and Signatures 955.6M33](/packages/ass-xmlsecurity)[pear/crypt_gpg Provides an object oriented interface to the GNU Privacy Guard (GnuPG). It requires the GnuPG executable to be on the system. 954.5M12](/packages/pear-crypt-gpg)[nzo/url-encryptor-bundle The NzoUrlEncryptorBundle is a Symfony Bundle used to Encrypt and Decrypt data and variables in the Web application or passed through URL 971.1M2](/packages/nzo-url-encryptor-bundle) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)