PHPackages hejunjie/encrypted-request - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. hejunjie/encrypted-request ActiveLibrary[Security](/categories/security) hejunjie/encrypted-request ========================== PHP 请求加密工具包,支持 AES 解密、签名与时间戳验证,快速实现前后端安全通信 | PHP encryption toolkit for AES decryption, signature, and timestamp verification, enabling fast and secure front-to-backend communication. Front-end npm package generates encrypted request parameters without changing existing APIs v2.0.0(8mo ago)1210↓41.7%MITPHP Since Aug 26Pushed 6mo agoCompare [ Source](https://github.com/zxc7563598/php-encrypted-request)[ Packagist](https://packagist.org/packages/hejunjie/encrypted-request)[ RSS](/packages/hejunjie-encrypted-request/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (3)Dependencies (1)Versions (4)Used By (0) hejunjie/encrypted-request ========================== [](#hejunjieencrypted-request) [English](./README.md)|[简体中文](./README.zh-CN.md)--- A PHP toolkit for handling encrypted requests, enabling fast and secure front-end to back-end communication. In real-world development, you often encounter scenarios where requests need to be secure: data must be encrypted to prevent sniffing, and requests must be protected from tampering or replay attacks. Coordinating encryption methods and signature rules with the front-end can be cumbersome. This PHP package simplifies the process. Paired with a dedicated npm package, the front-end can generate encrypted request parameters with a single call, enabling secure and fast data transmission. Front-end companion npm package: [npm-encrypted-request](https://github.com/zxc7563598/npm-encrypted-request) **This project has been parsed by Zread. To quickly understand it, you can click here:** **[Learn More](https://zread.ai/zxc7563598/php-encrypted-request)** Features -------- [](#features) - ♾️ **Hybrid encryption**: AES key is randomly generated, no need for front-end to store a fixed key, improving security - 🔐 **AES-128-CBC decryption**: Securely decrypt front-end encrypted data, back-end only needs to configure the RSA private key - ✍️ **Dynamic MD5 signature verification**: Prevents forged requests - ⏰ **Second-level timestamp validation**: Customizable tolerance to prevent request hijacking - ⚙️ **Flexible configuration**: Use `.env` or pass an array directly - 🧠 **Minimal code changes required**: Front-end can securely send data without worrying about the underlying logic Installation ------------ [](#installation) ``` composer require hejunjie/encrypted-request ``` Configuration Example --------------------- [](#configuration-example) You can configure via `.env`: ``` RSA_PRIVATE_KEY=your-private-key DEFAULT_TIMESTAMP_DIFF=60 ``` Or pass an array directly: ``` $config = [ 'RSA_PRIVATE_KEY' => 'your-private-key', // Private key string (including -----BEGIN PRIVATE KEY-----) 'DEFAULT_TIMESTAMP_DIFF' => 60, // Optional, used to validate request expiry in seconds, default is 60 ]; ``` Usage ----- [](#usage) ### Basic Example [](#basic-example) ``` use Hejunjie\EncryptedRequest\EncryptedRequestHandler; $params = $_POST; // Obtain front-end request parameters $config = ['RSA_PRIVATE_KEY' => 'your-private-key']; // Not needed if using .env $handler = new EncryptedRequestHandler($config); try { $data = $handler->handle( $params['en_data'] ?? '', $params['enc_payload'] ?? '', $params['timestamp'] ?? '', $params['sign'] ?? '' ); // $data contains the decrypted array } catch (\Hejunjie\EncryptedRequest\Exceptions\SignatureException $e) { echo "Signature error: " . $e->getMessage(); } catch (\Hejunjie\EncryptedRequest\Exceptions\TimestampException $e) { echo "Timestamp error: " . $e->getMessage(); } catch (\Hejunjie\EncryptedRequest\Exceptions\DecryptionException $e) { echo "Decryption error: " . $e->getMessage(); } ``` Front-end Integration --------------------- [](#front-end-integration) The front-end uses the [hejunjie-encrypted-request](https://github.com/zxc7563598/npm-encrypted-request) npm package to generate encrypted data and send it to the PHP back-end: ``` import { encryptRequest } from "hejunjie-encrypted-request"; const encrypted = encryptRequest( { message: "Hello" }, { rsaPubKey: "your-public-key", } ); ``` The PHP back-end can directly decrypt using `EncryptedRequestHandler`. Compatibility ------------- [](#compatibility) - PHP >= 8.1 - Works with any PSR-4 autoloading framework or plain PHP project Development & Contribution ------------------------------ [](#development--contribution) Contributions are welcome! Submit issues or pull requests to add new decoders, optimize features, or provide examples. ### Health Score 33 — LowBetter than 75% of packages Maintenance63 Regular maintenance activity Popularity16 Limited adoption so far Community6 Small or concentrated contributor base Maturity38 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~1 days Total 3 Last Release 262d ago Major Versions v0.0.1 → v1.0.02025-08-26 v1.0.0 → v2.0.02025-08-28 ### Community Maintainers ![](https://www.gravatar.com/avatar/5b65d4b40ae456172fb38f63f84bf737ac88031484b1f228b1cc8d71baa80adf?d=identicon)[苏青安](/maintainers/%E8%8B%8F%E9%9D%92%E5%AE%89) --- Top Contributors [![zxc7563598](https://avatars.githubusercontent.com/u/46590942?v=4)](https://github.com/zxc7563598 "zxc7563598 (8 commits)") --- Tags aes-encryptionencrypted-requestfrontend-integrationphpphp-packagerequest-signaturessecure-apisecuritytimestamp-validation ### Embed Badge ![Health badge](/badges/hejunjie-encrypted-request/health.svg) ``` [![Health](https://phpackages.com/badges/hejunjie-encrypted-request/health.svg)](https://phpackages.com/packages/hejunjie-encrypted-request) ``` ### Alternatives [defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[roave/security-advisories Prevents installation of composer packages with known security vulnerabilities: no API, simply require it 2.9k97.3M6.4k](/packages/roave-security-advisories)[mews/purifier Laravel 5/6/7/8/9/10 HtmlPurifier Package 2.0k16.7M113](/packages/mews-purifier)[acmephp/ssl PHP wrapper around OpenSSL extension providing SSL encoding, decoding, parsing and signing features 141.2M4](/packages/acmephp-ssl)[aedart/athenaeum Athenaeum is a mono repository; a collection of various PHP packages 245.2k](/packages/aedart-athenaeum) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)