PHPackages leigh/php-aes - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. leigh/php-aes AbandonedArchivedLibrary[Security](/categories/security) leigh/php-aes ============= Pure PHP implementation of the AES cipher. 371514[1 issues](https://github.com/lt/PHP-AES/issues)PHP Since Apr 3Pushed 3y ago4 watchersCompare [ Source](https://github.com/lt/PHP-AES)[ Packagist](https://packagist.org/packages/leigh/php-aes)[ RSS](/packages/leigh-php-aes/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependenciesVersions (1)Used By (0) AES in PHP ========== [](#aes-in-php) This library contains pure PHP implementations of the AES block cipher and several modes of operation based on it. **These are toy implementations for fun/education and come with exactly zero security guarantees.** The underlying block cipher variation is chosen automatically based on the length of the supplied key. - AES-128 is used when a 16 byte key is supplied - AES-192 is used when a 24 byte key is supplied - AES-256 is used when a 32 byte key is supplied It is the responsibility of the user to ensure that the message is properly padded when using a block mode. If the supplied message is not a multiple of 16 bytes in length an exception will be thrown. The following block chaining modes are available: - ECB - CBC The following stream cipher modes are available: - CTR - CFB - OFB The following AEAD modes are available: - OCB - GCM The following padding schemes are available: - PKCS7 - ANSI X.923 - ISO/IEC 7816 ### Usage: [](#usage) All modes have one-shot `encrypt()` and `decrypt()` methods which accept different parameters depending on the mode. Example: ``` $key = new AES\Key('abcdefghijklmnop'); $nonce = 'abcdefghijklmnop'; $ctr = new AES\CTR; $ciphertext = $ctr->encrypt($key, $nonce, $plaintext); ``` All modes also have streaming capabilities allowing encryption/decryption to be done in chunks. To use any mode of operation like this an appropriate `Context` needs to be initialised first. The context keeps track of state allowing longer messages to be processed in multiple blocks. Separate contexts are required for encryption and decryption. Example: ``` $key = new AES\Key('abcdefghijklmnop'); $nonce = 'abcdefghijklmnop'; $ctr = new AES\CTR; $encryptionContext = $ctr->initEncryption($key, $nonce); $ciphertext = $ctr->streamEncrypt($encryptionContext, $plaintext0); $ciphertext .= $ctr->streamEncrypt($encryptionContext, $plaintext1); ``` AEAD modes are slightly more complicated. A few caveats: - OCB when streaming can process AAD at any time - GCM when streaming has to process AAD first - GCM only validates the tag prior to decryption when using the one-shot `decrypt()`. It can't do this with `streamDecrypt()` because it doesn't have all of the data yet. - GCM has a significant initialisation overhead (time and memory) which is key dependant. If you plan to re-use the same key with different nonces you can use the `reInit()` method - OCB and GCM one-shot `encrypt()` returns an array of `[$ciphertext, $tag]` - OCB and GCM when streaming will output aligned to 16-byte blocks and `finalise()` returns the final piece of ciphertext/plaintext. // TODO: Fix for GCM, OCB doesn't seem possible Example stream usage: ``` $key = new AES\Key('abcdefghijklmnop'); $nonce = 'abcdefghijkl'; // 12 byte nonce for GCM $aad = 'Hello' $gcm = new AES\GCM; $encryptionContext = $gcm->initEncryption($key, $nonce); $gcm->aad($aad0); $gcm->aad($aad1); $ciphertext = $gcm->streamEncrypt($encryptionContext, $plaintext0); $ciphertext .= $gcm->streamEncrypt($encryptionContext, $plaintext1); $ciphertext .= $gcm->finalise($context); // $gcm->verify($context, $tag); // If decrypting $tag = $gcm->tag($context); ``` ### Health Score 19 — LowBetter than 10% of packages Maintenance19 Infrequent updates — may be unmaintained Popularity19 Limited adoption so far Community13 Small or concentrated contributor base Maturity22 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/ec51e6a7e4e13915e229d77557ea2495f9f2d3992166e687c828be17e307a478?d=identicon)[lt](/maintainers/lt) --- Top Contributors [![lt](https://avatars.githubusercontent.com/u/1503065?v=4)](https://github.com/lt "lt (75 commits)") ### Embed Badge ![Health badge](/badges/leigh-php-aes/health.svg) ``` [![Health](https://phpackages.com/badges/leigh-php-aes/health.svg)](https://phpackages.com/packages/leigh-php-aes) ``` ### Alternatives [defuse/php-encryption Secure PHP Encryption Library 3.9k162.4M214](/packages/defuse-php-encryption)[mews/purifier Laravel 5/6/7/8/9/10 HtmlPurifier Package 2.0k16.7M113](/packages/mews-purifier)[robrichards/xmlseclibs A PHP library for XML Security 41478.1M118](/packages/robrichards-xmlseclibs)[bjeavons/zxcvbn-php Realistic password strength estimation PHP library based on Zxcvbn JS 87117.5M63](/packages/bjeavons-zxcvbn-php)[illuminate/encryption The Illuminate Encryption package. 9229.7M280](/packages/illuminate-encryption)[paragonie/hidden-string Encapsulate strings in an object to hide them from stack traces 7410.6M39](/packages/paragonie-hidden-string) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)