PHPackages                             mmeyer2k/php-aes-gcm - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. mmeyer2k/php-aes-gcm

ActiveLibrary[Security](/categories/security)

mmeyer2k/php-aes-gcm
====================

010PHP

Since Jan 26Pushed 1y ago2 watchersCompare

[ Source](https://github.com/mmeyer2k/php-aes-gcm)[ Packagist](https://packagist.org/packages/mmeyer2k/php-aes-gcm)[ RSS](/packages/mmeyer2k-php-aes-gcm/feed)WikiDiscussions main Synced 1mo ago

READMEChangelogDependenciesVersions (1)Used By (0)

php-aes-gcm
===========

[](#php-aes-gcm)

A compact and foolproof AES-256 GCM implementation for PHP powered by `ext-sodium`. On systems without `AES-NI` support, this library falls back to using `ext-openssl`. Data encryption is cross-compatible between both extensions.

Install
-------

[](#install)

To take advantage of the cool features in PHP 8.2+, install from the main branch.

```
composer require "mmeyer2k/php-aes-gcm:dev-main"
```

Basic usage
-----------

[](#basic-usage)

```
$key = '\+YoUr\+32\+ByTe\+BaSe64\+EnCoDeD\+kEy\+GoEs\+HeRe\+';

$msg = 'Hello World!';

$aes = new \Mmeyer2k\AesGcm\AesGcm($key);

$enc = $aes->encrypt($msg);

$dec = $aes->decrypt($enc);

echo $dec;
```

Keys
----

[](#keys)

This library expects 32 byte keys encoded with base64. Keys should originate from secure sources of randomness to ensure the highest degree of protection.

In PHP:

```
echo base64_decode(random_bytes(32));
```

In BaSH:

```
head -c 32 /dev/urandom | base64 -w 0 | xargs echo
```

Other Usages
------------

[](#other-usages)

### Additional Authenticated Data (AAD)

[](#additional-authenticated-data-aad)

AAD data is extra information that is authenticated but unencrypted. Both the AAD and ciphertext must be present for decryption to proceed.

```
$aes = new \Mmeyer2k\AesGcm\AesGcm($key);

$aad = '...some extra information...'

$enc = $aes->encrypt($msg, $aad);

$dec = $aes->decrypt($enc, $aad);
```

### Native Key Rotation

[](#native-key-rotation)

To rotate keys, pass an array of key strings into the constructor. The first key (index 0) will be used for encryption. All keys will be attempted when decrypting.

```
$old = [
    'key 1',
    'key 2',
    'key 3',
];

$aes = new \Mmeyer2k\AesGcm\AesGcm($keys);

$dec = $aes->decrypt($ciphertext);
```

###  Health Score

16

—

LowBetter than 5% of packages

Maintenance33

Infrequent updates — may be unmaintained

Popularity5

Limited adoption so far

Community8

Small or concentrated contributor base

Maturity16

Early-stage or recently created project

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

### Community

Maintainers

![](https://www.gravatar.com/avatar/4c39fe5f8d80dda8a5735401c12cb631d5e17050f7baa7cd3f0f384167fb45db?d=identicon)[mmeyer2k](/maintainers/mmeyer2k)

---

Top Contributors

[![mmeyer2k](https://avatars.githubusercontent.com/u/1887431?v=4)](https://github.com/mmeyer2k "mmeyer2k (16 commits)")

### Embed Badge

![Health badge](/badges/mmeyer2k-php-aes-gcm/health.svg)

```
[![Health](https://phpackages.com/badges/mmeyer2k-php-aes-gcm/health.svg)](https://phpackages.com/packages/mmeyer2k-php-aes-gcm)
```

###  Alternatives

[defuse/php-encryption

Secure PHP Encryption Library

3.9k162.4M212](/packages/defuse-php-encryption)[roave/security-advisories

Prevents installation of composer packages with known security vulnerabilities: no API, simply require it

2.9k97.3M6.4k](/packages/roave-security-advisories)[mews/purifier

Laravel 5/6/7/8/9/10 HtmlPurifier Package

2.0k16.7M112](/packages/mews-purifier)[robrichards/xmlseclibs

A PHP library for XML Security

41278.1M118](/packages/robrichards-xmlseclibs)[bjeavons/zxcvbn-php

Realistic password strength estimation PHP library based on Zxcvbn JS

86917.5M63](/packages/bjeavons-zxcvbn-php)[enlightn/security-checker

A PHP dependency vulnerabilities scanner based on the Security Advisories Database.

33732.2M110](/packages/enlightn-security-checker)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)