PHPackages                             philiprehberger/php-crypt - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. philiprehberger/php-crypt

ActiveLibrary[Security](/categories/security)

philiprehberger/php-crypt
=========================

Secure-by-default encryption with AES-256-GCM and key rotation

v1.0.3(1mo ago)11[1 PRs](https://github.com/philiprehberger/php-crypt/pulls)MITPHPPHP ^8.2CI passing

Since Mar 15Pushed 1mo agoCompare

[ Source](https://github.com/philiprehberger/php-crypt)[ Packagist](https://packagist.org/packages/philiprehberger/php-crypt)[ Docs](https://github.com/philiprehberger/php-crypt)[ RSS](/packages/philiprehberger-php-crypt/feed)WikiDiscussions main Synced 1mo ago

READMEChangelogDependencies (3)Versions (5)Used By (0)

PHP Crypt
=========

[](#php-crypt)

[![Tests](https://github.com/philiprehberger/php-crypt/actions/workflows/tests.yml/badge.svg)](https://github.com/philiprehberger/php-crypt/actions/workflows/tests.yml)[![Latest Version on Packagist](https://camo.githubusercontent.com/0f11230e15b9ecf03b670572dc35534a45df2355a274969ac251c346d9a4e40e/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f7068696c69707265686265726765722f7068702d63727970742e737667)](https://packagist.org/packages/philiprehberger/php-crypt)[![License](https://camo.githubusercontent.com/0aa023a1fa3cf84eaba21a9d4dcd50e6b150039ed690c0a2f402441eeee746a2/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f7068696c69707265686265726765722f7068702d6372797074)](LICENSE)

Secure-by-default encryption with AES-256-GCM and key rotation.

Requirements
------------

[](#requirements)

- PHP 8.2+
- ext-openssl

Installation
------------

[](#installation)

```
composer require philiprehberger/php-crypt
```

Usage
-----

[](#usage)

### Basic Encryption

[](#basic-encryption)

```
use PhilipRehberger\Crypt\Crypt;

$key = Crypt::generateKey();

$encrypted = Crypt::encrypt('sensitive data', $key);
$decrypted = Crypt::decrypt($encrypted, $key);
```

### Additional Authenticated Data (AAD)

[](#additional-authenticated-data-aad)

Bind ciphertext to a context so it cannot be used elsewhere:

```
$encrypted = Crypt::encrypt('data', $key, aad: 'user:42');
$decrypted = Crypt::decrypt($encrypted, $key, aad: 'user:42');
```

### Key Rotation

[](#key-rotation)

Re-encrypt data when rotating keys:

```
$rotated = Crypt::rotate($encrypted, $oldKey, $newKey);
```

### Array Encryption

[](#array-encryption)

Encrypt and decrypt arrays (serialized as JSON):

```
$encrypted = Crypt::encryptArray(['name' => 'Alice', 'role' => 'admin'], $key);
$data = Crypt::decryptArray($encrypted, $key);
```

### KeyChain (Multi-Key Management)

[](#keychain-multi-key-management)

Manage key rotation transparently — encrypts with the current key, decrypts with any known key:

```
use PhilipRehberger\Crypt\KeyChain;

$chain = new KeyChain($newKey, $oldKey1, $oldKey2);

$encrypted = $chain->encrypt('data');
$decrypted = $chain->decrypt($encryptedWithAnyKey);

// Re-encrypt all ciphertexts with the current key
$rotated = $chain->rotateAll($ciphertexts);
```

API
---

[](#api)

### `Crypt` (Static)

[](#crypt-static)

MethodDescription`generateKey(): string`Generate a random base64-encoded 32-byte key`encrypt(string $data, string $key, ?string $aad = null): string`Encrypt data with AES-256-GCM`decrypt(string $encrypted, string $key, ?string $aad = null): string`Decrypt AES-256-GCM ciphertext`rotate(string $encrypted, string $oldKey, string $newKey): string`Re-encrypt data with a new key`encryptArray(array $data, string $key): string`Encrypt an array as JSON`decryptArray(string $encrypted, string $key): array`Decrypt a JSON-encoded array### `KeyChain`

[](#keychain)

MethodDescription`__construct(string $currentKey, string ...$previousKeys)`Create a key chain`encrypt(string $data): string`Encrypt with the current key`decrypt(string $encrypted): string`Decrypt with any key in the chain`rotateAll(array $ciphertexts): array`Re-encrypt all ciphertexts with the current key### Exceptions

[](#exceptions)

ExceptionWhen`InvalidKeyException`Key is not a valid base64-encoded 32-byte string`DecryptionException`Decryption fails (wrong key, tampered data, invalid ciphertext)Development
-----------

[](#development)

```
composer install
vendor/bin/phpunit
vendor/bin/pint --test
vendor/bin/phpstan analyse
```

License
-------

[](#license)

MIT

###  Health Score

41

—

FairBetter than 88% of packages

Maintenance96

Actively maintained with recent releases

Popularity4

Limited adoption so far

Community6

Small or concentrated contributor base

Maturity49

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~0 days

Total

4

Last Release

52d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/cfd7d24cbbf32400fa13ce0bbe7a31edd2d66a6d4488eafdb3d64c5337bf0435?d=identicon)[philiprehberger](/maintainers/philiprehberger)

---

Top Contributors

[![philiprehberger](https://avatars.githubusercontent.com/u/8218077?v=4)](https://github.com/philiprehberger "philiprehberger (10 commits)")

---

Tags

securityencryptioncryptoopensslkey-rotationaes-256-gcm

###  Code Quality

TestsPHPUnit

Static AnalysisPHPStan

Code StyleLaravel Pint

Type Coverage Yes

### Embed Badge

![Health badge](/badges/philiprehberger-php-crypt/health.svg)

```
[![Health](https://phpackages.com/badges/philiprehberger-php-crypt/health.svg)](https://phpackages.com/packages/philiprehberger-php-crypt)
```

###  Alternatives

[defuse/php-encryption

Secure PHP Encryption Library

3.9k162.4M212](/packages/defuse-php-encryption)[phpseclib/phpseclib

PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc.

5.6k434.8M1.3k](/packages/phpseclib-phpseclib)[poly-crypto/poly-crypto

High-level cryptographic functions that are interoperable between NodeJS and PHP 7.1+

127.8k1](/packages/poly-crypto-poly-crypto)[ercsctt/laravel-file-encryption

Secure file encryption and decryption for Laravel applications

642.6k](/packages/ercsctt-laravel-file-encryption)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)