kigkonsult/openssltoolbox
Composer 安装命令:
composer require kigkonsult/openssltoolbox
包简介
the PHP OpenSSL Toolbox
关键字:
README 文档
README
provides object-oriented, secure and extended access to PHP OpenSSL functions
Conception basics
The OpenSSL pkey functions are assembled in the
- OpenSSLPkeyFactory class
The OpenSSL CSR functions are assembled in the
- OpenSSLCsrFactory class
The OpenSSL x509 functions are assembled in the
- OpenSSLX509Factory class
The OpenSSL pkcs7 functions are assembled in the
- OpenSSLPkcs7Factory class
The OpenSSL pkcs12 functions are assembled in the
- OpenSSLPkcs12Factory class
The OpenSSL spki functions are assembled in the
- OpenSSLSpkiFactory class
Remaining OpenSSL functions are assembled in the
- OpenSSLFactory class
Asserts and convenient salt, base64, hex, pack utility etc methods are assembled in the
- Assert class
- Convert class
Methods
All methods have
- argument validation and throws InvalidArgumentException on error
- errorHandler protection and result error evaluation, throws RuntimeException on error
Method names originates from OpenSSL function names
- Ex 'openssl_pkey_export' is encapsulated in method OpenSSLPkeyFactory::export()
Most methods has also more convenient and describable named method alias
- Ex OpenSSLPkeyFactory::getPrivateKeyAsPemString() for 'openssl_pkey_export'
Most methods (ex setters) are chainable (ie return 'static')
The OO-classes, above, has 'factory' methods, support 'one-liners' and inherit usefull constants defind in the OpenSSLInterface
Supplementary methods for message digest / hmac digest support are assembled in the
- HashFactory class
- HmacHashFactory class
Example Usage
Generate keys :
<?php namespace Kigkonsult\OpenSSLToolbox; $config = [ OpenSSLPkeyFactory::DIGESTALGO => OPENSSL_ALGO_SHA512, OpenSSLPkeyFactory::PRIVATEKEYBITS => 4096, OpenSSLPkeyFactory::PRIVATEKEYTYPE => OPENSSL_KEYTYPE_RSA, ]; $pKeyFactory = new OpenSSLPkeyFactory( $config ); // Generate a private key $privateKeyString = $pKeyFactory->getPrivateKeyAsPemString(); // Generate a public key $publicKeyString = $pKeyFactory->getPublicKeyAsPemString(); /* // or list( $privateKeyString, $publicKeyString ) = $pKeyFactory->getPrivatePublicKeyPairAsPemStrings(); // or one-liner, all-in-one list( $privateKeyString, $publicKeyString ) = OpenSSLPkeyFactory::factory( $config ) ->getPrivatePublicKeyPairAsPemStrings(); // or to files OpenSSLPkeyFactory::factory( $config ) ->savePrivatePublicKeyPairIntoPemFiles( 'priv.pem', 'pub.pem' ) */ // Distinguished Name or subject fields to be used in the certificate $DN = [ OpenSSLCsrFactory::COUNTRYNAME => "GB", OpenSSLCsrFactory::STATEORPROVINCENAME => "Somerset", OpenSSLCsrFactory::LOCALITYNAME => "Glastonbury", OpenSSLCsrFactory::ORGANIZATIONNAME => "The Brain Room Limited", OpenSSLCsrFactory::ORGANIZATIONUNITNAME => "PHP Documentation Team", OpenSSLCsrFactory::COMMONNAME => "Wez Furlong", OpenSSLCsrFactory::EMAILADDRESS => "wez@example.com" ]; // Generate a certificate signing request $csrFactory = OpenSSLCsrFactory::factory( $DN, $privateKeyString, $config ); $csrCertString = $csrFactory->getCSRasPemString(); // Generate a self-signed cert $x509CertResource = $csrFactory->getX509CertResource( null, $privateKeyString ); $x509Factory = OpenSSLX509Factory::factory() ->setX509Resource( $x509CertResource ); $x509CertString = $x509Factory->getX509CertAsPemString(); /* // or shorter $x509CertString = OpenSSLX509Factory::csrFactory( null, $DN, $privateKeyString, $config ) ->getX509CertAsPemString(); // or save to pem/der-file OpenSSLX509Factory::csrFactory( null, $DN, $privateKeyString, $config ) ->saveX509CertIntoPemFile( 'cert.pem' ); // ->saveX509CertIntoDerFile( 'cert.der' ) */
Seal/open
<?php ... // Seal data using public key(s) $data = implode( array_fill( 0, 100, 'Testing OpenSSL seal/open, !"#¤%&/()=?. ')); $recipientId = 'The Recipient'; $publicKeys = [ $recipientId => $publicKeyString ]; list( $sealed, $envelopeKeys ) = OpenSSLFactory::getSealedString( $data, $publicKeys ); // Open (decrypted) data using private key $decrypted = OpenSSLFactory::getOpenedSealedString( $sealed, $envelopeKeys[$recipientId], $privateKeyString );
Encrypt/decrypt
$data = implode( array_fill( 0, 100, 'Testing OpenSSL encrypt/decrypt, !"#¤%&/()=?. ')); $cipher = 'AES-256-ECB'; $passPhrase = Workshop::getSalt(); // encrypt string $encrypted = OpenSSLFactory::getEncryptedString( $data, $cipher, $passPhrase ); // decrypt string $decrypted = OpenSSLFactory::getDecryptedString( $encrypted, $cipher, $passPhrase );
More encrypt/decrypt
$data = 'Testing OpenSSL public/private encrypt/decrypt, !"#¤%&/()=?. '; // Encrypt the data using the PUBLIC key $encrypted = OpenSSLFactory::getpublicKeyEncryptedString( $data, $publicKeyString ); // Decrypt the data using the PRIVATE key $decrypted = OpenSSLFactory::getprivateKeyDecryptedString( $encrypted, $privateKeyString ); // Encrypt the data using the PRIVATE key $encrypted = OpenSSLFactory::getprivateKeyEncryptedString( $data, $privateKeyString ); // Decrypt the data using the PUBLIC key $decrypted = OpenSSLFactory::getpublicKeyDecryptedString( $encrypted, $publicKeyString );
Info
You will find
- class information in docs folder
- convenient constants in src/OpenSSLInterface
- a lot of more examples in the test folder.
Support
For support, please use Github/issues. Non-emergence support issues are, unless sponsored, fixed in due time.
Sponsorship
Donation using paypal.me/kigkonsult are appreciated. For invoice, please e-mail.
Installation
Composer
From the Command Line:
composer require kigkonsult/openssltoolbox
In your composer.json:
{
"require": {
"kigkonsult/openssltoolbox": "dev-master"
}
}
Acquire access
namespace Kigkonsult\OpenSSLToolbox; ... include 'vendor/autoload.php';
Or
Download and acquire..
namepace Kigkonsult\OpenSSLToolbox; ... include 'pathToSource/OpenSSLToolbox/autoload.php';
Tests
cd pathToSource/OpenSSLToolbox
vendor/bin/phpunit
Tests are executed in LOG mode, to alter, update PHP const last in phpunit.xml.
Note, it will takes some time, 80% coverage...
But still remain untested parts, help appreciated.
Assert PHP 7+ using PHPCompatibility and PHPStan.
License
This project is licensed under the LGPLv3 License
kigkonsult/openssltoolbox 适用场景与选型建议
kigkonsult/openssltoolbox 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 3 次下载、GitHub Stars 达 5, 最近一次更新时间为 2020 年 01 月 06 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「sdk」 「hash」 「digest」 「base64」 「signature」 「x509」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 kigkonsult/openssltoolbox 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 kigkonsult/openssltoolbox 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 kigkonsult/openssltoolbox 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Middleware to implement Basic and Digest Http authentication
russian-doll php library
Article CSS-ID Frontend Output Optimization
♺ Laravel Nova Hashids card. Convert your ids.
Tool for hashing and checking passwords using a required (registered) hashing algorithm. It can handle more (legacy) hashing algorithms.
Symfony bundle that captures Monolog errors, deduplicates them by fingerprint, emails a daily digest of new/spiking/top issues to admins, and provides a triage UI.
统计信息
- 总下载量: 3
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 5
- 点击次数: 15
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: LGPL-3.0-or-later
- 更新时间: 2020-01-06