philiprehberger/php-crypt
Composer 安装命令:
composer require philiprehberger/php-crypt
包简介
Secure-by-default encryption with AES-256-GCM and key rotation
README 文档
README
Secure-by-default encryption with AES-256-GCM and key rotation.
Requirements
- PHP 8.2+
- ext-openssl
Installation
composer require philiprehberger/php-crypt
Usage
Basic Encryption
use PhilipRehberger\Crypt\Crypt; $key = Crypt::generateKey(); $encrypted = Crypt::encrypt('sensitive data', $key); $decrypted = Crypt::decrypt($encrypted, $key);
Additional Authenticated Data (AAD)
Bind ciphertext to a context so it cannot be used elsewhere:
$encrypted = Crypt::encrypt('data', $key, aad: 'user:42'); $decrypted = Crypt::decrypt($encrypted, $key, aad: 'user:42');
Key Rotation
Re-encrypt data when rotating keys:
$rotated = Crypt::rotate($encrypted, $oldKey, $newKey);
Array Encryption
Encrypt and decrypt arrays (serialized as JSON):
$encrypted = Crypt::encryptArray(['name' => 'Alice', 'role' => 'admin'], $key); $data = Crypt::decryptArray($encrypted, $key);
JSON Encryption
Encrypt and decrypt any JSON-serializable value:
$data = [ 'user' => ['name' => 'Alice', 'email' => 'alice@example.com'], 'roles' => ['admin', 'editor'], ]; $encrypted = Crypt::encryptJson($data, $key); $decrypted = Crypt::decryptJson($encrypted, $key); // returns the original structure
Key Validation
Check the strength of an encryption key:
$result = Crypt::validateKeyStrength($key); // ['valid' => true, 'bits' => 256, 'recommendation' => null] $weak = Crypt::validateKeyStrength(base64_encode('short')); // ['valid' => false, 'bits' => 40, 'recommendation' => 'Key is 40-bit. A minimum of ...']
KeyChain (Multi-Key Management)
Manage key rotation transparently — encrypts with the current key, decrypts with any known key:
use PhilipRehberger\Crypt\KeyChain; $chain = new KeyChain($newKey, $oldKey1, $oldKey2); $encrypted = $chain->encrypt('data'); $decrypted = $chain->decrypt($encryptedWithAnyKey); // Re-encrypt all ciphertexts with the current key $rotated = $chain->rotateAll($ciphertexts);
API
Crypt (Static)
| Method | Description |
|---|---|
generateKey(): string |
Generate a random base64-encoded 32-byte key |
encrypt(string $data, string $key, ?string $aad = null): string |
Encrypt data with AES-256-GCM |
decrypt(string $encrypted, string $key, ?string $aad = null): string |
Decrypt AES-256-GCM ciphertext |
rotate(string $encrypted, string $oldKey, string $newKey): string |
Re-encrypt data with a new key |
encryptArray(array $data, string $key): string |
Encrypt an array as JSON |
decryptArray(string $encrypted, string $key): array |
Decrypt a JSON-encoded array |
encryptJson(mixed $data, string $key): string |
JSON-encode any value then encrypt |
decryptJson(string $encrypted, string $key): mixed |
Decrypt then JSON-decode |
validateKeyStrength(string $key): array |
Check key bit length and strength |
KeyChain
| Method | Description |
|---|---|
__construct(string $currentKey, string ...$previousKeys) |
Create a key chain |
encrypt(string $data): string |
Encrypt with the current key |
decrypt(string $encrypted): string |
Decrypt with any key in the chain |
rotateAll(array $ciphertexts): array |
Re-encrypt all ciphertexts with the current key |
Exceptions
| Exception | When |
|---|---|
InvalidKeyException |
Key is not a valid base64-encoded 32-byte string |
DecryptionException |
Decryption fails (wrong key, tampered data, invalid ciphertext) |
Development
composer install vendor/bin/phpunit vendor/bin/pint --test vendor/bin/phpstan analyse
Support
If you find this project useful:
License
philiprehberger/php-crypt 适用场景与选型建议
philiprehberger/php-crypt 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 48 次下载、GitHub Stars 达 1, 最近一次更新时间为 2026 年 03 月 15 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「security」 「encryption」 「crypto」 「openssl」 「aes-256-gcm」 「key-rotation」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 philiprehberger/php-crypt 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 philiprehberger/php-crypt 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 philiprehberger/php-crypt 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
A simple PHP class to encrypt a string and decrypt an encrypted string
A package for automatically encrypting and decrypting Eloquent attributes in Laravel 5.5+, based on configuration settings.
Provide a way to secure accesses to all routes of an symfony application.
Encryption with AES-256 and HMAC-SHA256
Allows installation of Laravel where the PHP Mcrypt extension is not available. Provides encryption using OpenSSL, or by disabling encryption entierly.
High-level cryptographic primitives and security utilities for Maatify systems including password hashing, reversible encryption, HKDF key derivation, and key rotation.
统计信息
- 总下载量: 48
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 1
- 点击次数: 36
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2026-03-15