PhpseclibCipherSuite
in package
implements
CipherSuiteInterface
This is an implementation of CipherSuiteInterface based on phpseclib 1.x/2.x.
It supports multiple ciphers:
- aes-cbc: AES-256 w/CBC, no authentication
- aes-ctr: AES-256 w/CTR, no authentication
- aes-cbc-hs: AES-256 w/CBC, HMAC-SHA256 authentication. Enc+auth use derived keys.
- aes-ctr-hs: AES-256 w/CTR, HMAC-SHA256 authentication. Enc+auth use derived keys.
Tags
Table of Contents
Interfaces
Properties
- $ciphers : array<string|int, mixed>|null
- List of phpseclib "Cipher" objects. These are template objects which may be cloned for use with specific keys.
Methods
- __construct() : mixed
- decrypt() : string
- Decrypt a string
- encrypt() : string
- Encrypt a string
- getSuites() : array<string|int, mixed>
- Get a list of supported cipher suites.
- authenticateThenDecrypt() : string
- createCipher() : Base|Crypt_Base
- createEncAuthKeys() : array<string|int, mixed>
- Given an master key, derive a pair of encryption+authentication keys.
- decryptOnly() : mixed
- encryptOnly() : mixed
- encryptThenSign() : string
- getDigestBytes() : mixed
- assertLen() : mixed
Properties
$ciphers
List of phpseclib "Cipher" objects. These are template objects which may be cloned for use with specific keys.
protected
array<string|int, mixed>|null
$ciphers
= NULL
Methods
__construct()
public
__construct() : mixed
decrypt()
Decrypt a string
public
decrypt(string $cipherText, array<string|int, mixed> $key) : string
Parameters
- $cipherText : string
-
Encrypted content as a binary string. Depending on the suite, this may include related values (eg HMAC + IV).
- $key : array<string|int, mixed>
Tags
Return values
string —Decrypted string
encrypt()
Encrypt a string
public
encrypt(string $plainText, array<string|int, mixed> $key) : string
Parameters
- $plainText : string
- $key : array<string|int, mixed>
Tags
Return values
string —Encrypted content as a binary string. Depending on the suite, this may include related values (eg HMAC + IV).
getSuites()
Get a list of supported cipher suites.
public
getSuites() : array<string|int, mixed>
Tags
Return values
array<string|int, mixed> —Ex: ['aes-cbc', 'aes-bbc', 'aes-pbs']
authenticateThenDecrypt()
protected
authenticateThenDecrypt(string $cipherText, string $suite, string $digest, string $masterKey) : string
Parameters
- $cipherText : string
-
Combined ciphertext (IV + encrypted text + signature)
- $suite : string
-
The encryption algorithms Ex: aes-cbc, aes-ctr
- $digest : string
-
The authentication algorithm Ex: sha256
- $masterKey : string
-
Binary representation of the key
Tags
Return values
string —Decrypted text
createCipher()
protected
createCipher(mixed $suite, mixed $key) : Base|Crypt_Base
Parameters
- $suite : mixed
- $key : mixed
Return values
Base|Crypt_BasecreateEncAuthKeys()
Given an master key, derive a pair of encryption+authentication keys.
protected
createEncAuthKeys(string $masterKey) : array<string|int, mixed>
Parameters
- $masterKey : string
Return values
array<string|int, mixed>decryptOnly()
protected
decryptOnly(string $cipherText, mixed $suite, mixed $key) : mixed
Parameters
- $cipherText : string
- $suite : mixed
- $key : mixed
encryptOnly()
protected
encryptOnly(mixed $plainText, mixed $suite, mixed $key) : mixed
Parameters
- $plainText : mixed
- $suite : mixed
- $key : mixed
encryptThenSign()
protected
encryptThenSign(string $plainText, string $suite, string $digest, string $masterKey) : string
Parameters
- $plainText : string
- $suite : string
-
The encryption algorithms Ex: aes-cbc, aes-ctr
- $digest : string
-
The authentication algorithm Ex: sha256
- $masterKey : string
-
Binary representation of the key
Return values
string —The concatenation of IV, ciphertext, signature
getDigestBytes()
protected
getDigestBytes(mixed $digest) : mixed
Parameters
- $digest : mixed
assertLen()
private
assertLen(mixed $bytes, mixed $value) : mixed
Parameters
- $bytes : mixed
- $value : mixed