String/Array/Object/JSON asymetric encryption library using PHP OpenSSL RSA. Supports endless payload length (only limited by memory) by using payload chunking algoritm. Good for secure storage of playloads in a database. Supports multiple keys (key rotation) by prefixing the payload output.
Rsa was not designed for payload encryption. Processing is rather slow and output will be bulky compared to AES. There are some usecases though where the asymetric nature of RSA is favorable. The major advantage is the ability to fully separate encryption from decryption. In case you only need to encrypt stuff in one application/server, there is no need to distribute the private key to this environment.
Consult the excellent keylength tool http://www.keylength.com/.
- php 5.4.x+
- php_openssl
Create RSA Key:
openssl genrsa -out MY001.pem 3072
openssl rsa -in MY001.pem -outform PEM -pubout -out MY001.pub.pem
$payloadCypher = new PayloadCypher();
// This public key will be loaded on encryption
$payloadCypher->setOnPublicKeyLoad(
function () {
return array('MY001' => file_get_contents('MY001.pub.pem'));
}
);
// The private key will be loaded based on the encryption prefix
// When there is no need to decrypt this callback can be omitted
$payloadCypher->setOnPrivateKeyLoad(
function ($keyName) {
return array($keyName => file_get_contents($keyName.'.pem'));
}
);
// Encryption / Decryption of a string
$encrypted = $payloadCypher->encryptString('foo bar baz');
$decrypted = $payloadCypher->decryptString($encrypted);
echo $decrypted.PHP_EOL;
// ... foo bar baz
// Encryption / Decryption of an array stored as encrypted JSON
$encrypted = $payloadCypher->arrayToEncryptedJson(array('foo' => 'bar'));
$decrypted = $payloadCypher->encryptedJsonToArray($encrypted);
var_dump($decrypted);
// ... array('foo' => 'bar')