sop / aes-kw
A PHP library for AES Key Wrap algorithm with padding support.
Installs: 132 565
Dependents: 1
Suggesters: 0
Security: 0
Stars: 2
Watchers: 2
Forks: 0
Open Issues: 0
Requires
- php: >=7.2
- ext-hash: *
- ext-openssl: *
Requires (Dev)
- phpunit/phpunit: ^8.1
README
A PHP library for AES Key Wrap (RFC 3394) algorithm with padding (RFC 5649) support.
Supports AES key sizes of 128, 192 and 256 bits.
Requirements
- PHP >=7.2
- openssl
- hash
Installation
This library is available on Packagist.
composer require sop/aes-kw
Code examples
Here are some simple usage examples. Namespaces are omitted for brevity.
Wrap a 128 bit key with AES-128
Wrap a key of 16 bytes using a 16-byte key encryption key.
$kek = '0123456789abcdef'; // 128-bit key encryption key $key = 'MySecretPassword'; // key to encrypt $algo = new AESKW128(); $ciphertext = $algo->wrap($key, $kek); echo bin2hex($ciphertext);
Outputs:
89efdbc3501f1f5e952a4bbae1329c9f1a47b9fd61b48dee
Unwrap a key
Unwrap a key from previous example. $kek
and $algo
variables are the same.
$ciphertext
variable contains the output from a wrapping procedure.
$key = $algo->unwrap($ciphertext, $kek); echo $key;
Outputs:
MySecretPassword
Wrap an arbitrary length passphrase with AES-192
Wrapping a key that is not a multiple of 64 bits requires padding.
$kek = '012345678901234567890123'; // 192-bit key encryption key $key = 'My hovercraft is full of eels.'; // passphrase to encrypt $algo = new AESKW192(); $ciphertext = $algo->wrapPad($key, $kek); echo bin2hex($ciphertext);
Outputs:
f319811450badfe4385b5534bf26fa6f9fdcd1a593b3ae6b707f15c1015bbf3faf58619818bd8784
Unwrap a key with padding
Key that was wrapped with padding must be unwrapped with unwrapPad
.
$key = $algo->unwrapPad($ciphertext, $kek); echo $key;
Outputs:
My hovercraft is full of eels.
License
This project is licensed under the MIT License.