PHP Classes
elePHPant
Icontem

PHP OpenSSL Toolbox: Use SSL certificates to process data with OpenSSL

Recommend this page to a friend!

  Author Author  
Name: Kjell-Inge Gustafsson <contact>
Classes: 7 packages by
Country: Sweden Sweden
Innovation award
Innovation award
Nominee: 2x


  Detailed description   Download Download .zip .tar.gz  
This package can use SSL certificates to process data with OpenSSL.

It provides classes that can be used to perform several types of operations with SSL certificates. Currently it can:

- Encrypt and decrypt data
- Sign and verify signed data
- Create and export SSL certificates

Details

OpenSSLToolbox

provides object-oriented, secure and extended access to PHP OpenSSL functions

Conception basics

The OpenSSL pkey functions are assembled in the

  • OpenSSLPkeyFactory class

The OpenSSL CSR functions are assembled in the

  • OpenSSLCsrFactory class

The OpenSSL x509 functions are assembled in the

  • OpenSSLX509Factory class

The OpenSSL pkcs7 functions are assembled in the

  • OpenSSLPkcs7Factory class

The OpenSSL pkcs12 functions are assembled in the

  • OpenSSLPkcs12Factory class

The OpenSSL spki functions are assembled in the

  • OpenSSLSpkiFactory class

Remaining OpenSSL functions are assembled in the

  • OpenSSLFactory class

Asserts and convenient salt, base64, hex, pack utility etc methods are assembled in the

  • Assert class
  • Convert class

Methods

All methods have

  • argument validation and throws InvalidArgumentException on error
  • errorHandler protection and result error evaluation, throws RuntimeException on error

Method names originates from OpenSSL function names

  • Ex 'openssl_pkey_export' is encapsulated in method OpenSSLPkeyFactory::export()

Most methods has also more convenient and describable named method alias

  • Ex OpenSSLPkeyFactory::getPrivateKeyAsPemString() for 'openssl_pkey_export'

Most methods (ex setters) are chainable (ie return 'static')

The OO-classes, above, has 'factory' methods, support 'one-liners' and inherit usefull constants defind in the OpenSSLInterface

Supplementary methods for message digest / hmac digest support are assembled in the

* HashFactory class * HmacHashFactory class

Example Usage

Generate keys :

<?php
namespace Kigkonsult\OpenSSLToolbox;

$config = [
    OpenSSLPkeyFactory::DIGESTALGO     => OPENSSL_ALGO_SHA512,
    OpenSSLPkeyFactory::PRIVATEKEYBITS => 4096,
    OpenSSLPkeyFactory::PRIVATEKEYTYPE => OPENSSL_KEYTYPE_RSA,
];

$pKeyFactory      = new OpenSSLPkeyFactory( $config );

// Generate a private key
$privateKeyString = $pKeyFactory->getPrivateKeyAsPemString();
// Generate a public key
$publicKeyString  = $pKeyFactory->getPublicKeyAsPemString();
/* 
// or 
list( $privateKeyString, $publicKeyString ) =
    $pKeyFactory->getPrivatePublicKeyPairAsPemStrings();
// or one-liner, all-in-one
list( $privateKeyString, $publicKeyString ) =
    OpenSSLPkeyFactory::factory( $config )
                      ->getPrivatePublicKeyPairAsPemStrings();
// or to files
OpenSSLPkeyFactory::factory( $config )
                  ->savePrivatePublicKeyPairIntoPemFiles( 'priv.pem', 'pub.pem' )
*/

// Distinguished Name or subject fields to be used in the certificate
$DN = [
    OpenSSLCsrFactory::COUNTRYNAME          => "GB",
    OpenSSLCsrFactory::STATEORPROVINCENAME  => "Somerset",
    OpenSSLCsrFactory::LOCALITYNAME         => "Glastonbury",
    OpenSSLCsrFactory::ORGANIZATIONNAME     => "The Brain Room Limited",
    OpenSSLCsrFactory::ORGANIZATIONUNITNAME => "PHP Documentation Team",
    OpenSSLCsrFactory::COMMONNAME           => "Wez Furlong",
    OpenSSLCsrFactory::EMAILADDRESS         => "wez@example.com"
];
// Generate a certificate signing request
$csrFactory       = OpenSSLCsrFactory::factory( $DN, $privateKeyString, $config );
$csrCertString    = $csrFactory->getCSRasPemString();

// Generate a self-signed cert
$x509CertResource = $csrFactory->getX509CertResource( null, $privateKeyString );
$x509Factory      = OpenSSLX509Factory::factory()
                                      ->setX509Resource( $x509CertResource );
$x509CertString   = $x509Factory->getX509CertAsPemString();

/*
// or shorter
$x509CertString   = OpenSSLX509Factory::csrFactory( null, $DN, $privateKeyString, $config )
                                      ->getX509CertAsPemString();
// or save to pem/der-file
OpenSSLX509Factory::csrFactory( null, $DN, $privateKeyString, $config )
                  ->saveX509CertIntoPemFile( 'cert.pem' );
              //  ->saveX509CertIntoDerFile( 'cert.der' )
*/

Seal/open

<?php
...
// Seal data using public key(s)
$data        = implode( array_fill( 0, 100, 'Testing OpenSSL seal/open, !"#¤%&/()=?. '));
$recipientId = 'The Recipient';
$publicKeys  = [ $recipientId => $publicKeyString ];
list( $sealed, $envelopeKeys ) = OpenSSLFactory::getSealedString( $data, $publicKeys );

// Open (decrypted) data using private key
$decrypted   = OpenSSLFactory::getOpenedSealedString(
     $sealed, $envelopeKeys[$recipientId], $privateKeyString
);

Encrypt/decrypt

$data       = implode( array_fill( 0, 100, 'Testing OpenSSL encrypt/decrypt, !"#¤%&/()=?. '));
$cipher     = 'AES-256-ECB';
$passPhrase = Workshop::getSalt();
// encrypt string
$encrypted  = OpenSSLFactory::getEncryptedString( $data, $cipher, $passPhrase );
// decrypt string
$decrypted  = OpenSSLFactory::getDecryptedString( $encrypted, $cipher, $passPhrase );

More encrypt/decrypt

$data      = 'Testing OpenSSL public/private encrypt/decrypt, !"#¤%&/()=?. ';
// Encrypt the data using the PUBLIC key
$encrypted = OpenSSLFactory::getpublicKeyEncryptedString( $data, $publicKeyString );
// Decrypt the data using the PRIVATE key
$decrypted = OpenSSLFactory::getprivateKeyDecryptedString( $encrypted, $privateKeyString );

// Encrypt the data using the PRIVATE key
$encrypted = OpenSSLFactory::getprivateKeyEncryptedString( $data, $privateKeyString );
// Decrypt the data using the PUBLIC key
$decrypted = OpenSSLFactory::getpublicKeyDecryptedString( $encrypted, $publicKeyString );

Info

You will find - class information in docs folder - convenient constants in src/OpenSSLInterface - a lot of more examples in the test folder.

Installation

[Composer]

From the Command Line:

composer require kigkonsult/openssltoolbox

In your composer.json:

{
    "require": {
        "kigkonsult/openssltoolbox": "dev-master"
    }
}

Acquire access

namespace Kigkonsult\OpenSSLToolbox;
...
include 'vendor/autoload.php';

Or

Download and acquire..

namepace Kigkonsult\OpenSSLToolbox;
...
include 'pathToSource/OpenSSLToolbox/autoload.php';

Run tests

cd pathToSource/OpenSSLToolbox
vendor/bin/phpunit

Note, it will takes some time, 80% coverage...<br> But still remain untested parts, help appreciated.

Support

For support, please use [Github]/issues.

License

This project is licensed under the LGPLv3 License

[Composer]:https://getcomposer.org/ [Github]:https://github.com/iCalcreator/OpenSSLToolbox/issues


  Classes of Kjell-Inge Gustafsson  >  PHP OpenSSL Toolbox  >  Download Download .zip .tar.gz  >  Support forum Support forum  >  Blog Blog  >  RSS 1.0 feed RSS 2.0 feed Latest changes  

 

Name: PHP OpenSSL Toolbox
Base name: openssltoolbox
Description: Use SSL certificates to process data with OpenSSL
Version: -
PHP version: 5
License: GNU Lesser General Public License (LGPL)
 
  Groups   Applications   Files Files  

  Groups  
Group folder image PHP 5 Classes using PHP 5 specific features View top rated classes
Group folder image Files and Folders Listing, accessing and manipulating files and folders View top rated classes
Group folder image Cryptography Encrypting, decrypting and hashing data View top rated classes
Group folder image Security Security protection and attack detection View top rated classes


  Applications that use this package  
No pages of applications that use this class were specified.

Add link image If you know an application of this package, send a message to the author to add a link here.

  Files folder image Files  
File Role Description
Files folder imagedocs (17 files)
Files folder imagesrc (18 files)
Files folder imagetest (20 files, 1 directory)
Accessible without login Plain text file autoload.php Aux. Auxiliary script
Accessible without login Plain text file composer.json Data Auxiliary data
Accessible without login Plain text file LICENSE Lic. License text
Accessible without login Plain text file phpunit.xml Data Auxiliary data
Accessible without login Plain text file README.md Doc. Read me

  Files folder image Files  /  docs  
File Role Description
  Accessible without login Plain text file Assert.md Data Auxiliary data
  Accessible without login Plain text file Convert.md Data Auxiliary data
  Accessible without login Plain text file docs.md Data Auxiliary data
  Accessible without login Plain text file HashFactory.md Data Auxiliary data
  Accessible without login Plain text file HmacHashFactory.md Data Auxiliary data
  Accessible without login Plain text file lgpl.txt Doc. Documentation
  Accessible without login Plain text file OpenSSLBase.md Data Auxiliary data
  Accessible without login Plain text file OpenSSLBaseFactory.md Data Auxiliary data
  Accessible without login Plain text file OpenSSLCryptor.md Data Auxiliary data
  Accessible without login Plain text file OpenSSLCsrFactory.md Data Auxiliary data
  Accessible without login Plain text file OpenSSLFactory.md Data Auxiliary data
  Accessible without login Plain text file OpenSSLPkcs12Factory.md Data Auxiliary data
  Accessible without login Plain text file OpenSSLPkcs7Factory.md Data Auxiliary data
  Accessible without login Plain text file OpenSSLPkeyFactory.md Data Auxiliary data
  Accessible without login Plain text file OpenSSLSpkiFactory.md Data Auxiliary data
  Accessible without login Plain text file OpenSSLX509Factory.md Data Auxiliary data
  Accessible without login Plain text file Workshop.md Data Auxiliary data

  Files folder image Files  /  src  
File Role Description
  Plain text file Assert.php Class Class source
  Plain text file BaseFactory.php Class Class source
  Plain text file Convert.php Class Class source
  Plain text file HashFactory.php Class Class source
  Plain text file HmacHashFactory.php Class Class source
  Plain text file OpenSSLBaseFactory.php Class Class source
  Plain text file OpenSSLBaseFactory2.php Class Class source
  Plain text file OpenSSLCryptor.php Class Class source
  Plain text file OpenSSLCsrFactory.php Class Class source
  Plain text file OpenSSLFactory.php Class Class source
  Plain text file OpenSSLInterface.php Class Class source
  Plain text file OpenSSLPkcs12Factory.php Class Class source
  Plain text file OpenSSLPkcs7Factory.php Class Class source
  Plain text file OpenSSLPkeyFactory.php Class Class source
  Plain text file OpenSSLSpkiFactory.php Class Class source
  Plain text file OpenSSLX509Factory.php Class Class source
  Plain text file PhpErrorException.php Class Class source
  Plain text file Workshop.php Class Class source

  Files folder image Files  /  test  
File Role Description
Files folder imageTraits (3 files)
  Plain text file AssertTest.php Class Class source
  Plain text file BaseFactoryTest.php Class Class source
  Plain text file BaseTest.php Class Class source
  Plain text file ConvertTest.php Class Class source
  Plain text file HashFactoryTest.php Class Class source
  Plain text file HmacHashFactoryTest.php Class Class source
  Plain text file OpenSSLBaseFactory2Test.php Class Class source
  Plain text file OpenSSLBaseFactoryTest.php Class Class source
  Plain text file OpenSSLCryptorTest.php Class Class source
  Plain text file OpenSSLCsrFactoryTest.php Class Class source
  Plain text file OpenSSLDemoTest.php Class Class source
  Plain text file OpenSSLFactoryTest.php Class Class source
  Plain text file OpenSSLPkcs12FactoryTest.php Class Class source
  Plain text file OpenSSLPkcs7FactoryTest.php Class Class source
  Plain text file OpenSSLPkeyFactoryTest.php Class Class source
  Plain text file OpenSSLSpkiFactoryTest.php Class Class source
  Plain text file OpenSSLTest.php Class Class source
  Plain text file OpenSSLX509FactoryTest.php Class Class source
  Plain text file PhpErrorExceptionTest.php Class Class source
  Plain text file WorkshopTest.php Class Class source

  Files folder image Files  /  test  /  Traits  
File Role Description
  Plain text file assertMdCipherAlgorithmTrait.php Class Class source
  Plain text file CsrX509Trait.php Class Class source
  Plain text file PkeySealOpenTrait.php Class Class source

Download Download all files: openssltoolbox.tar.gz openssltoolbox.zip
NOTICE: if you are using a download manager program like 'GetRight', please Login before trying to download this archive.