PHP Classes

PASERK PHP: Extend PASETO to wrap and serialize keys

Recommend this page to a friend!

  Author Author  
Picture of Scott Arciszewski
Name: Scott Arciszewski <contact>
Classes: 35 packages by
Country: United States United States
Innovation award
Innovation award
Nominee: 27x

Winner: 1x


  Detailed description   Download Download .zip .tar.gz  
This package can extend PASETO to wrap and serialize keys.

It provides classes that can perform several operations with keys used by the PHP implementation of the PASETO security tokens specification.

Currently, it provides classes that implement:

- Types of data that can be encoded and decoded, like seals and secret passwords

- Operations with the types of data like wrapping and serialization

Details

PASERK (PHP)

Build Status Latest Stable Version Latest Unstable Version License Downloads

Platform Agnostic SERialized Keys. Requires PHP 7.1 or newer.

PASERK Specification

The PASERK Specification can be found in this repository.

Installing

composer require paragonie/paserk

PASERK Library Versions

  • PASERK PHP Version 2 * Requires PHP 8.1+ * PASETO versions: `v3`, `v4` * This means only the corresponding `k3` and `k4` modes are implemented.
  • PASERK PHP Version 1 * Requires PHP 7.1+ * PASETO versions: `v1`, `v2`, `v3`, `v4` * This provides a stable reference implementation for the PASERK specification.

Documentation

See this directory for the documentation.

Example: Public-key Encryption

Wrapping

<?php
use ParagonIE\Paseto\Builder;
use ParagonIE\Paseto\Keys\SymmetricKey;
use ParagonIE\Paseto\Protocol\Version4;
use ParagonIE\Paserk\Operations\Key\SealingPublicKey;
use ParagonIE\Paserk\Types\Seal;

$version = new Version4();

// First, you need a sealing keypair.

// $sealingSecret = ParagonIE\Paserk\Operations\Key\SealingSecretKey::generate();
// $sealingPublic = $sealingSecret->getPublicKey();
// var_dump($sealingSecret->encode(), $sealingPublic->encode());

$sealingPublic = SealingPublicKey::fromEncodedString(
    "vdd1m2Eri8ggYYR5YtnmEninoiCxH1eguGNKe4pes3g",
    $version
);
$sealer = new Seal($sealingPublic);

// Generate a random one-time key, which will be encrypted with the public key:
$key = SymmetricKey::generate($version);

// Seal means "public key encryption":
$paserk = $sealer->encode($key);

// Now let's associate this PASERK with a PASETO that uses the local key:
$paseto = Builder::getLocal($key, $version)
    ->with('test', 'readme')
    ->withExpiration(
        (new DateTime('NOW'))
            ->add(new DateInterval('P01D'))
    )
    ->withFooterArray(['kid' => $sealer->id($key)])
    ->toString();

var_dump($paserk, $paseto);

Unwrapping

<?php
use ParagonIE\Paseto\Protocol\Version4;
use ParagonIE\Paserk\Operations\Key\SealingSecretKey;
use ParagonIE\Paserk\Types\Lid;
use ParagonIE\Paserk\Types\Seal;
use ParagonIE\Paseto\Parser as PasetoParser;
use ParagonIE\Paseto\ProtocolCollection;

$version = new Version4();

// From previous example:
$paserk = "k4.seal.F2qE4x0JfqT7JYhOB7S12SikvLaRuEpxRkgxxHfh4hVpE1JfwIDnreuhs9v5gjoBl3WTVjdIz6NkwQdqRoS2EDc3yGvdf_Da4K1xUSJ8IVTn4HQeol5ruYwjQlA_Ph4N";
$paseto = "v4.local.hYG-BfpTTM3bb-xZ-q5-w77XGayS4WA8kA5R5ZL85u3nzgrWba5NdqgIouFn71CJyGAff1eloirzz3sWRdVXnDeSIYxXDIerNkbLI5ALn24JehhSLKrv8R2-yhfo_XZF9XEASXtwrOyMNjeEAan5kqO6Dg.eyJraWQiOiJrNC5saWQueDAycGJDRmhxU1Q4endnbEJyR3VqWE9LYU5kRkJjY1dsTFFRN0pzcGlZM18ifQ";

// Keys for unsealing:
$sealingSecret = SealingSecretKey::fromEncodedString(
    "j043XiZTuGLleB0kAy8f3Tz-lEePK_ynEWPp4OyB-lS913WbYSuLyCBhhHli2eYSeKeiILEfV6C4Y0p7il6zeA",
    $version
);
$sealingPublic = $sealingSecret->getPublicKey();

// Unwrap the sytmmetric key for `v4.local.` tokens.
$sealer = new Seal($sealingPublic, $sealingSecret);
$unwrapped = $sealer->decode($paserk);

// Parse the PASETO
$parsed = PasetoParser::getLocal($unwrapped, ProtocolCollection::v4())
    ->parse($paseto);

// Get the claims from the parsed and validated token:
var_dump($parsed->getClaims());
/*
array(2) {
  ["test"]=>
  string(6) "readme"
  ["exp"]=>
  string(25) "2038-01-19T03:14:08+00:00"
}
*/

// Observe the Key ID is the same as the value stored in the footer.
var_dump(Lid::encode($version, $paserk));
var_dump($parsed->getFooterArray()['kid']);
/*
string(51) "k4.lid.x02pbCFhqST8zwglBrGujXOKaNdFBccWlLQQ7JspiY3_"
string(51) "k4.lid.x02pbCFhqST8zwglBrGujXOKaNdFBccWlLQQ7JspiY3_"
*/

PASERK Feature Coverage


  Classes of Scott Arciszewski  >  PASERK PHP  >  Download Download .zip .tar.gz  >  Support forum Support forum  >  Blog Blog  >  RSS 1.0 feed RSS 2.0 feed Latest changes  
Name: PASERK PHP
Base name: paserk-php
Description: Extend PASETO to wrap and serialize keys
Version: -
PHP version: 5
License: MIT/X Consortium License
 
  Groups   Applications   Files Files  

  Groups  
Group folder image Cryptography Encrypting, decrypting and hashing data View top rated classes


  Innovation Award  
PHP Programming Innovation award nominee
November 2022
Nominee
Vote
PASETO is an approach to sign, encrypt and decrypt data that is more secure than other approaches like JSON Web Tokens.

PASERK extends the PHP PASETO to add more functionality for serializing and wrapping kets used by PASETO. This possibility helps developers to use keys on different platforms.

Manuel Lemos

  Applications that use this package  
No pages of applications that use this class were specified.

Add link image If you know an application of this package, send a message to the author to add a link here.

  Files folder image Files  
File Role Description
Files folder image.github (1 directory)
Files folder imagedocs (1 file, 2 directories)
Files folder imagesrc (6 files, 2 directories)
Files folder imagetests (2 files, 4 directories)
Accessible without login Plain text file composer.json Data Auxiliary data
Accessible without login Plain text file LICENSE Lic. License text
Accessible without login Plain text file phpunit.xml Data Auxiliary data
Accessible without login Plain text file psalm.xml Data Auxiliary data
Accessible without login Plain text file README.md Doc. Read me

  Files folder image Files  /  .github  
File Role Description
Files folder imageworkflows (1 file)

  Files folder image Files  /  .github  /  workflows  
File Role Description
  Accessible without login Plain text file ci.yml Data Auxiliary data

  Files folder image Files  /  docs  
File Role Description
Files folder imageTypes (11 files)
Files folder imageWrap (2 files)
  Accessible without login Plain text file README.md Doc. Documentation

  Files folder image Files  /  docs  /  Types  
File Role Description
  Accessible without login Plain text file Lid.md Doc. Documentation
  Accessible without login Plain text file Local.md Doc. Documentation
  Accessible without login Plain text file LocalPW.md Doc. Documentation
  Accessible without login Plain text file LocalWrap.md Doc. Documentation
  Accessible without login Plain text file Pid.md Doc. Documentation
  Accessible without login Plain text file PublicType.md Doc. Documentation
  Accessible without login Plain text file Seal.md Doc. Documentation
  Accessible without login Plain text file SecretPW.md Doc. Documentation
  Accessible without login Plain text file SecretType.md Doc. Documentation
  Accessible without login Plain text file SecretWrap.md Doc. Documentation
  Accessible without login Plain text file Sid.md Doc. Documentation

  Files folder image Files  /  docs  /  Wrap  
File Role Description
  Accessible without login Plain text file pie.md Data Auxiliary data
  Accessible without login Plain text file README.md Doc. Documentation

  Files folder image Files  /  src  
File Role Description
Files folder imageOperations (6 files, 4 directories)
Files folder imageTypes (11 files)
  Accessible without login Plain text file ConstraintTrait.php Class Class source
  Accessible without login Plain text file IdCommonTrait.php Class Class source
  Accessible without login Plain text file IdInterface.php Class Class source
  Accessible without login Plain text file PaserkException.php Class Class source
  Accessible without login Plain text file PaserkTypeInterface.php Class Class source
  Accessible without login Plain text file Util.php Class Class source

  Files folder image Files  /  src  /  Operations  
File Role Description
Files folder imageKey (2 files)
Files folder imagePBKW (2 files)
Files folder imagePKE (3 files)
Files folder imageWrap (1 file)
  Accessible without login Plain text file PBKW.php Class Class source
  Accessible without login Plain text file PBKWInterface.php Class Class source
  Accessible without login Plain text file PKE.php Class Class source
  Accessible without login Plain text file PKEInterface.php Class Class source
  Accessible without login Plain text file Wrap.php Class Class source
  Accessible without login Plain text file WrapInterface.php Class Class source

  Files folder image Files  /  src  /  Operations  /  Key  
File Role Description
  Accessible without login Plain text file SealingPublicKey.php Class Class source
  Accessible without login Plain text file SealingSecretKey.php Class Class source

  Files folder image Files  /  src  /  Operations  /  PBKW  
File Role Description
  Accessible without login Plain text file PBKWv3.php Class Class source
  Accessible without login Plain text file PBKWv4.php Class Class source

  Files folder image Files  /  src  /  Operations  /  PKE  
File Role Description
  Accessible without login Plain text file PKETrait.php Class Class source
  Accessible without login Plain text file PKEv3.php Class Class source
  Accessible without login Plain text file PKEv4.php Class Class source

  Files folder image Files  /  src  /  Operations  /  Wrap  
File Role Description
  Accessible without login Plain text file Pie.php Class Class source

  Files folder image Files  /  src  /  Types  
File Role Description
  Accessible without login Plain text file Lid.php Class Class source
  Accessible without login Plain text file Local.php Class Class source
  Accessible without login Plain text file LocalPW.php Class Class source
  Accessible without login Plain text file LocalWrap.php Class Class source
  Accessible without login Plain text file Pid.php Class Class source
  Accessible without login Plain text file PublicType.php Class Class source
  Accessible without login Plain text file Seal.php Class Class source
  Accessible without login Plain text file SecretPW.php Class Class source
  Accessible without login Plain text file SecretType.php Class Class source
  Accessible without login Plain text file SecretWrap.php Class Class source
  Accessible without login Plain text file Sid.php Class Class source

  Files folder image Files  /  tests  
File Role Description
Files folder imageKAT (11 files)
Files folder imageOperations (3 files, 1 directory)
Files folder imagetest-vectors (23 files)
Files folder imageTypes (8 files)
  Accessible without login Plain text file KnownAnswers.php Class Class source
  Accessible without login Plain text file UtilTest.php Class Class source

  Files folder image Files  /  tests  /  KAT  
File Role Description
  Accessible without login Plain text file LidTest.php Class Class source
  Accessible without login Plain text file LocalPWTest.php Class Class source
  Accessible without login Plain text file LocalTest.php Class Class source
  Accessible without login Plain text file LocalWrapPieTest.php Class Class source
  Accessible without login Plain text file PidTest.php Class Class source
  Accessible without login Plain text file PublicTest.php Class Class source
  Accessible without login Plain text file SealTest.php Class Class source
  Accessible without login Plain text file SecretPWTest.php Class Class source
  Accessible without login Plain text file SecretTest.php Class Class source
  Accessible without login Plain text file SecretWrapPieTest.php Class Class source
  Accessible without login Plain text file SidTest.php Class Class source

  Files folder image Files  /  tests  /  Operations  
File Role Description
Files folder imageWrap (1 file)
  Accessible without login Plain text file PBKWTest.php Class Class source
  Accessible without login Plain text file PKETest.php Class Class source
  Accessible without login Plain text file WrapTest.php Class Class source

  Files folder image Files  /  tests  /  Operations  /  Wrap  
File Role Description
  Accessible without login Plain text file PieTest.php Class Class source

  Files folder image Files  /  tests  /  test-vectors  
File Role Description
  Accessible without login Plain text file k3.lid.json Data Auxiliary data
  Accessible without login Plain text file k3.local-pw.json Data Auxiliary data
  Accessible without login Plain text file k3.local-wrap.pie.json Data Auxiliary data
  Accessible without login Plain text file k3.local.json Data Auxiliary data
  Accessible without login Plain text file k3.pid.json Data Auxiliary data
  Accessible without login Plain text file k3.public.json Data Auxiliary data
  Accessible without login Plain text file k3.seal.json Data Auxiliary data
  Accessible without login Plain text file k3.secret-pw.json Data Auxiliary data
  Accessible without login Plain text file k3.secret-wrap.pie.json Data Auxiliary data
  Accessible without login Plain text file k3.secret.json Data Auxiliary data
  Accessible without login Plain text file k3.sid.json Data Auxiliary data
  Accessible without login Plain text file k4.lid.json Data Auxiliary data
  Accessible without login Plain text file k4.local-pw.json Data Auxiliary data
  Accessible without login Plain text file k4.local-wrap.pie.json Data Auxiliary data
  Accessible without login Plain text file k4.local.json Data Auxiliary data
  Accessible without login Plain text file k4.pid.json Data Auxiliary data
  Accessible without login Plain text file k4.public.json Data Auxiliary data
  Accessible without login Plain text file k4.seal.json Data Auxiliary data
  Accessible without login Plain text file k4.secret-pw.json Data Auxiliary data
  Accessible without login Plain text file k4.secret-wrap.pie.json Data Auxiliary data
  Accessible without login Plain text file k4.secret.json Data Auxiliary data
  Accessible without login Plain text file k4.sid.json Data Auxiliary data
  Accessible without login Plain text file README.md Doc. Documentation

  Files folder image Files  /  tests  /  Types  
File Role Description
  Accessible without login Plain text file LocalPWTest.php Class Class source
  Accessible without login Plain text file LocalTest.php Class Class source
  Accessible without login Plain text file LocalWrapTest.php Class Class source
  Accessible without login Plain text file PublicTest.php Class Class source
  Accessible without login Plain text file SealTest.php Class Class source
  Accessible without login Plain text file SecretPWTest.php Class Class source
  Accessible without login Plain text file SecretTest.php Class Class source
  Accessible without login Plain text file SecretWrapTest.php Class Class source

Download Download all files: paserk-php.tar.gz paserk-php.zip
NOTICE: if you are using a download manager program like 'GetRight', please Login before trying to download this archive.
  Files folder image Files  
File Role Description
Files folder image.github (1 directory)
Files folder imagedocs (1 file, 2 directories)
Files folder imagesrc (6 files, 2 directories)
Files folder imagetests (2 files, 4 directories)
Accessible without login Plain text file composer.json Data Auxiliary data
Accessible without login Plain text file LICENSE Lic. License text
Accessible without login Plain text file phpunit.xml Data Auxiliary data
Accessible without login Plain text file psalm.xml Data Auxiliary data
Accessible without login Plain text file README.md Doc. Read me

  Files folder image Files  /  .github  
File Role Description
Files folder imageworkflows (1 file)

  Files folder image Files  /  .github  /  workflows  
File Role Description
  Accessible without login Plain text file ci.yml Data Auxiliary data

  Files folder image Files  /  docs  
File Role Description
Files folder imageTypes (11 files)
Files folder imageWrap (2 files)
  Accessible without login Plain text file README.md Doc. Documentation

  Files folder image Files  /  docs  /  Types  
File Role Description
  Accessible without login Plain text file Lid.md Doc. Documentation
  Accessible without login Plain text file Local.md Doc. Documentation
  Accessible without login Plain text file LocalPW.md Doc. Documentation
  Accessible without login Plain text file LocalWrap.md Doc. Documentation
  Accessible without login Plain text file Pid.md Doc. Documentation
  Accessible without login Plain text file PublicType.md Doc. Documentation
  Accessible without login Plain text file Seal.md Doc. Documentation
  Accessible without login Plain text file SecretPW.md Doc. Documentation
  Accessible without login Plain text file SecretType.md Doc. Documentation
  Accessible without login Plain text file SecretWrap.md Doc. Documentation
  Accessible without login Plain text file Sid.md Doc. Documentation

  Files folder image Files  /  docs  /  Wrap  
File Role Description
  Accessible without login Plain text file pie.md Data Auxiliary data
  Accessible without login Plain text file README.md Doc. Documentation

  Files folder image Files  /  src  
File Role Description
Files folder imageOperations (6 files, 4 directories)
Files folder imageTypes (11 files)
  Accessible without login Plain text file ConstraintTrait.php Class Class source
  Accessible without login Plain text file IdCommonTrait.php Class Class source
  Accessible without login Plain text file IdInterface.php Class Class source
  Accessible without login Plain text file PaserkException.php Class Class source
  Accessible without login Plain text file PaserkTypeInterface.php Class Class source
  Accessible without login Plain text file Util.php Class Class source

  Files folder image Files  /  src  /  Operations  
File Role Description
Files folder imageKey (2 files)
Files folder imagePBKW (2 files)
Files folder imagePKE (3 files)
Files folder imageWrap (1 file)
  Accessible without login Plain text file PBKW.php Class Class source
  Accessible without login Plain text file PBKWInterface.php Class Class source
  Accessible without login Plain text file PKE.php Class Class source
  Accessible without login Plain text file PKEInterface.php Class Class source
  Accessible without login Plain text file Wrap.php Class Class source
  Accessible without login Plain text file WrapInterface.php Class Class source

  Files folder image Files  /  src  /  Operations  /  Key  
File Role Description
  Accessible without login Plain text file SealingPublicKey.php Class Class source
  Accessible without login Plain text file SealingSecretKey.php Class Class source

  Files folder image Files  /  src  /  Operations  /  PBKW  
File Role Description
  Accessible without login Plain text file PBKWv3.php Class Class source
  Accessible without login Plain text file PBKWv4.php Class Class source

  Files folder image Files  /  src  /  Operations  /  PKE  
File Role Description
  Accessible without login Plain text file PKETrait.php Class Class source
  Accessible without login Plain text file PKEv3.php Class Class source
  Accessible without login Plain text file PKEv4.php Class Class source

  Files folder image Files  /  src  /  Operations  /  Wrap  
File Role Description
  Accessible without login Plain text file Pie.php Class Class source

  Files folder image Files  /  src  /  Types  
File Role Description
  Accessible without login Plain text file Lid.php Class Class source
  Accessible without login Plain text file Local.php Class Class source
  Accessible without login Plain text file LocalPW.php Class Class source
  Accessible without login Plain text file LocalWrap.php Class Class source
  Accessible without login Plain text file Pid.php Class Class source
  Accessible without login Plain text file PublicType.php Class Class source
  Accessible without login Plain text file Seal.php Class Class source
  Accessible without login Plain text file SecretPW.php Class Class source
  Accessible without login Plain text file SecretType.php Class Class source
  Accessible without login Plain text file SecretWrap.php Class Class source
  Accessible without login Plain text file Sid.php Class Class source

  Files folder image Files  /  tests  
File Role Description
Files folder imageKAT (11 files)
Files folder imageOperations (3 files, 1 directory)
Files folder imagetest-vectors (23 files)
Files folder imageTypes (8 files)
  Accessible without login Plain text file KnownAnswers.php Class Class source
  Accessible without login Plain text file UtilTest.php Class Class source

  Files folder image Files  /  tests  /  KAT  
File Role Description
  Accessible without login Plain text file LidTest.php Class Class source
  Accessible without login Plain text file LocalPWTest.php Class Class source
  Accessible without login Plain text file LocalTest.php Class Class source
  Accessible without login Plain text file LocalWrapPieTest.php Class Class source
  Accessible without login Plain text file PidTest.php Class Class source
  Accessible without login Plain text file PublicTest.php Class Class source
  Accessible without login Plain text file SealTest.php Class Class source
  Accessible without login Plain text file SecretPWTest.php Class Class source
  Accessible without login Plain text file SecretTest.php Class Class source
  Accessible without login Plain text file SecretWrapPieTest.php Class Class source
  Accessible without login Plain text file SidTest.php Class Class source

  Files folder image Files  /  tests  /  Operations  
File Role Description
Files folder imageWrap (1 file)
  Accessible without login Plain text file PBKWTest.php Class Class source
  Accessible without login Plain text file PKETest.php Class Class source
  Accessible without login Plain text file WrapTest.php Class Class source

  Files folder image Files  /  tests  /  Operations  /  Wrap  
File Role Description
  Accessible without login Plain text file PieTest.php Class Class source

  Files folder image Files  /  tests  /  test-vectors  
File Role Description
  Accessible without login Plain text file k3.lid.json Data Auxiliary data
  Accessible without login Plain text file k3.local-pw.json Data Auxiliary data
  Accessible without login Plain text file k3.local-wrap.pie.json Data Auxiliary data
  Accessible without login Plain text file k3.local.json Data Auxiliary data
  Accessible without login Plain text file k3.pid.json Data Auxiliary data
  Accessible without login Plain text file k3.public.json Data Auxiliary data
  Accessible without login Plain text file k3.seal.json Data Auxiliary data
  Accessible without login Plain text file k3.secret-pw.json Data Auxiliary data
  Accessible without login Plain text file k3.secret-wrap.pie.json Data Auxiliary data
  Accessible without login Plain text file k3.secret.json Data Auxiliary data
  Accessible without login Plain text file k3.sid.json Data Auxiliary data
  Accessible without login Plain text file k4.lid.json Data Auxiliary data
  Accessible without login Plain text file k4.local-pw.json Data Auxiliary data
  Accessible without login Plain text file k4.local-wrap.pie.json Data Auxiliary data
  Accessible without login Plain text file k4.local.json Data Auxiliary data
  Accessible without login Plain text file k4.pid.json Data Auxiliary data
  Accessible without login Plain text file k4.public.json Data Auxiliary data
  Accessible without login Plain text file k4.seal.json Data Auxiliary data
  Accessible without login Plain text file k4.secret-pw.json Data Auxiliary data
  Accessible without login Plain text file k4.secret-wrap.pie.json Data Auxiliary data
  Accessible without login Plain text file k4.secret.json Data Auxiliary data
  Accessible without login Plain text file k4.sid.json Data Auxiliary data
  Accessible without login Plain text file README.md Doc. Documentation

  Files folder image Files  /  tests  /  Types  
File Role Description
  Accessible without login Plain text file LocalPWTest.php Class Class source
  Accessible without login Plain text file LocalTest.php Class Class source
  Accessible without login Plain text file LocalWrapTest.php Class Class source
  Accessible without login Plain text file PublicTest.php Class Class source
  Accessible without login Plain text file SealTest.php Class Class source
  Accessible without login Plain text file SecretPWTest.php Class Class source
  Accessible without login Plain text file SecretTest.php Class Class source
  Accessible without login Plain text file SecretWrapTest.php Class Class source

Download Download all files: paserk-php.tar.gz paserk-php.zip
NOTICE: if you are using a download manager program like 'GetRight', please Login before trying to download this archive.