Documentation

Cipher
in package

FinalYes

Cryptographic utility class.

Provides encryption and hashing methods including SHA-256, AES-256, IV generation, and secure random token generation.

Table of Contents

Methods

decrypt()  : string
Decrypt a string encrypted with symmetric encryption.
encode_sha256()  : string
Generate SHA-256 hash with a secret key.
encodeOpenSshPublicKey()  : string
Convert a PEM private key to OpenSSH public key format.
encrypt()  : string
Encrypt a string using symmetric encryption.
generateInitialVector()  : string
Generate a cryptographic initialization vector (IV).
generateKey()  : string
Generate a random base64-encoded key.
generateKeyPair()  : void
Generate OpenSSL Key Pair ```php use \X\Util\Cipher;
randStr()  : string
Generate a cryptographically secure random string.
randToken68()  : string
Generate a random token68-compliant string.
encodeOpenSshBuffer()  : string
Encode a binary buffer in OpenSSH wire format.

Methods

decrypt()

Decrypt a string encrypted with symmetric encryption.

public static decrypt(string $encrypted, string $key, string $iv[, string $algorithm = 'AES-256-CTR' ]) : string 
use \X\Util\Cipher;

$iv = Cipher::generateInitialVector();
$plaintext = 'Hello, World.';
$key = 'key';
$encrypted = Cipher::encrypt($plaintext, $key, $iv);// UHLY5PckT7Da02e42g==
$decrypted = Cipher::decrypt($encrypted, $key, $iv);// Hello, World.
Parameters
$encrypted : string

Encrypted string.

$key : string

Decryption key.

$iv : string

IV.

$algorithm : string = 'AES-256-CTR'

(optional) Cryptographic Algorithm. Default is "AES-256-CTR".

Return values
string

Decrypted string.

encode_sha256()

Generate SHA-256 hash with a secret key.

public static encode_sha256(string $plaintext[, string|null $key = null ]) : string
Parameters
$plaintext : string

String to hash.

$key : string|null = null

Secret key appended before hashing. Default is encryption_key from config.

Tags
throws
RuntimeException

If no key is provided and encryption_key is not configured.

Return values
string

64-character hexadecimal hash string.

encodeOpenSshPublicKey()

Convert a PEM private key to OpenSSH public key format.

public static encodeOpenSshPublicKey(string $privateKey) : string
Parameters
$privateKey : string

PEM-encoded private key.

Return values
string

OpenSSH public key string (e.g., "ssh-rsa AAAA...").

encrypt()

Encrypt a string using symmetric encryption.

public static encrypt(string $plaintext, string $key, string $iv[, string $algorithm = 'AES-256-CTR' ]) : string 
use \X\Util\Cipher;

$iv = Cipher::generateInitialVector();
$plaintext = 'Hello, World.';
$key = 'key';
$encrypted = Cipher::encrypt($plaintext, $key, $iv);// UHLY5PckT7Da02e42g==
$decrypted = Cipher::decrypt($encrypted, $key, $iv);// Hello, World.
Parameters
$plaintext : string

String to be encrypted.

$key : string

Encryption key.

$iv : string

IV.

$algorithm : string = 'AES-256-CTR'

(optional) Cryptographic Algorithm. Default is "AES-256-CTR".

Return values
string

Encrypted string.

generateInitialVector()

Generate a cryptographic initialization vector (IV).

public static generateInitialVector([string $algorithm = 'AES-256-CTR' ]) : string
Parameters
$algorithm : string = 'AES-256-CTR'

Cipher algorithm. Default is "AES-256-CTR".

Return values
string

Binary IV string of the appropriate length for the algorithm.

generateKey()

Generate a random base64-encoded key.

public static generateKey([int $len = 32 ]) : string
Parameters
$len : int = 32

Number of random bytes to generate. Default is 32.

Tags
throws
RuntimeException

If length is less than 1.

Return values
string

Base64-encoded random key.

generateKeyPair()

Generate OpenSSL Key Pair ```php use \X\Util\Cipher;

public static generateKeyPair(string &$privateKey, string &$publicKey[, array{digest_alg?: string, x509_extensions?: string, req_extensions?: string, private_key_bits?: int, private_key_type?: int, encrypt_key?: bool, encrypt_key_cipher?: int, curve_name?: string, config?: string} $options = [] ]) : void

// Generate 4096bit long RSA key pair. Cipher::generateKeyPair($privateKey, $publicKey, [ 'digest_alg' => 'sha512', 'private_key_bits' => 4096, 'private_key_type' => OPENSSL_KEYTYPE_RSA ]);

// Debug private key. // Output: -----BEGIN PRIVATE KEY----- // MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCpvdXUNEfrA4T+ // ... // -----END PRIVATE KEY----- echo 'Private key:'. PHP_EOL . $privateKey;

// Debug public key. // Output: -----BEGIN PUBLIC KEY----- // MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAqb3V1DRH6wOE/oVhJWEo // ... // -----END PUBLIC KEY----- echo 'Public key:' . PHP_EOL. $publicKey;

// OpenSSH encode the public key. // Output: ssh-rsa AAAAB3NzaC... $publicKey = Cipher::encodeOpenSshPublicKey($privateKey);

// Debug OpenSSH-encoded public key. echo 'OpenSSH-encoded public key:' . PHP_EOL . $publicKey;

Parameters
$privateKey : string

Receives the generated PEM-encoded private key.

$publicKey : string

Receives the generated PEM-encoded public key.

$options : array{digest_alg?: string, x509_extensions?: string, req_extensions?: string, private_key_bits?: int, private_key_type?: int, encrypt_key?: bool, encrypt_key_cipher?: int, curve_name?: string, config?: string} = []

OpenSSL key generation options:

  • digest_alg: Digest method (see openssl_get_md_methods()). Default is "sha512".
  • private_key_bits: Key length in bits. Default is 4096.
  • private_key_type: Key type constant (OPENSSL_KEYTYPE_RSA, etc.). Default is OPENSSL_KEYTYPE_RSA.
  • config: Path to alternative openssl.conf file.

randStr()

Generate a cryptographically secure random string.

public static randStr([int $len = 64 ][, string $chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ' ]) : string
Parameters
$len : int = 64

String length. Default is 64.

$chars : string = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ'

Character set to use. Default is alphanumeric (a-z, A-Z, 0-9).

Tags
throws
RangeException

If length is less than 1.

Return values
string

Random string of the specified length.

randToken68()

Generate a random token68-compliant string.

public static randToken68([int $len = 64 ]) : string

Token68 format is defined in RFC 7235, allowing alphanumeric chars plus -._~+/ and optionally trailing =.

Parameters
$len : int = 64

String length. Default is 64.

Return values
string

Random token68 string.

encodeOpenSshBuffer()

Encode a binary buffer in OpenSSH wire format.

private static encodeOpenSshBuffer(string $buffer) : string
Parameters
$buffer : string

Binary data to encode.

Return values
string

Length-prefixed encoded buffer.


        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results