phpseclib | PHP Secure Communications Library | Cryptography library

 by   phpseclib PHP Version: 3.0.20 License: MIT

kandi X-RAY | phpseclib Summary

kandi X-RAY | phpseclib Summary

phpseclib is a PHP library typically used in Security, Cryptography applications. phpseclib has no bugs, it has a Permissive License and it has medium support. However phpseclib has 1 vulnerabilities. You can download it from GitHub.

MIT-licensed pure-PHP implementations of the following:. SSH-2, SFTP, X.509, an arbitrary-precision integer arithmetic library, Ed25519 / Ed449 / Curve25519 / Curve449, ECDSA / ECDH (with support for 66 curves), RSA (PKCS#1 v2.2 compliant), DSA / DH, DES / 3DES / RC4 / Rijndael / AES / Blowfish / Twofish / Salsa20 / ChaCha20, GCM / Poly1305.

            kandi-support Support

              phpseclib has a medium active ecosystem.
              It has 5059 star(s) with 880 fork(s). There are 118 watchers for this library.
              It had no major release in the last 12 months.
              There are 201 open issues and 827 have been closed. On average issues are closed in 33 days. There are 16 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of phpseclib is 3.0.20

            kandi-Quality Quality

              phpseclib has 0 bugs and 0 code smells.

            kandi-Security Security

              phpseclib has 1 vulnerability issues reported (0 critical, 1 high, 0 medium, 0 low).
              phpseclib code analysis shows 0 unresolved vulnerabilities.
              There are 0 security hotspots that need review.

            kandi-License License

              phpseclib is licensed under the MIT License. This license is Permissive.
              Permissive licenses have the least restrictions, and you can use them in most projects.

            kandi-Reuse Reuse

              phpseclib releases are available to install and integrate.
              Installation instructions are not available. Examples and code snippets are available.
              phpseclib saves you 15026 person hours of effort in developing the same functionality from scratch.
              It has 30859 lines of code, 1322 functions and 331 files.
              It has high code complexity. Code complexity directly impacts maintainability of the code.

            Top functions reviewed by kandi - BETA

            kandi has reviewed phpseclib and discovered the below as its top functions. This is intended to give you an instant insight into phpseclib implemented functionality, and help decide if they suit your requirements.
            • Send a key exchange .
            • Create an inline crypt function
            • Convert an array to an element .
            • Append string to string
            • Sign a certificate .
            • Encode curve parameters .
            • Put data to file .
            • Sets the hash
            • Divide two numbers
            • Generate a random string .
            Get all kandi verified functions for this library.

            phpseclib Key Features

            No Key Features are available at this moment for phpseclib.

            phpseclib Examples and Code Snippets

            No Code Snippets are available at this moment for phpseclib.

            Community Discussions


            ssh-agent in bash script causes many dead processes
            Asked 2022-Feb-23 at 14:05

            I use a bash script ( to deploy my application to a shared host. As part of the deployment process, I clone the latest code from bitbucket using the script below:



            Answered 2022-Feb-22 at 21:30

            Your script probably shouldn't start ssh-agent; it should make use of an ssh-agent that's already running. That way, the user is responsible for starting a single agent that can be used by multiple invocations of the script.

            The simplest thing you can do, though, is simply add either



            "Class name must be a valid object or a string" When Installing PHPSecLib Without Composer
            Asked 2021-Dec-17 at 05:15

            I'm trying to do RSA encryption using PHPSecLib, with a manual install (ie not using Composer).

            I'm following these manual installation instructions I found here:

            And trying to do this example which I located here: How to Decrypt RSA OAEP with SHA256 using openssl on PHP

            My steps I've taken so far:

            1. Visited the GitHub repository here:

            2. Under 'Code' selected 'Download ZIP'.

            3. Unzipped the files locally and uploaded the entire 'phpseclib' directory to the server.

            4. Created a test script, and troubleshooted multiple layers of includes and use that were needed to get it working.

            5. However, at the moment, I'm getting a new error - "Class name must be a valid object or a string" which I don't understand and can't seem to resolve.

            My test script is now as follows:



            Answered 2021-Dec-17 at 05:15

            You're trying to install phpseclib v3 using the instructions for phpseclib v2. There are two options:

            Option 1: Use PHPSecLib V3 With Composer

            This option requires SSH access on the server.

            To install phpseclib v3 you're gonna need Composer. Once you have that installed you can do composer init and then composer require phpseclib/phpseclib:~3.0.

            By doing that you can replace this:



            Decrypt - PHPSECLIB
            Asked 2021-Dec-08 at 04:49

            I'm trying to decrypt a string using phpseclib.

            My hashed string is being generated from a javascript library called jsencrypt. The result of the encryption is saved in a database.

            Afterwards I'm using phpseclib3 to try and decrypt the string using this:



            Answered 2021-Dec-08 at 04:49

            You need to use PKCS1 padding. eg.



            Sign in phpseclib and Verify in C#
            Asked 2021-Dec-01 at 01:09

            I am trying to verify the authenticity of a message across PHP (phpseclib) and C#.

            However, there seem to be some issues with the verification on the C# side.

            What I have tried :

            1. Provide the public key to C# but make C# compute the hash and the signature then verify (Output: True)
            2. Change the hash to the one computed in PHP but make C# compute the signature then verify (Output: True)
            3. Make C# use PHP's computed hash and signature then verify (Output: False)

            PHP Code :



            Answered 2021-Nov-20 at 14:41

            There are issues in both codes:

            • By default phpseclib uses PSS as padding (here and in the following v3 assumed). Padding is explicitly set to PKCS#1 v1.5 though, but it is not used because the return value is not applied. For the padding change to take effect, the return value must be considered.
              By the way, SHA256 is the default here. And RSA::ENCRYPTION_PKCS1 is ignored in the context of signing/verifying and can be removed as well.

            • phpseclib hashes the data implicitly when signing. Since in the current phpseclib code the hash is additionally generated explicitly, double hashing is done. This double hashing is not necessary and can be removed.

            • The double Base64 encoding at the end is also unnecessary and can be removed as well.




            Verify webhook from signature using PHP with gree/jose library
            Asked 2021-Oct-26 at 09:02

            I'm trying to follow the 3rd party documentation for verifying a webhook body using the Signature header -- the 3rd party will be referred to as 3P going forward).

            3P offered a sample Kotlin implementation using a java library. I am using PHP and decided to try gree/jose as my library.

            As a sanity check, I've copied their sample data into my implementation, but I am still getting a false outcome.



            Answered 2021-Oct-26 at 09:02


            Library for PKCS 1.5 RSA Encryption in PHP 7
            Asked 2021-Aug-07 at 13:49

            Is anyone knows a way to do PKCS 1.5 RSA encryption using a public key in PHP 7 ?. Every PHP library that I tried to that, looks like replaced that encryption padding with OAEP padding because PKCS 1.5 encryption is not secure anymore. (Phpseclib equivalent to Java RSA Encryption) . Given below is PHP code I tried so far. What I am doing wrong here ?. Is there any way to accomplish this task in PHP?. I am using CodeIgniter 3 PHP framework.



            Answered 2021-Aug-07 at 13:49

            The posted Python (PyCryptodome) and JavaScript (JSEncrypt) reference codes do the following:

            • Generation of a timestamp (number of milliseconds elapsed since January 1, 1970 00:00:00 UTC).
            • Concatenation of timestamp and token in the format +.
            • Encryption with RSA and PKCS#1 v1.5 padding (RSAES-PKCS1-v1_5)
            • Base64 encoding and subsequent URL encoding

            The posted PHP code uses different libraries for encryption: phpseclib (V3 and V1) and OpenSSL. The only difference from the reference code turned out to be that the timestamp is determined in seconds (instead of milliseconds), which was eventually identified as the cause of the problem.

            The rest is consistent with the reference code, including the encryption with RSA and PKCS#1 v1.5 padding originally suspected as the cause of the bug, as could be easily verified by using a valid key pair and decrypting the ciphertext generated with the PHP code with a second independent application (e.g. online).

            Note that phpseclib V3 specifies PKCS#1 v1.5 padding in the context of encryption with RSA::ENCRYPTION_PKCS1.



            C# RSA Encrpytion -> Laravel phpseclib decrypt()
            Asked 2021-Jul-24 at 14:49

            I'm using a key pair generated by phpseclib and then I use it to encrypt in C# a message and decrypt in PHP.

            The public key is:



            Answered 2021-Jul-24 at 14:49

            In the C# code PKCS#1 v1.5 padding is applied (2nd parameter of Encrypt() is false), phpseclib uses OAEPadding by default (here).

            Decryption works if PKCS#1 v1.5 padding is explicitly specified in the PHP code:



            How to convert AES Decrypt from Javascript to php
            Asked 2021-Jun-02 at 19:15

            I am using the below script: -



            Answered 2021-Jun-02 at 17:24

            The error message seems fairly straight-forward to me: the key size you used isn't supported by that library. In fact, you appear to have only pasted part of the message, which goes on to list the key sizes which are supported:

            'Key of size ' . strlen($key) . ' not supported by this algorithm. Only keys of sizes 16, 24 or 32 supported'

            So your problem is not understanding what the PHP can do, but understanding what the JS is doing with your input.

            The clue to that is in the CryptoJS docs:

            CryptoJS supports AES-128, AES-192, and AES-256. It will pick the variant by the size of the key you pass in. If you use a passphrase, then it will generate a 256-bit key.

            So the library agrees that there are three valid key lengths, but supports passing in a "passphrase" instead which will be used to generate a key. The exact algorithm it uses to do that isn't documented; presumably it uses some Key Derivation Function with fixed parameters, so that the same passphrase will always produce the same key. If you really need to emulate it, you'll need to trace through the source code.

            If you just need code that's compatible with both libraries, generate a random key of one of the supported lengths, and use that in both places.



            PHP Arrays: How to get this hexadecimal value from array
            Asked 2021-May-26 at 08:53

            I have retrieved an array like this:

            echo "



            Answered 2021-May-26 at 08:53

            The BigInteger class has a toHex() method. So you can get the hex value like this:



            Docker cli use older logging?
            Asked 2021-Mar-04 at 20:55

            I just installed docker desktop on my windows box, but I uses the new output style, i'd like to switch back to the old style, having trouble finding the exact command or profile part to change.

            What I have



            Answered 2021-Mar-04 at 20:55

            The new logging style comes from the BuildKit features.

            You can disable this in the Docker Desktop GUI:

            1. select the Docker Engine tab
            2. set "features"{ "buildkit" : false }

            Then if you want to use the logging features again, you can run with DOCKER_BUILDKIT=1. I believe you can run with DOCKER_BUILDKIT=0 if you want to selectively disable but haven't tested that yet.

            Of course, be aware that you'll lose out on the following features that BuildKit adds to Docker:

            • Docker images created with BuildKit can be pushed to Docker Hub just like Docker images created with legacy build
            • the Dockerfile format that works on legacy build will also work with BuildKit builds
            • The new --secret command line option allows the user to pass secret information for building new images with a specified Dockerfile


            Community Discussions, Code Snippets contain sources that include Stack Exchange Network


            No vulnerabilities reported

            Install phpseclib

            You can download it from GitHub.
            PHP requires the Visual C runtime (CRT). The Microsoft Visual C++ Redistributable for Visual Studio 2019 is suitable for all these PHP versions, see You MUST download the x86 CRT for PHP x86 builds and the x64 CRT for PHP x64 builds. The CRT installer supports the /quiet and /norestart command-line switches, so you can also script it.


            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
          • HTTPS


          • CLI

            gh repo clone phpseclib/phpseclib

          • sshUrl


          • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            Consider Popular Cryptography Libraries


            by dogecoin


            by google


            by brix


            by Ciphey


            by jedisct1

            Try Top Libraries by phpseclib


            by phpseclibPHP


            by phpseclibPHP


            by phpseclibHTML


            by phpseclibPHP