Spatie had launched a package called spatie/crypto that provides a way to effortlessly generate a private and public key for encrypting and signing data. There are already many other packages that provide the same functionality but none of them is like Crypto. Because it provides a straightforward way to easily generate private/public key pairs, and encrypt/decrypt messages using those keys.

Installation

You can install the package via composer:

composer require spatie/crypto

Usage

After the installation, You’ve to generate a key pair using the generate function on the KeyPair class.

use Spatie\Crypto\Rsa\KeyPair;

// generating an RSA key pair
[$privateKey, $publicKey] = (new KeyPair())->generate();

You’ve to define the keys to the disk by passing paths to the generate function.

// when passing paths, the generated keys will be written those paths
(new KeyPair())->generate($pathToPrivateKey, $pathToPublicKey)

You’ve to protect the private key with a password by utilizing the password method:

[$passwordProtectedPrivateKey, $publicKey] = (new KeyPair())->password('my-password')->generate();

When you are using a password to generate a private key, You will require that password when instantiating the PrivateKey class.

Encrypting a message with a private key, decrypting with the public key

This package allows you to encrypt and decrypt messages with the private key and public keys. You can easily encrypt data using the private key, and also decrypt it utilizing the public key.

Here’s an example:

$data = 'my secret data';
$privateKey = Spatie\Crypto\Rsa\PrivateKey::fromFile($pathToPrivateKey);
$encryptedData = $privateKey->encrypt($data); // encrypted data contains something unreadable

$publicKey = Spatie\Crypto\Rsa\PublicKey::fromFile($pathToPublicKey);
$decryptedData = $publicKey->decrypt($encryptedData); // decrypted data contains 'my secret data'

If the decrypt method cannot decrypt the given data. It happened due to a non-matching private key was employed to encrypt the data or maybe the data had been shuffled. So an exception of class Spatie\Crypto\Exceptions\CouldNotDecryptData will be thrown.

Encrypting a message with a public key, decrypting with the private key

You can encrypt the data using the public key, and also decrypt it utilizing the private key.

$data = 'my secret data';
$publicKey = Spatie\Crypto\Rsa\PublicKey::fromFile($pathToPublicKey);
$encryptedData = $publicKey->encrypt($data); // encrypted data contains something unreadable

$privateKey = Spatie\Crypto\Rsa\PrivateKey::fromFile($pathToPrivateKey);
$decryptedData = $privateKey->decrypt($encryptedData); // decrypted data contains 'my secret data'

If the decrypt method cannot decrypt the given data. It happened due to a non-matching private key was employed to encrypt the data or maybe the data had been shuffled. So an exception of class Spatie\Crypto\Exceptions\CouldNotDecryptData will be thrown.

Check if the data can be decrypted

This package provides a canDecrypt method for the PublicKey and PrivateKey classes that offers a way to determine that the given data can be decrypted or not.

Spatie\Crypto\Rsa\PrivateKey::fromFile($pathToPrivateKey)->canDecrypt($data); // returns a boolean;
Spatie\Crypto\Rsa\PublicKey::fromFile($pathToPublicKey)->canDecrypt($data); // returns a boolean;

Signing and verifying data

The PrivateKey class has a method called Sign that creates a signature for the given data. The verify method on the PublicKey class can be employed to verify if a signature is valid for the given data or not.

$signature = Spatie\Crypto\Rsa\PrivateKey::fromFile($pathToPrivateKey)->sign('my message'); // returns a string

$publicKey = Spatie\Crypto\Rsa\PublicKey::fromFile($pathToPublicKey);

$publicKey->verify('my message', $signature) // returns true;
$publicKey->verify('my modified message', $signature) // returns false;

Closing Notes

Spatie/crypto also provides a method for Loading keys. If you want to discover more about the spatie/crypto package, you can go to the documentation of this package on GitHub.