Obscura is an advanced PHP cryptography library that combines robust AES encryption (AES-256-CBC by default) with a multi-round polynomial-based custom encryption layer for enhanced security. It also supports URL-safe Base64 encoding when desired.
Report a Bug · New Pull Request
No GMP extension needed – everything is done via the Extended Euclidean Algorithm for modular arithmetic.
Disclaimer: This code is presented for educational purposes. For production environments, ensure that you have conducted a thorough security review and implemented best practices for key management, tamper detection, and environment-specific compliance requirements.
If you find this library helpful, please consider giving it a star on GitHub. Your support helps improve and maintain the project. Thank you! 🌟
- AES-256-CBC: Provides a strong, battle-tested encryption foundation via OpenSSL.
- Multi-Round Custom Layer: Applies multiple polynomial transformations on each character, making cryptanalysis more challenging.
- No GMP Dependency: Uses the Extended Euclidean Algorithm for modular inverse, so GMP is not required.
- URL-Safe Base64 Option: Encrypt once, share anywhere. Prevents
+,/, and=characters from breaking URLs. - Strict Typing: Leverages PHP 8.0+ features and enforces strict typing for reliability.
- Custom Exceptions: Throws a
CryptoExceptionfor all encryption/decryption errors, making error handling straightforward.
You can install the Obscura library using Composer. Run the following command in your terminal:
composer require ramazancetinkaya/obscuraThis command adds the library to your composer.json and installs it in the vendor/ directory.
Below are quick examples demonstrating how to use Obscura in your PHP project.
<?php
require 'vendor/autoload.php';
use ramazancetinkaya\Obscura;
use ramazancetinkaya\ObscuraException;
try {
// Create an Obscura instance
$secretKey = 'my-super-secure-key';
$obscura = new Obscura($secretKey);
// Data to encrypt
$plainText = 'Hello World!';
// Encrypt
$encrypted = $obscura->encrypt($plainText);
echo "Encrypted (base64): " . $encrypted . PHP_EOL;
// Decrypt
$decrypted = $obscura->decrypt($encrypted);
echo "Decrypted: " . $decrypted . PHP_EOL;
} catch (ObscuraException $e) {
echo "Error: " . $e->getMessage();
}If you prefer URL-safe Base64 encoding (e.g. for inclusion in GET parameters), you can enable it via the constructor:
<?php
require 'vendor/autoload.php';
use ramazancetinkaya\Obscura;
use ramazancetinkaya\ObscuraException;
try {
// URL-safe Obscura instance
$secretKey = 'my-super-secure-key';
$obscuraSafe = new Obscura($secretKey, 'aes-256-cbc', true);
// Data to encrypt
$plainUrl = 'https://example.com?param=someValue';
// Encrypt (URL-safe)
$encryptedUrl = $obscuraSafe->encrypt($plainUrl);
echo "Encrypted (URL-safe): " . $encryptedUrl . PHP_EOL;
// Decrypt
$decryptedUrl = $obscuraSafe->decrypt($encryptedUrl);
echo "Decrypted URL: " . $decryptedUrl . PHP_EOL;
} catch (ObscuraException $e) {
echo "Error: " . $e->getMessage();
}Contributions are welcome! Please feel free to submit a pull request or open an issue for any enhancements or bug fixes.
This project is licensed under the MIT License. See the LICENSE file for more details.