PHP
Installation
To install Themis for PHP, go to Themis source directory and type:
make phpthemis_install
this will build phpthemis.so extension for php. Now add this to php.ini:
extension=phpthemis.so
You're ready to go.
Usage
Key Pair Generation
Themis supports Elliptic Curve and RSA algorithms for asymmetric cryptography
$key_pair = phpthemis_gen_ec_key_pair(); # or phpthemis_gen_rsa_key_pair(); for RSA
$private_key = $key_pair['private_key'];
$public_key = $key_pair['public_key'];
Secure Message
Encrypt message:
$encrypted_message = phpthemis_secure_message_wrap($private_key, $peer_public_key, message);
if (is_null($encrypted_message)){
#error is occured
}
Decrypt message:
$decrypted_message = phpthemis_secure_message_unwrap($private_key, $peer_public_key, encrypted_message);
if (is_null($decrypted_message)){
#error is occured
}
Secure Cell
All Secure Cell modes has an optional parameter context
. For detailed explanation of various modes and their strengths and weaknesses, see objects guide and cryptosystem description for Secure Cell.
Seal Mode
Encrypt
$encrypted_message = phpthemis_scell_full_encrypt($password, $message, $context);
Decrypt
$decrypted_message = phpthemis_scell_full_decrypt($password, $encrypted_message, $context);
Token-protect Mode
Encrypt
$encrypted_message, $additional_auth_data = phpthemis_scell_auto_split_encrypt($password, $message, $context);
Decrypt
message = phpthemis_scell_auto_split_decrypt([$encrypted_message, $additional_auth_data], $context);
Context-Imprint Mode
Encrypt
$encrypted_message = phpthemis_scell_user_split_encrypt($message, $context);
Decrypt
message = phpthemis_scell_user_split_decrypt($encrypted_message, $context);
Secure Session
Themis Secure Session bindings for PHP are included in phpthemis extension. But typical architecture of PHP applications (PHP script is invoked by Apache per every request) does not allow to organize secure interaction for session setup. Secure session object can not be serialized and stored before session establishing process was completed.
However, if you are using standalone / daemonized PHP applications, you might still try to use Secure Session at your own discretion.