PHP Classes

PHP ChaCha20-Poly1305: Encrypt and decrypt data using ChaCha20 cipher

Recommend this page to a friend!
  Info   View files Documentation   View files View files (3)   DownloadInstall with Composer Download .zip   Reputation   Support forum   Blog    
Last Updated Ratings Unique User Downloads Download Rankings
2019-02-03 (18 days ago) RSS 2.0 feedNot yet rated by the usersTotal: 50 This week: 4All time: 9,413 This week: 114Up
Version License PHP version Categories
chacha20-and-poly130 1.0.2The PHP License7PHP 5, Cryptography
Description Author

This class can encrypt and decrypt data using ChaCha20 cipher.

It can take a give string of data and a key so it can encrypts it with ChaCha cipher.

The class can also decrypt a previously encrypted data string using also the ChaCha20 cipher.

It may as well compute a hash using the Poly1305 message authentication code.

Innovation Award
PHP Programming Innovation award nominee
January 2019
As time passes stronger encryption algorithms are being developed to make it more difficult to break even when using more powerful modern hardware devices programmed to use brute-force methods to discover sensitive information like user passwords.

This class provides a pure PHP implementation of the ChaCha20 cipher and the Poly1305 message authentication code.

Manuel Lemos
Name: Jose Luis Lucas <contact>
Classes: 4 packages by
Country: Spain Spain
Age: ???
All time rank: 3961104 in Spain Spain
Week rank: 54 Up2 in Spain Spain Up
Innovation award
Innovation award
Nominee: 1x



Implemented from rtf8439

The Poly1305-AES message-authentication code

Adapted from


$x = new AEAD_CHACHA20_POLY1305;

$poly_mac = $x->poly($r_key , $s_key , $msg)

o K_LEN (key length) is 32 octets.

o P_MAX (maximum size of the plaintext) is 274,877,906,880 bytes, or

  nearly 256 GB.

o A_MAX (maximum size of the associated data) is set to 2^64-1

  octets by the length field for associated data.

o N_MIN = N_MAX = 12 octets.

o C_MAX = P_MAX + tag length = 274,877,906,896 octets.

for the nonce

A 96-bit nonce -- different for each invocation with the same key

Some protocols may have unique per-invocation inputs that are not 96
   bits in length.  For example, IPsec may specify a 64-bit nonce.  In
   such a case, it is up to the protocol document to define how to
   transform the protocol nonce into a 96-bit nonce, for example, by
   concatenating a constant value.

32-bit fixed-common part = Constant = '07000000' from rtf8439

$cipher = $x->chacha20_aead_encrypt($aad, $Key, $Iv, '07000000', $plaintext)

$cipher returns ciphered text + tag in hex, so tag = substr(cipher,-32) and cipher = substr(cipher,0,-32)

$plaintext = $x->chacha20_aead_decrypt($aad, $Key, $Iv, '07000000', $cipher)

$cipher should have tag appended






This code is placed in the public domain.

  Files folder image Files  
File Role Description
Plain text file AEAD_CHACHA20_POLY1305.php Class Class source
Accessible without login Plain text file chacha20_poly1305_tests.txt Doc. Documentation
Accessible without login Plain text file Doc. Documentation

 Version Control Unique User Downloads Download Rankings  
This week:4
All time:9,413
This week:114Up