PASERK is an extension to PASETO that provides key-wrapping and serialization.
To understand the motivation behind PASERK, please refer to the PASERK Specification.
PASERKs are serialized keys for use with PASETO. PASERK is short for "Platform-Agnostic SERialized Keys".
A serialized key in PASERK has the format:
k[version].[type].[data]
Each PASERK version corresponds directly with the PASETO version a serialized key is intended to be used with, and it MUST NOT be used for another version.
Each PASERK type is a composition of one or more PASERK operations.
Please refer to the PASERK specification if you'd like to learn more about the types/operations.
This section merely focuses on how to use the PHP implementation.
- Basic Key Serialization (do NOT store these in a PASETO footer)
- Canonical Key Identifiers
- Key Wrapping
local-wraplocal-pwsecret-wrapsecret-pwseal(Asymmetric Encryption)
For local-wrap and secret-wrap, the key-wrapping protocols this library implements
are listed in this directory.
We do not recommend interfacing directly with the PASERK Operations.
Use the PASERK Types instead.