The KeyStore API is code complete. Check it out at phpkeystore.org. The current development release can always be installed with PEAR using:
pear install http://phpkeystore.org/download/KeyStore-current.tgz
All that really remains right now is internal tweaking for best practices and performance.
To summarize the functionality, the key management functionality consists of:
- Loading and storing the key store
- Creating secret keys, certificate signing requests, importing signed certificates, and deleting key store entries
- Querying the key store for the existence of an entry and what type of entry it is
And the key usage functionality consists of:
- Loading the key store
- Using a public/private key pair to encrypt, decrypt, sign, and verify
- Using a secret symmetric key to encrypt and decrypt
The current to-do list:
- Add configuration file for system default values
- Support file-based passwords
- Support user-supplied options on the interface methods in order to support cryptographic functionality other than the default, baked-in settings
- Add failure-case unit tests
- Code review