Generate Encryption Keys in PHP - AES & RSA Key Generation
Complete code tutorial with examples and best practices
[ Code Example - Quick Summary ]
Language: PHP
What: Learn how to generate AES encryption keys and RSA key pairs in PHP using OpenSSL and random_bytes() for cryptographically secure encryption.
Try it: Use our interactive Encryption-keys generator or integrate this code into your PHP application.
Learn how to generate AES encryption keys and RSA key pairs in PHP using OpenSSL and random_bytes() for cryptographically secure encryption. Looking for other languages? Check our code examples in JavaScript , Python , Java , C# , C++ , Ruby and Go or use our interactive web generator.
PHP Code Example
<?php
// AES-256 Encryption Key Generation
$aes_key = random_bytes(32); // 256 bits
$aes_key_hex = bin2hex($aes_key);
echo "AES-256 Key (Hex): " . $aes_key_hex . "\n";
// AES-128 Encryption Key
$aes_128_key = bin2hex(random_bytes(16)); // 128 bits
echo "AES-128 Key (Hex): " . $aes_128_key . "\n";
// RSA Key Pair Generation (2048-bit)
$config = [
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
];
$res = openssl_pkey_new($config);
openssl_pkey_export($res, $private_key);
$public_key = openssl_pkey_get_details($res)["key"];
echo "Private Key:\n" . $private_key . "\n";
echo "Public Key:\n" . $public_key . "\n";
// Base64 encode for storage
$encoded_key = base64_encode($aes_key);
echo "AES Key (Base64): " . $encoded_key;[EXPLANATION]
This code demonstrates AES and RSA key generation in PHP. For symmetric encryption (AES), we use random_bytes() with 32 bytes (256 bits) for AES-256 or 16 bytes (128 bits) for AES-128. The bin2hex() converts binary to hexadecimal for easy storage. For asymmetric encryption (RSA), openssl_pkey_new() generates a key pair with configurable bit length (2048 or 4096 recommended). openssl_pkey_export() extracts the private key in PEM format, while openssl_pkey_get_details() retrieves the public key. Keys should be stored securely (environment variables, key vaults) and never hardcoded.
Expected Output
AES-256 Key (Hex): a3f5d8c2e1b4f7a9c6d3e8b2f5a1c4d7e9b3f6a2c5d8e1b4f7a9c6d3e8b2f5a1 AES-128 Key (Hex): c7e2f5a9d3b8e1c4f7a2d6b9e3c5f8a1 Private Key: -----BEGIN PRIVATE KEY----- MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC8... -----END PRIVATE KEY----- Public Key: -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP... -----END PUBLIC KEY----- AES Key (Base64): o/XYwuG096nG0+iy9aHE1+mz9qLF2OG096nG0+iy9aE=
Common Use Cases
- Encrypt sensitive database fields (PII, passwords)
- File encryption/decryption systems
- Secure communication channels
- Digital signature verification
- End-to-end encryption applications
Important Notes
-
random_bytes()uses CSPRNG (cryptographically secure) - AES-256 requires 32-byte keys, AES-128 requires 16-byte keys
- RSA key size: 2048-bit minimum, 4096-bit recommended for long-term
- Store private keys securely with proper file permissions (chmod 600)
- Use OpenSSL version 1.1.0+ for modern cryptographic standards
Try Our Interactive Generator
Don't want to write code? Use our free web-based Encryption-keys generator with instant results.
TRY ENCRYPTION-KEYS GENERATOR →Other Programming Languages
View Encryption-keys generation code examples in JavaScript
View Encryption-keys generation code examples in Python
View Encryption-keys generation code examples in Java
View Encryption-keys generation code examples in C#
View Encryption-keys generation code examples in C++
View Encryption-keys generation code examples in Ruby
View Encryption-keys generation code examples in Go