Simple PASETO v2.public for PHP >= 5.4


This is a very simple PASETO implementation written in PHP.

NOTE: if you are looking for the reference implementation of PASETO, please use paragonie/paseto.


A tiny library that just implements Version2::sign and Version2::verify of the paragonie/paseto project. In addition it has a Version2::extractFooter method for extracting the footer to select the correct public key for verifying the signature.

It uses the official test vectors to make sure everything works as expected.


We explicitly support CentOS / Red Hat Enterprise >= 7 with php-pecl-libsodium from EPEL.


I really like the idea of PASETO! I need to support PHP >= 5.4, so I can't use paragonie/paseto as it requires PHP >= 7. So I decided to make a tiny implementation that just supports v2.public.


The API of Version2 is similar to the one in paragonie/paseto.


    require_once 'vendor/autoload.php';
    $secretKey = \fkooman\Paseto\Keys\AsymmetricSecretKey::generate();
    $publicKey = $secretKey->getPublicKey();
    $signMsg = \fkooman\Paseto\Version2::sign('hello', $secretKey);
    // 'hello'
    echo \fkooman\Paseto\Version2::verify($signMsg, $publicKey).PHP_EOL;


You can contact me with any questions or issues regarding this project. Drop me a line at

If you want to (responsibly) disclose a security issue you can also use the PGP key with key ID 9C5EDD645A571EB2 and fingerprint 6237 BAF1 418A 907D AA98 EAA7 9C5E DD64 5A57 1EB2.


ISC, same as paragonie/paseto. I copy/pasted some code snippets/docblocks from this library and used them here.