Really simple encryption in PHP!

Have you ever wanted to improve your app’s security by hiding everything in your database? Let’s make a simple encryption and decryption script in PHP using the openssl_encrypt and openssl_decrypt functions

Step 1

Let’s define some variable…


This content originally appeared on DEV Community and was authored by ManuTheCoder

Have you ever wanted to improve your app's security by hiding everything in your database? Let's make a simple encryption and decryption script in PHP using the openssl_encrypt and openssl_decrypt functions

Step 1

Let's define some variables

<?php
define("encryption_method", "AES-128-CBC");
define("key", "your_amazing_key_here");

Obviously, change the encryption key

Step 2

Creating a function to encrypt data

<?php
function encrypt($data) {
    $key = key;
    $plaintext = $data;
    $ivlen = openssl_cipher_iv_length($cipher = encryption_method);
    $iv = openssl_random_pseudo_bytes($ivlen);
    $ciphertext_raw = openssl_encrypt($plaintext, $cipher, $key, $options = OPENSSL_RAW_DATA, $iv);
    $hmac = hash_hmac('sha256', $ciphertext_raw, $key, $as_binary = true);
    $ciphertext = base64_encode($iv . $hmac . $ciphertext_raw);
    return $ciphertext;
}

Explained

  • openssl_random_pseudo_bytes - Generates a string of pseudo-random bytes, with the number of bytes determined by the length parameter.
  • openssl_cipher_iv_length - The cipher method, see openssl_get_cipher_methods() for a list of potential values
  • openssl_encrypt - PHP lacks a build-in function to encrypt and decrypt large files. openssl_encrypt() can be used to encrypt strings
  • hash_hmac - Returns a string containing the calculated message digest as lowercase hexits unless binary is set to true in which case the raw binary representation
  • base64_encode - Encodes the given string with base64

Step 3

Let's create a simple script to decrypt our encrypted string

function decrypt($data) {
    $key = key;
    $c = base64_decode($data);
    $ivlen = openssl_cipher_iv_length($cipher = encryption_method);
    $iv = substr($c, 0, $ivlen);
    $hmac = substr($c, $ivlen, $sha2len = 32);
    $ciphertext_raw = substr($c, $ivlen + $sha2len);
    $original_plaintext = openssl_decrypt($ciphertext_raw, $cipher, $key, $options = OPENSSL_RAW_DATA, $iv);
    $calcmac = hash_hmac('sha256', $ciphertext_raw, $key, $as_binary = true);
    if (hash_equals($hmac, $calcmac))
    {
        return $original_plaintext;
    }
}

Explained
The only difference here is the openssl_decrypt function. Takes a raw or base64 encoded string and decrypts it using a given method and key.

Complete code 

<?php
define("encryption_method", "AES-128-CBC");
define("key", "your_amazing_key_here");
function encrypt($data) {
    $key = key;
    $plaintext = $data;
    $ivlen = openssl_cipher_iv_length($cipher = encryption_method);
    $iv = openssl_random_pseudo_bytes($ivlen);
    $ciphertext_raw = openssl_encrypt($plaintext, $cipher, $key, $options = OPENSSL_RAW_DATA, $iv);
    $hmac = hash_hmac('sha256', $ciphertext_raw, $key, $as_binary = true);
    $ciphertext = base64_encode($iv . $hmac . $ciphertext_raw);
    return $ciphertext;
}
function decrypt($data) {
    $key = key;
    $c = base64_decode($data);
    $ivlen = openssl_cipher_iv_length($cipher = encryption_method);
    $iv = substr($c, 0, $ivlen);
    $hmac = substr($c, $ivlen, $sha2len = 32);
    $ciphertext_raw = substr($c, $ivlen + $sha2len);
    $original_plaintext = openssl_decrypt($ciphertext_raw, $cipher, $key, $options = OPENSSL_RAW_DATA, $iv);
    $calcmac = hash_hmac('sha256', $ciphertext_raw, $key, $as_binary = true);
    if (hash_equals($hmac, $calcmac))
    {
        return $original_plaintext;
    }
}

echo encrypt("Hello World!");
echo "\n";
echo decrypt(encrypt("Hello World!"));
?>

How to use

To encrypt something 

encrypt("Foo");

To decrypt something 

decrypt("lF0wxjGE4H7bbSH/51+ihseCa7aT5hn2Wm0b4expCxqc/W9A38m37QXakG/i/hAjSrNzMpINfZWnh8/9Kd2nodHTiP0Vq0euQ4Z3BOO1vt0WP6dsGRR03po7e4dIlep/lMrwS341jzN+o+FPUtcPVPUr6BEc0RtHwFoUH6NNm+2mWXYLUVH4Ct86iuD8+6eBC1SG3IG21R1dWREGdLrsWQ==")

See if you can decrypt the following message. I'll post the encryption key in the comments section later!
Hint: The key is a 3-letter programming language

Credits

This code was taken from my own app, Smartlist. Smartlist is a home inventory app that lets you keep track of what's in your home! We encrypt our items, tasks, and notes too!


This content originally appeared on DEV Community and was authored by ManuTheCoder


Print Share Comment Cite Upload Translate Updates
APA

ManuTheCoder | Sciencx (2021-11-20T07:03:52+00:00) Really simple encryption in PHP!. Retrieved from https://www.scien.cx/2021/11/20/really-simple-encryption-in-php/

MLA
" » Really simple encryption in PHP!." ManuTheCoder | Sciencx - Saturday November 20, 2021, https://www.scien.cx/2021/11/20/really-simple-encryption-in-php/
HARVARD
ManuTheCoder | Sciencx Saturday November 20, 2021 » Really simple encryption in PHP!., viewed ,<https://www.scien.cx/2021/11/20/really-simple-encryption-in-php/>
VANCOUVER
ManuTheCoder | Sciencx - » Really simple encryption in PHP!. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2021/11/20/really-simple-encryption-in-php/
CHICAGO
" » Really simple encryption in PHP!." ManuTheCoder | Sciencx - Accessed . https://www.scien.cx/2021/11/20/really-simple-encryption-in-php/
IEEE
" » Really simple encryption in PHP!." ManuTheCoder | Sciencx [Online]. Available: https://www.scien.cx/2021/11/20/really-simple-encryption-in-php/. [Accessed: ]
rf:citation
» Really simple encryption in PHP! | ManuTheCoder | Sciencx | https://www.scien.cx/2021/11/20/really-simple-encryption-in-php/ |

Please log in to upload a file.



There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.

Related Posts