Really simple encryption in PHP!

Have you ever wanted to improve your app’s security by hiding everything in your database? Let’s make a simple encryption and decryption script in PHP using the openssl_encrypt and openssl_decrypt functions

Step 1

Let’s define some variable…

Have you ever wanted to improve your app’s security by hiding everything in your database? Let’s make a simple encryption and decryption script in PHP using the openssl_encrypt and openssl_decrypt functions



Step 1

Let’s define some variables

<?php
define("encryption_method", "AES-128-CBC");
define("key", "your_amazing_key_here");

Obviously, change the encryption key



Step 2

Creating a function to encrypt data

<?php
function encrypt($data) {
    $key = key;
    $plaintext = $data;
    $ivlen = openssl_cipher_iv_length($cipher = encryption_method);
    $iv = openssl_random_pseudo_bytes($ivlen);
    $ciphertext_raw = openssl_encrypt($plaintext, $cipher, $key, $options = OPENSSL_RAW_DATA, $iv);
    $hmac = hash_hmac('sha256', $ciphertext_raw, $key, $as_binary = true);
    $ciphertext = base64_encode($iv . $hmac . $ciphertext_raw);
    return $ciphertext;
}

Explained

  • openssl_random_pseudo_bytes – Generates a string of pseudo-random bytes, with the number of bytes determined by the length parameter.
  • openssl_cipher_iv_length – The cipher method, see openssl_get_cipher_methods() for a list of potential values
  • openssl_encrypt – PHP lacks a build-in function to encrypt and decrypt large files. openssl_encrypt() can be used to encrypt strings
  • hash_hmac – Returns a string containing the calculated message digest as lowercase hexits unless binary is set to true in which case the raw binary representation
  • base64_encode – Encodes the given string with base64



Step 3

Let’s create a simple script to decrypt our encrypted string

function decrypt($data) {
    $key = key;
    $c = base64_decode($data);
    $ivlen = openssl_cipher_iv_length($cipher = encryption_method);
    $iv = substr($c, 0, $ivlen);
    $hmac = substr($c, $ivlen, $sha2len = 32);
    $ciphertext_raw = substr($c, $ivlen + $sha2len);
    $original_plaintext = openssl_decrypt($ciphertext_raw, $cipher, $key, $options = OPENSSL_RAW_DATA, $iv);
    $calcmac = hash_hmac('sha256', $ciphertext_raw, $key, $as_binary = true);
    if (hash_equals($hmac, $calcmac))
    {
        return $original_plaintext;
    }
}

Explained
The only difference here is the openssl_decrypt function. Takes a raw or base64 encoded string and decrypts it using a given method and key.



Complete code

<?php
define("encryption_method", "AES-128-CBC");
define("key", "your_amazing_key_here");
function encrypt($data) {
    $key = key;
    $plaintext = $data;
    $ivlen = openssl_cipher_iv_length($cipher = encryption_method);
    $iv = openssl_random_pseudo_bytes($ivlen);
    $ciphertext_raw = openssl_encrypt($plaintext, $cipher, $key, $options = OPENSSL_RAW_DATA, $iv);
    $hmac = hash_hmac('sha256', $ciphertext_raw, $key, $as_binary = true);
    $ciphertext = base64_encode($iv . $hmac . $ciphertext_raw);
    return $ciphertext;
}
function decrypt($data) {
    $key = key;
    $c = base64_decode($data);
    $ivlen = openssl_cipher_iv_length($cipher = encryption_method);
    $iv = substr($c, 0, $ivlen);
    $hmac = substr($c, $ivlen, $sha2len = 32);
    $ciphertext_raw = substr($c, $ivlen + $sha2len);
    $original_plaintext = openssl_decrypt($ciphertext_raw, $cipher, $key, $options = OPENSSL_RAW_DATA, $iv);
    $calcmac = hash_hmac('sha256', $ciphertext_raw, $key, $as_binary = true);
    if (hash_equals($hmac, $calcmac))
    {
        return $original_plaintext;
    }
}

echo encrypt("Hello World!");
echo "\n";
echo decrypt(encrypt("Hello World!"));
?>



How to use



To encrypt something

encrypt("Foo");



To decrypt something

decrypt("lF0wxjGE4H7bbSH/51+ihseCa7aT5hn2Wm0b4expCxqc/W9A38m37QXakG/i/hAjSrNzMpINfZWnh8/9Kd2nodHTiP0Vq0euQ4Z3BOO1vt0WP6dsGRR03po7e4dIlep/lMrwS341jzN+o+FPUtcPVPUr6BEc0RtHwFoUH6NNm+2mWXYLUVH4Ct86iuD8+6eBC1SG3IG21R1dWREGdLrsWQ==")

See if you can decrypt the following message. I’ll post the encryption key in the comments section later!
Hint: The key is a 3-letter programming language



Credits

This code was taken from my own app, Smartlist. Smartlist is a home inventory app that lets you keep track of what’s in your home! We encrypt our items, tasks, and notes too!


Print Share Comment Cite Upload Translate
APA
ManuTheCoder | Sciencx (2024-03-29T10:00:19+00:00) » Really simple encryption in PHP!. Retrieved from https://www.scien.cx/2021/11/20/really-simple-encryption-in-php/.
MLA
" » Really simple encryption in PHP!." ManuTheCoder | Sciencx - Saturday November 20, 2021, https://www.scien.cx/2021/11/20/really-simple-encryption-in-php/
HARVARD
ManuTheCoder | Sciencx Saturday November 20, 2021 » Really simple encryption in PHP!., viewed 2024-03-29T10:00:19+00:00,<https://www.scien.cx/2021/11/20/really-simple-encryption-in-php/>
VANCOUVER
ManuTheCoder | Sciencx - » Really simple encryption in PHP!. [Internet]. [Accessed 2024-03-29T10:00:19+00:00]. Available from: https://www.scien.cx/2021/11/20/really-simple-encryption-in-php/
CHICAGO
" » Really simple encryption in PHP!." ManuTheCoder | Sciencx - Accessed 2024-03-29T10:00:19+00:00. https://www.scien.cx/2021/11/20/really-simple-encryption-in-php/
IEEE
" » Really simple encryption in PHP!." ManuTheCoder | Sciencx [Online]. Available: https://www.scien.cx/2021/11/20/really-simple-encryption-in-php/. [Accessed: 2024-03-29T10:00:19+00:00]
rf:citation
» Really simple encryption in PHP! | ManuTheCoder | Sciencx | https://www.scien.cx/2021/11/20/really-simple-encryption-in-php/ | 2024-03-29T10:00:19+00:00
https://github.com/addpipe/simple-recorderjs-demo