MENU
Edit
In Place Editing Advanced Editing

Encryption/Decryption

Phalcon provides encryption facilities via the Phalcon\Crypt component. This class offers simple object-oriented wrappers to the openssl PHP’s encryption library.

By default, this component provides secure encryption using AES-256-CFB.

You must use a key length corresponding to the current algorithm. For the algorithm used by default it is 32 bytes.

Basic Usage

This component is designed to provide a very simple usage:

1
2
3
4
5
6
7
8
9
10
11
use Phalcon\Crypt;
 
// Create an instance
$crypt = new Crypt();
 
$key  = "This is a secret key (32 bytes).";
$text = "This is the text that you want to encrypt.";
 
$encrypted = $crypt->encrypt($text, $key);
 
echo $crypt->decrypt($encrypted, $key);

You can use the same instance to encrypt/decrypt several times:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
use Phalcon\Crypt;
 
// Create an instance
$crypt = new Crypt();
 
$texts = [
    "my-key"    => "This is a secret text",
    "other-key" => "This is a very secret",
];
 
foreach ($texts as $key => $text) {
    // Perform the encryption
    $encrypted = $crypt->encrypt($text, $key);
 
    // Now decrypt
    echo $crypt->decrypt($encrypted, $key);
}

Encryption Options

The following options are available to change the encryption behavior:

Name Description
Cipher The cipher is one of the encryption algorithms supported by openssl. You can see a list here

Example:

1
2
3
4
5
6
7
8
9
10
11
12
use Phalcon\Crypt;
 
// Create an instance
$crypt = new Crypt();
 
// Use blowfish
$crypt->setCipher("bf-cbc");
 
$key  = "le password";
$text = "This is a secret text";
 
echo $crypt->encrypt($text, $key);

Base64 Support

In order for encryption to be properly transmitted (emails) or displayed (browsers) base64 encoding is usually applied to encrypted texts:

1
2
3
4
5
6
7
8
9
10
11
use Phalcon\Crypt;
 
// Create an instance
$crypt = new Crypt();
 
$key  = "le password";
$text = "This is a secret text";
 
$encrypt = $crypt->encryptBase64($text, $key);
 
echo $crypt->decryptBase64($encrypt, $key);

Setting up an Encryption service

You can set up the encryption component in the services container in order to use it from any part of the application:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
use Phalcon\Crypt;
 
$di->set(
    "crypt",
    function () {
        $crypt = new Crypt();
 
        // Set a global encryption key
        $crypt->setKey(
            "%31.1e$i86e$f!8jz"
        );
 
        return $crypt;
    },
    true
);

Then, for example, in a controller you can use it as follows:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
use Phalcon\Mvc\Controller;
 
class SecretsController extends Controller
{
    public function saveAction()
    {
        $secret = new Secrets();
 
        $text = $this->request->getPost("text");
 
        $secret->content = $this->crypt->encrypt($text);
 
        if ($secret->save()) {
            $this->flash->success(
                "Secret was successfully created!"
            );
        }
    }
}
doc_Phalcon
doc_Phalcon
2025-01-10 15:47:30
Comments
Leave a Comment

Please login to continue.