Phalcon provides encryption facilities via the Phalcon\Crypt component. This class offers simple object-oriented wrappers to the openssl PHP’s encryption library.
By default, this component provides secure encryption using AES-256-CFB.
You must use a key length corresponding to the current algorithm. For the algorithm used by default it is 32 bytes.
This component is designed to provide a very simple usage:
use Phalcon\Crypt; // Create an instance $crypt = new Crypt(); $key = "This is a secret key (32 bytes)."; $text = "This is the text that you want to encrypt."; $encrypted = $crypt->encrypt($text, $key); echo $crypt->decrypt($encrypted, $key);
You can use the same instance to encrypt/decrypt several times:
use Phalcon\Crypt; // Create an instance $crypt = new Crypt(); $texts = [ "my-key" => "This is a secret text", "other-key" => "This is a very secret", ]; foreach ($texts as $key => $text) { // Perform the encryption $encrypted = $crypt->encrypt($text, $key); // Now decrypt echo $crypt->decrypt($encrypted, $key); }
The following options are available to change the encryption behavior:
Name | Description |
---|---|
Cipher | The cipher is one of the encryption algorithms supported by openssl. You can see a list here |
Example:
use Phalcon\Crypt; // Create an instance $crypt = new Crypt(); // Use blowfish $crypt->setCipher("bf-cbc"); $key = "le password"; $text = "This is a secret text"; echo $crypt->encrypt($text, $key);
In order for encryption to be properly transmitted (emails) or displayed (browsers) base64 encoding is usually applied to encrypted texts:
use Phalcon\Crypt; // Create an instance $crypt = new Crypt(); $key = "le password"; $text = "This is a secret text"; $encrypt = $crypt->encryptBase64($text, $key); echo $crypt->decryptBase64($encrypt, $key);
You can set up the encryption component in the services container in order to use it from any part of the application:
use Phalcon\Crypt; $di->set( "crypt", function () { $crypt = new Crypt(); // Set a global encryption key $crypt->setKey( "%31.1e$i86e$f!8jz" ); return $crypt; }, true );
Then, for example, in a controller you can use it as follows:
use Phalcon\Mvc\Controller; class SecretsController extends Controller { public function saveAction() { $secret = new Secrets(); $text = $this->request->getPost("text"); $secret->content = $this->crypt->encrypt($text); if ($secret->save()) { $this->flash->success( "Secret was successfully created!" ); } } }
© 2011–2017 Phalcon Framework Team
Licensed under the Creative Commons Attribution License 3.0.
https://docs.phalconphp.com/en/latest/reference/crypt.html