Encryption/Decryption
Phalcon provides encryption facilities via the Phalcon\Crypt component. This class offers simple object-oriented wrappers to the mcrypt php’s encryption library.
By default, this component provides secure encryption using AES-256 (rijndael-256-cbc).
Basic Usage
This component is designed to provide a very simple usage:
//Create an instance $crypt = new Phalcon\Crypt(); $key = 'le password'; $text = 'This is a secret text'; $encrypted = $crypt->encrypt($text, $key); echo $crypt->decrypt($encrypted, $key);
You can use the same instance to encrypt/decrypt several times:
//Create an instance $crypt = new Phalcon\Crypt(); $texts = array( 'my-key' => 'This is a secret text', 'other-key' => 'This is a very secret' ); foreach ($texts as $key => $text) { //Perform the encryption $encrypted = $crypt->encrypt($text, $key); //Now decrypt echo $crypt->decrypt($encrypted, $key); }
Encryption Options
The following options are available to change the encryption behavior:
Name | Description |
---|---|
Cipher | The cipher is one of the encryption algorithms supported by libmcrypt. You can see a list here |
Mode | One of the encryption modes supported by libmcrypt (ecb, cbc, cfb, ofb) |
Example:
//Create an instance $crypt = new Phalcon\Crypt(); //Use blowfish $crypt->setCipher('blowfish'); $key = 'le password'; $text = 'This is a secret text'; echo $crypt->encrypt($text, $key);
Base64 Support
In order that encryption is properly transmitted (emails) or displayed (browsers) base64 encoding is usually applied to encrypted texts:
//Create an instance $crypt = new Phalcon\Crypt(); $key = 'le password'; $text = 'This is a secret text'; $encrypt = $crypt->encryptBase64($text, $key); echo $crypt->decryptBase64($text, $key);
Setting up an Encryption service
You can set up the encryption component in the services container in order to use it from any part of the application:
$di->set('crypt', function() { $crypt = new Phalcon\Crypt(); //Set a global encryption key $crypt->setKey('%31.1e$i86e$f!8jz'); return $crypt; }, true);
Then, for example, in a controller you can use it as follows:
use Phalcon\Mvc\Controller; class SecretsController extends Controller { public function saveAction() { $secret = new Secrets(); $text = $this->request->getPost('text'); $secret->content = $this->crypt->encrypt($text); if ($secret->save()) { $this->flash->success('Secret was successfully created!'); } } }
© 2011–2016 Phalcon Framework Team
Licensed under the Creative Commons Attribution License 3.0.
https://docs.phalconphp.com/en/2.0.0/reference/crypt.html