The encryption algorithm should take in a string of data that you want to encrypt and use the chosen encryption method to encrypt the data. The algorithm should then return the encrypted data in a format that you can store in a database or file.
To decrypt the data, you should use the same encryption method to decrypt the data that was used to encrypt it. This means that you will need to store the key somewhere so that you can use it to decode the data later.
How to Encrypt and Decrypt a PHP String?
A PHP string can be encrypted and decrypted using: the openssl_encrpyt() and openssl_decrypt() methods, respectively.
Encrypt a String Using openssl_encrypt() Function
To encrypt a string in PHP using the openssl_encrypt() function, you need to provide the plaintext string, the encryption method, and a key. The function will return the encrypted data, which you can then store or transmit securely.
The syntax for openssl_encrypt() method is:
- $data: The string or data that you want to encrypt.
- $method: The encryption method or cipher you wish to use. You can obtain a list of supported cipher methods by using the openssl_get_cipher_methods()
- $key: The encryption key that will be used to encrypt the data. It should be a string of appropriate length and randomness, based on the chosen cipher method.
- $options: An optional parameter that can include additional flags for specific encryption options. You can combine flags using the bitwise OR (|) Common flags include OPENSSL_RAW_DATA and OPENSSL_ZERO_PADDING.
- $iv: The initialization vector (iv) used for encryption; it should be a random and unique value, provided as a string.
- $tag: An optional parameter used for AEAD (Authenticated Encryption with Associated Data) cipher modes, such as GCM (Galois/Counter Mode) or CCM (Counter with CBC-MAC). It stores the authentication tag generated during encryption.
- $aad: Additional authenticated data that can be used for AEAD cipher modes.
- $tag_length: The length of the authentication tag. For GCM mode, the tag length ranges from 4 to 16 bytes.
For example:
$simple_string = "Welcome to Linuxhint\n";
echo "Original String: " . $simple_string;
$ciphering = "AES-128-CTR";
$iv_length = openssl_cipher_iv_length($ciphering);
$options = 0;
$encryption_iv = '1234567891011121';
$encryption_key = "Linuxhint";
$encryption = openssl_encrypt($simple_string, $ciphering,
$encryption_key, $options, $encryption_iv);
echo "Encrypted String: " . $encryption . "\n";
?>
The code first declares the basic text “Welcome to Linuxhint” and uses the echo command to show it. Then, it specifies the encryption algorithm to be used, AES-128-CTR. It also uses the openssl_cipher_iv_length() function to calculate the size of the initialization vector (IV) needed for this cipher.
The code sets the encryption iv value to ‘1234567891011121’ and the encryption key to ‘Linuxhint’. The encrypted string is then shown using the echo command once the encryption has been completed using the openssl_encrypt() function. Due to the random initialization vector used for encryption, the final encrypted string will vary every time.
Decrypt a String Using openssl_decrypt() Function
To decrypt a string in PHP, you can use the openssl_decrypt() function. This function takes the encrypted data, the encryption method, and the key as inputs and returns the decrypted plaintext.
The syntax for openssl_decrypt() method is:
The arguments passed to the function are:
- $data: The encrypted string or data that you want to decrypt.
- $method: The encryption method or cipher used during encryption. You can obtain a list of supported cipher methods by using the openssl_get_cipher_methods()
- $key: The encryption key that was used to encrypt the data. It should match the key used during encryption.
- $options: An optional parameter that can include additional flags for specific decryption options. You can combine flags using the bitwise OR (|) operator. Common flags include OPENSSL_RAW_DATA and OPENSSL_ZERO_PADDING.
- $iv: The initialization vector (IV) used during encryption. It should be the same IV that was used during encryption and passed as a string.
- $tag: The authentication tag for AEAD (Authenticated Encryption with Associated Data) cipher modes, such as GCM (Galois/Counter Mode) or CCM (Counter with CBC-MAC). If the authentication fails, openssl_decrypt() will return FALSE.
- $aad: Additional authenticated data that was used during encryption for AEAD cipher modes.
Return Value: If successful, it returns the decrypted string; otherwise, it returns FALSE.
For example:
$encrypted_string = "rKaeYsYaNjkVbRPmJizrdX0xutLE";
echo "Encrypted String: " . $encrypted_string . "\n";
$decryption_iv = '1234567891011121';
$ciphering = "AES-128-CTR";
$options= 0;
$decryption_key = "Linuxhint";
$decryption=openssl_decrypt ($encrypted_string, $ciphering,
$decryption_key, $options, $decryption_iv);
echo "Decrypted String: " . $decryption;
?>
The vector length in this code is calculated using the openssl_cipher_iv_length() function, and the same encryption iv and key parameters are used during encryption. The ciphering algorithm is defined as AES-128-CTR.
The previously encrypted string is decrypted using the ciphering algorithm, encryption key, settings, and IV values by the openssl_decrypt() function. The resultant decrypted text is then shown using the echo command.
Conclusion
The creation of websites often involves encrypting and decrypting data. By using encryption to protect sensitive data, you can avoid exposing your users to identity theft, fraud, and other security threats. Strings in PHP can be encrypted and decrypted by the functions openssl_encrypt() and openssl_decrypt() functions. By carefully employing the encryption algorithm and key, you can create a robust and secure system for handling sensitive data in your PHP applications.
