Home > Backend Development > PHP Tutorial > How Can I Implement Simple Two-Way Encryption and Authentication in PHP?

How Can I Implement Simple Two-Way Encryption and Authentication in PHP?

Mary-Kate Olsen
Release: 2024-12-24 02:10:13
Original
216 people have browsed it

How Can I Implement Simple Two-Way Encryption and Authentication in PHP?

Simplest Two-Way Encryption using PHP

Background

Caution: Avoid encrypting passwords using these methods; instead, employ password hashing algorithms for safe password storage.

Portable Data Encryption in PHP

When using PHP 5.4 or later and desiring code portability, utilize an existing library providing authenticated encryption. Openssl methods, such as openssl_encrypt() and openssl_decrypt(), can be employed once you've selected an encryption method.

Encryption and Decryption

Consider using the Advanced Encryption Standard (AES) in CTR mode for encryption. This method offers the best balance between security and performance. Consult openssl_get_cipher_methods() for a list of supported methods.

Simple Encryption/Decryption Wrapper using OpenSSL

The following PHP class provides a simple encryption/decryption wrapper using OpenSSL:

class UnsafeCrypto
{
    const METHOD = 'aes-256-ctr';

    public static function encrypt($message, $key, $encode = false)
    {
        // ...
        if ($encode) {
            return base64_encode($nonce.$ciphertext);
        }
        return $nonce.$ciphertext;
    }

    public static function decrypt($message, $key, $encoded = false)
    {
        // ...
        $plaintext = openssl_decrypt(
            $ciphertext,
            self::METHOD,
            $key,
            OPENSSL_RAW_DATA,
            $nonce
        );
        
        return $plaintext;
    }
}
Copy after login

Simple Authentication Wrapper

For enhanced security, implement authentication to verify encrypted data's integrity:

class SaferCrypto extends UnsafeCrypto
{
    const HASH_ALGO = 'sha256';

    public static function encrypt($message, $key, $encode = false)
    {
        // ...
        if ($encode) {
            return base64_encode($mac.$ciphertext);
        }
        // Prepend MAC to the ciphertext and return to caller
        return $mac.$ciphertext;
    }

    public static function decrypt($message, $key, $encoded = false)
    {
        // ...
        $calculated = hash_hmac(
            self::HASH_ALGO,
            $ciphertext,
            $authKey,
            true
        );
        
        if (!self::hashEquals($mac, $calculated)) {
            throw new Exception('Encryption failure');
        }
        
        // Pass to UnsafeCrypto::decrypt
        $plaintext = parent::decrypt($ciphertext, $encKey);
        
        return $plaintext;
    }
}
Copy after login

The above is the detailed content of How Can I Implement Simple Two-Way Encryption and Authentication in PHP?. For more information, please follow other related articles on the PHP Chinese website!

source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template