How PHP uses MongoDB to encrypt and decrypt data-PHP Tutorial-php.cn

How PHP uses MongoDB to encrypt and decrypt data

王林

Release： 2023-07-07 11:28:01

Original

1373 people have browsed it

How PHP uses MongoDB to implement data encryption and decryption

In web development, data encryption and decryption is a very important security measure. MongoDB is a popular database that provides powerful features and flexibility for encrypting and decrypting data. This article will introduce how to use MongoDB to encrypt and decrypt data in PHP, and provide corresponding code examples.

Install MongoDB and PHP extensions
First, you need to install the MongoDB database and the MongoDB extension for PHP. You can download the MongoDB database through the official website and follow their installation guide. To install the MongoDB extension for PHP, you can use the PECL command: pecl install mongodb. After the installation is complete, you need to add extension=mongodb.so in the php.ini file to enable the extension.
Connecting to MongoDB database
It is very simple to connect to MongoDB database using PHP. You just create a MongoDB client object using the constructor of the MongoDB class and select the database you want to connect to. The following is a sample code:

<?php
$mongoClient = new MongoDBClient("mongodb://localhost:27017");
$database = $mongoClient->mydatabase;
?>

Copy after login

Encrypted data
MongoDB provides two methods of symmetric encryption and hash encryption. The sample codes for these two encryption methods will be introduced below.

3.1 Symmetric encryption
Symmetric encryption is an encryption method that uses the same key for encryption and decryption. The following is sample code using MongoDB symmetric encryption:

<?php
$collection = $database->mycollection;

$encryptionData = [
    'name' => 'John Smith',
    'email' => 'john@example.com',
    'phone' => '1234567890'
];

$encryptionOptions = [
    'keyVaultNamespace' => 'encryption.__keyVault',
    'kmsProviders' => [
        'local' => [
            'key' => base64_encode(openssl_random_pseudo_bytes(96)),
        ],
    ],
    'algorithm' => 'AEAD_AES_256_CBC_HMAC_SHA_512-Random',
    'header' => ['keyId' => base64_encode(openssl_random_pseudo_bytes(96))],
];

$command = [
    'encrypt' => $collection->getCollectionName(),
    'bsonType' => 'object',
    'value' => $encryptionData,
    'algorithm' => 'AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic',
];

$encryptedData = $database->command(['encrypt' => [$command, $encryptionOptions]])->toArray()[0];

$collection->insertOne($encryptedData);
?>

Copy after login

3.2 Hash encryption
Hash encryption is a one-way encryption method that converts data into a unique hash value. The following is sample code for encryption using MongoDB hashing:

<?php
$collection = $database->mycollection;

$encryptionData = [
    'name' => 'John Smith',
    'email' => 'john@example.com',
    'phone' => '1234567890'
];

$command = [
    'hash' => $collection->getCollectionName(),
    'value' => $encryptionData,
    'algorithm' => 'bcrypt'
];

$hashedData = $database->command($command)->toArray()[0];

$collection->insertOne($hashedData);
?>

Copy after login

Decrypting data
Decrypting encrypted data is also simple. The following is sample code for symmetric encryption and decryption of hash-encrypted data:

4.1 Symmetric Decryption
Symmetric decryption requires a specified key. The following is a sample code for symmetric decryption:

<?php
$collection = $database->mycollection;

$decryptionOptions = [
    'keyVaultNamespace' => 'encryption.__keyVault',
    'kmsProviders' => [
        'local' => [
            'key' => $encryptionOptions['kmsProviders']['local']['key'],
        ],
    ],
];

$command = [
    'decrypt' => $collection->getCollectionName(),
    'bsonType' => 'object',
    'value' => $encryptedData,
    'algorithm' => 'AEAD_AES_256_CBC_HMAC_SHA_512-Deterministic',
];

$decryptedData = $database->command(['decrypt' => [$command, $decryptionOptions]])->toArray()[0];
?>

Copy after login

4.2 Hash decryption
Hash encryption is a one-way encryption method and does not support decryption. If you need to verify hash-encrypted data, you can use the verification functionality provided by the database.

<?php
$collection = $database->mycollection;

$hashedData = $collection->findOne(['_id' => $documentId]);

if (password_verify($inputPassword, $hashedData->password)) {
    // 密码验证成功，执行相应操作
} else {
    // 密码验证失败，执行相应操作
}
?>

Copy after login

To sum up, this article introduces the method of using MongoDB to implement data encryption and decryption, and provides code examples for symmetric encryption and hash encryption. By applying these technologies appropriately, you can protect your sensitive data and enhance system security. Hope this article is helpful to you!

The above is the detailed content of How PHP uses MongoDB to encrypt and decrypt data. For more information, please follow other related articles on the PHP Chinese website!