crypto()

A two-way encryption method/class for PHP.

Requirements:

This function requires that your server has PHP (7.2.0+) and that you have sodium installed and enabled on your server.

Versions:

July 29, 2019 - Version 1.0.0 is released.

Installation:

With Composer:

$ composer require 4cm/crypto

{
    "require": {
        "4cm/crypto": "*"
    }
}

Without Composer:

Why are you not using composer? You can directly download the php file and upload it to your server and include the file however it is you normally include php files.

<?php
require 'path/to/crypto.php';

Key Generation:

For each user of your website/service you should generate a key that is stored somewhere on your server (best to do so in a sub root directory.)

If you use a KMS, just make the necessary changes to not use local paths and rather the paths to your KMS api. That could be your own local KMS hardware or a KMS service such as what AWS and Google Cloud and other KMS providers offer.

You should wrap your call to generate a new key in a try/catch in order to handle Exception messages.

An example would be something along the lines of this, handling the Exception error messages in whatever way you prefer.

try {
    //
    (new crypto($keyPath))->generateKey();
    //
} catch (Exception $e) {
    //
    die($e->getMessage());
    //
}

Encryption/Decryption Function Variables:

The crypto() class has three variables that need to be passed for encryption and decryption:

1. $keyPath = the path to an individual users cryptoKey, generated by (new crypto($keyPath))->generateKey(); and stored somewhere on your server, preferably sub-root.
2. $Content = The content that you want to encrypt or decrypt.
3. e or d = The direction of action, either e for encryption, or d for decryption.

Encryption Example:

The following example will show you how to encrypt a message.

You should wrap your call to generate a new key in a try/catch in order to handle Exception messages.

An example would be something along the lines of this, handling the Exception error messages in whatever way you prefer.

//
$keyPath = '/path/to/subrootfolder/userid.key';
$Content = 'This is a message that we want to encrypt';
//
try {
    //
    $Content = (new crypto($keyPath, $Content, 'e'))->crypto();
    //
} catch (Exception $e) {
    //
    die('Encryption Error: ' . $e->getMessage());
    //
}

Decryption Example:

The following example will show you how to encrypt a message.

Notice that the difference in this example is the 'd' being passed, instead of 'e' for the direction variable.

You should wrap your call to generate a new key in a try/catch in order to handle Exception messages.

An example would be something along the lines of this, handling the Exception error messages in whatever way you prefer.

//
$keyPath = '/path/to/subrootfolder/kms/userid.key';
$EncryptedContent = 'XyjE80p/QF72xwHx6HSNJt8WKxodx0nKhDaNeCe0koxvQ=='; // just an example of encrypted content
//
try {
    //
    $Content = (new crypto($keyPath, $EncryptedContent, 'd'))->crypto();
    //
} catch (Exception $e) {
    //
    die('Decryption Error: ' . $e->getMessage());
    //
}

Security Contact Information:

To report a security vulnerability please reference the support email address within our composer.json file.

We will coordinate any necessary security resolutions and provide disclosure if requested.

License:

The MIT License (MIT). Please see License File for more information.