Skip to content

Phalcon crypt

NOTE

All classes are prefixed with Phalcon

Crypt

Source on GitHub

  • Namespace

    • Phalcon

  • Uses

    • Phalcon\Crypt\CryptInterface
    • Phalcon\Crypt\Exception\Exception
    • Phalcon\Crypt\Exception\Mismatch
    • Phalcon\Crypt\PadFactory

  • Extends

  • Implements

    • CryptInterface

Provides encryption capabilities to Phalcon applications.

use Phalcon\Crypt;

$crypt = new Crypt();

$crypt->setCipher('aes-256-ctr');

$key  = "T4\xb1\x8d\xa9\x98\x05\\\x8c\xbe\x1d\x07&[\x99\x18\xa4~Lc1\xbeW\xb3";
$text = "The message to be encrypted";

$encrypted = $crypt->encrypt($text, $key);

echo $crypt->decrypt($encrypted, $key);

Constants

const PADDING_ANSI_X_923 = 1;
const PADDING_DEFAULT = 0;
const PADDING_ISO_10126 = 3;
const PADDING_ISO_IEC_7816_4 = 4;
const PADDING_PKCS7 = 2;
const PADDING_SPACE = 6;
const PADDING_ZERO = 5;

Properties

/**
 * @var string
 */
protected $authTag;

/**
 * @var string
 */
protected $authData = '';

/**
 * @var int
 */
protected $authTagLength = 16;

/**
 * @var string
 */
protected $key = ;

/**
 * @var int
 */
protected $padding = 0;

/**
 * @var string
 */
protected $cipher = 'aes-256-cfb';

/**
 * Available cipher methods.
 * @var array
 */
protected $availableCiphers;

/**
 * The cipher iv length.
 * @var int
 */
protected $ivLength = 16;

/**
 * The name of hashing algorithm.
 * @var string
 */
protected $hashAlgo = 'sha256';

/**
 * Whether calculating message digest enabled or not.
 *
 * @var bool
 */
protected $useSigning = true;

Methods

public function __construct( string $cipher = string, bool $useSigning = bool );
Phalcon\Crypt constructor.

public function decrypt( string $text, string $key = null ): string;
Decrypts an encrypted text.

$encrypted = $crypt->decrypt(
    $encrypted,
    "T4\xb1\x8d\xa9\x98\x05\\\x8c\xbe\x1d\x07&[\x99\x18\xa4~Lc1\xbeW\xb3"
);


public function decryptBase64( string $text, mixed $key = null, bool $safe = bool ): string;
Decrypt a text that is coded as a base64 string.

public function encrypt( string $text, string $key = null ): string;
Encrypts a text.

$encrypted = $crypt->encrypt(
    "Top secret",
    "T4\xb1\x8d\xa9\x98\x05\\\x8c\xbe\x1d\x07&[\x99\x18\xa4~Lc1\xbeW\xb3"
);


public function encryptBase64( string $text, mixed $key = null, bool $safe = bool ): string;
Encrypts a text returning the result as a base64 string.

public function getAuthData(): string;
Returns the auth data

public function getAuthTag(): string;
Returns the auth tag

public function getAuthTagLength(): int;
Returns the auth tag length

public function getAvailableCiphers(): array;
Returns a list of available ciphers.

public function getAvailableHashAlgos(): array;
Return a list of registered hashing algorithms suitable for hash_hmac.

public function getCipher(): string;
Returns the current cipher

public function getHashAlgo(): string;
Get the name of hashing algorithm.

public function getKey(): string;
Returns the encryption key

public function setAuthData( string $data ): CryptInterface;

public function setAuthTag( string $tag ): CryptInterface;

public function setAuthTagLength( int $length ): CryptInterface;


public function setCipher( string $cipher ): CryptInterface;
Sets the cipher algorithm for data encryption and decryption.

The `aes-256-gcm' is the preferable cipher, but it is not usable until the openssl library is upgraded, which is available in PHP 7.1.

The `aes-256-ctr' is arguably the best choice for cipher algorithm for current openssl library version.

public function setHashAlgo( string $hashAlgo ): CryptInterface;
Set the name of hashing algorithm.

public function setKey( string $key ): CryptInterface;
Sets the encryption key.

The `$key' should have been previously generated in a cryptographically safe way.

Bad key: "le password"

Better (but still unsafe): "#1dj8$=dp?.ak//j1V$~%*0X"

Good key: "T4\xb1\x8d\xa9\x98\x05\\x8c\xbe\x1d\x07&[\x99\x18\xa4~Lc1\xbeW\xb3"

public function setPadding( int $scheme ): CryptInterface;
Changes the padding scheme used.

public function useSigning( bool $useSigning ): CryptInterface;
Sets if the calculating message digest must used.

protected function assertCipherIsAvailable( string $cipher ): void;
Assert the cipher is available.

protected function assertHashAlgorithmAvailable( string $hashAlgo ): void;
Assert the hash algorithm is available.

protected function cryptPadText( string $text, string $mode, int $blockSize, int $paddingType ): string;
Pads texts before encryption. See cryptopad

protected function cryptUnpadText( string $text, string $mode, int $blockSize, int $paddingType );
Removes a padding from a text.

If the function detects that the text was not padded, it will return it unmodified.

protected function getIvLength( string $cipher ): int;
Initialize available cipher algorithms.

protected function initializeAvailableCiphers(): void;
Initialize available cipher algorithms.

Crypt\CryptInterface Interface

Source on GitHub

  • Namespace

    • Phalcon\Crypt

  • Uses

  • Extends

  • Implements

Interface for Phalcon\Crypt

Methods

public function decrypt( string $text, string $key = null ): string;
Decrypts a text

public function decryptBase64( string $text, mixed $key = null ): string;
Decrypt a text that is coded as a base64 string

public function encrypt( string $text, string $key = null ): string;
Encrypts a text

public function encryptBase64( string $text, mixed $key = null ): string;
Encrypts a text returning the result as a base64 string

public function getAuthData(): string;
Returns authentication data

public function getAuthTag(): string;
Returns the authentication tag

public function getAuthTagLength(): int;
Returns the authentication tag length

public function getAvailableCiphers(): array;
Returns a list of available cyphers

public function getCipher(): string;
Returns the current cipher

public function getKey(): string;
Returns the encryption key

public function setAuthData( string $data ): CryptInterface;
Sets authentication data

public function setAuthTag( string $tag ): CryptInterface;
Sets the authentication tag

public function setAuthTagLength( int $length ): CryptInterface;
Sets the authentication tag length

public function setCipher( string $cipher ): CryptInterface;
Sets the cipher algorithm

public function setKey( string $key ): CryptInterface;
Sets the encryption key

public function setPadding( int $scheme ): CryptInterface;
Changes the padding scheme used.

Crypt\Exception\Exception

Source on GitHub

  • Namespace

    • Phalcon\Crypt\Exception

  • Uses

  • Extends

    \Exception

  • Implements

Exceptions thrown in Phalcon\Crypt use this class

Crypt\Exception\Mismatch

Source on GitHub

  • Namespace

    • Phalcon\Crypt\Exception

  • Uses

  • Extends

    Exception

  • Implements

Exceptions thrown in Phalcon\Crypt will use this class.