Skip to content

Instantly share code, notes, and snippets.

@DragonBe

DragonBe/UserShield.php

Created April 12, 2023 21:13
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save DragonBe/cad2611784af11b3d49264e411da6065 to your computer and use it in GitHub Desktop.
Save DragonBe/cad2611784af11b3d49264e411da6065 to your computer and use it in GitHub Desktop.
Download ZIP
This class provides encryption and decryption possibilities to store sensitive data or personal information in a secure way.
Raw
UserShield.php
<?php
declare(strict_types=1);
namespace Dragonbe\Utility;
use Exception;
/**
* This class provides two-way encryption and decryption
* possibilities to store sensitive data or personal
* information in a secure way.
*
* Based on the code provided by Meridian Outpost, LLC
* @link https://www.meridianoutpost.com/resources/articles/programming/PHP-how-to-encrypt-decrypt-data.php
*/
final class UserShield
{
/**
* The cypher algorithm to be used for encryption and
* decryption of data.
*/
private const CYPHER_ALGO = 'AES-256-CBC';
/**
* The delimiter used to separate the cypher text from
* the initialization vector.
*/
private const CYPHER_DELIMITER = '::';
/**
* The default key length to use when generating
* a private key
*/
public const PRIVATE_KEY_LENGTH = 24;
/**
* The user provided encryption key to encrypt and decrypt
* the data stored.
*
* @var string
*/
private string $encryptionKey;
/**
* Constructor for this class
*
* @param string $encryptionKey
*/
public function __construct(string $encryptionKey)
{
$this->encryptionKey = $encryptionKey;
}
/**
* Class method to encrypt clear text information, which is
* provided as an argument.
*
* @param string $clearText
* @return string
*/
public function encrypt(string $clearText): string
{
return self::encryptIt($this->encryptionKey, $clearText);
}
/**
* Class method to decrypt cypher text, which is provided
* as an argument.
*
* @param string $cypherText
* @return string
*/
public function decrypt(string $cypherText): string
{
return self::decryptIt($this->encryptionKey, $cypherText);
}
/**
* Method to encrypt clear text string using a private
* key and returns the cypher text.
*
* @param string $privateKey
* @param string $clearText
* @return string
* @static
*/
public static function encryptIt(string $privateKey, string $clearText): string
{
$encryptionKey = base64_encode($privateKey);
$initVector = openssl_random_pseudo_bytes(openssl_cipher_iv_length(self::CYPHER_ALGO));
$cypherText = openssl_encrypt($clearText, self::CYPHER_ALGO, $encryptionKey, 0, $initVector);
return base64_encode($cypherText . self::CYPHER_DELIMITER . $initVector);
}
/**
* Method to decrypt cypher text data using a private
* key and returns the clear text value.
*
* @param string $privateKey
* @param string $cypherText
* @return string
* @static
*/
public static function decryptIt(string $privateKey, string $cypherText): string
{
$decryptionKey = base64_decode($privateKey);
list($encryptedData, $initVector ) = array_pad(explode(self::CYPHER_DELIMITER, base64_decode($cypherText), 2), 2, null);
return openssl_decrypt($encryptedData, self::CYPHER_ALGO, $decryptionKey, 0, $initVector);
}
/**
* Generates a strong, random generated private key, with
* a provided key length
*
* @param int $keyLength
* @return string
* @throws Exception
* @static
*/
public static function generatePrivateKey(int $keyLength = UserShield::PRIVATE_KEY_LENGTH): string
{
return bin2hex(random_bytes($keyLength));
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment