Laravel - Encryption

Encryption is a process of converting a plain text to a message using some algorithms such that any third user cannot read the information. This is helpful for transmitting sensitive information because there are fewer chances for an intruder to target the information transferred.

Encryption is performed using a process calledCryptography. The text which is to be encrypted is termed asPlain Textand the text or the message obtained after the encryption is calledCipher Text. The process of converting cipher text to plain text is calledDecryption.

Laravel usesAES-256andAES-128encrypter, which uses Open SSL for encryption. All the values included in Laravel are signed using the protocolMessage Authentication Codeso that the underlying value cannot be tampered with once it is encrypted.

Configuration

The command used to generate thekeyin Laravel is shown below −

php artisan key:generate

Please note that this command uses the PHP secure random bytes’ generator and you can see the output as shown in the screenshot given below −

The command given above helps in generating the key which can be used in web application. Observe the screenshot shown below −

Note

The values for encryption are properly aligned in theconfig/app.phpfile, which includes two parameters for encryption namelykeyandcipher. If the value using this key is not properly aligned, all the values encrypted in Laravel will be insecure.

Encryption Process

Encryption of a value can be done by using theencrypt helperin the controllers of Laravel class. These values are encrypted using OpenSSL and AES-256 cipher. All the encrypted values are signed with Message Authentication code (MAC) to check for any modifications of the encrypted string.

The code shown below is mentioned in a controller and is used to store a secret or a sensitive message.

fill([ 'secret' => encrypt($request->secret) ])->save(); } }

Decryption Process

Decryption of the values is done with thedecrypt helper. Observe the following lines of code −

use IlluminateContractsEncryptionDecryptException; // Exception for decryption thrown in facade try { $decrypted = decrypt($encryptedValue); } catch (DecryptException $e) { // }

Please note that if the process of decryption is not successful because of invalid MAC being used, then an appropriate exception is thrown.

The above is the detailed content of Laravel - Encryption. For more information, please follow other related articles on the PHP Chinese website!