Laravel - Encryption

Laravel - Encryption

Soeng Souy

 

Laravel - Encryption


Encryption is a procedure of changing over plain content to a message utilizing a few calculations with the end goal that any third client can't peruse the information. This is useful for transmitting delicate information on the grounds that there are fewer possibilities for a gatecrasher to focus on the information moved.

Encryption is performed utilizing a procedure called Cryptography. The content which is to be encrypted is named Plain Text and the content or the message got after the encryption is called Cipher Text. The way toward changing over figure content to plain content is called Decryption.

Laravel utilizes AES-256 and AES-128 encrypter, which uses Open SSL for encryption. Every one of the qualities incorporated into Laravel is marked utilizing the protocol Message Authentication Code so the fundamental esteem can't be altered once it is encrypted.

Configuration

The command used to generate the key in Laravel is shown below −

php artisan key:generate

Please note that this command uses the PHP secure random bytes’ generator and you can see the output as shown in the screenshot given below −

Artisan Key

The command given above helps in generating the key which can be used in web application. Observe the screenshot shown below −

Note

The qualities for encryption are appropriately adjusted in the config/app.php record, which incorporates two parameters for encryption in particular key and figure. On the off chance that the esteem utilizing this key isn't appropriately adjusted, every one of the qualities encrypted in Laravel will be unreliable.

Encryption Process

Encryption of an esteem should be possible by utilizing the scramble partner in the controllers of Laravel class. These qualities are encrypted utilizing OpenSSL and AES-256 figure. All the encrypted qualities are marked with Message Authentication code (MAC) to check for any alterations of the encrypted string.

defaultCommand

The code shown below is mentioned in a controller and is used to store a secret or a sensitive message.

php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use App\Http\Controllers\Controller;

class DemoController extends Controller{
   **
      * Store a secret message for the user.
      *
      * @param Request $request
      * @param int $id
      * @return Response
   */
   
   public function storeSecret(Request $request, $id) {
      $user = User::findOrFail($id);
      $user->fill([
         'secret' => encrypt($request->secret)
      ])->save();
   }
}

Decryption Process

Decryption of the values is done with the decrypt helper. Observe the following lines of code −

use Illuminate\Contracts\Encryption\DecryptException;

// Exception for decryption thrown in facade
try {
   $decrypted = decrypt($encryptedValue);
} catch (DecryptException $e) {
   //
}

Please note that if the process of decryption is not successful because of invalid MAC being used, then an appropriate exception is thrown.

Reactions
Soeng Souy

Posted by Soeng Souy

Website that learns and reads, PHP, Framework Laravel, How to and download Admin template sample source code free.

Post a Comment

0 Comments

CAN FEEDBACK

Emoji
(y)
:)
:(
hihi
:-)
:D
=D
:-d
;(
;-(
@-)
:P
:o
:>)
(o)
:p
(p)
:-s
(m)
8-)
:-t
:-b
b-(
:-#
=p~
x-)
(k)
close