malhuda/CodeIgniter4
1
0
Fork 0
mirror of https://github.com/codeigniter4/CodeIgniter4.git synced 2025-02-20 11:44:28 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
CodeIgniter4/libraries/encryption.html
paulbalandan 50a73d6bc8 Update User Guide
2025-02-07 17:48:15 +00:00

835 lines
63 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html class="writer-html5" lang="en">
<head>
<meta charset="utf-8" /><meta name="generator" content="Docutils 0.19: https://docutils.sourceforge.io/" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<title>Encryption Service &mdash; CodeIgniter 4.6.0 documentation</title>
<link rel="stylesheet" type="text/css" href="../_static/pygments.css" />
<link rel="stylesheet" type="text/css" href="../_static/css/citheme.css" />
<link rel="stylesheet" type="text/css" href="../_static/css/citheme_dark.css" />
<link rel="shortcut icon" href="../_static/favicon.ico"/>
<!--[if lt IE 9]>
<script src="../_static/js/html5shiv.min.js"></script>
<![endif]-->
<script data-url_root="../" id="documentation_options" src="../_static/documentation_options.js"></script>
<script src="../_static/jquery.js"></script>
<script src="../_static/underscore.js"></script>
<script src="../_static/_sphinx_javascript_frameworks_compat.js"></script>
<script src="../_static/doctools.js"></script>
<script src="../_static/sphinx_highlight.js"></script>
<script src="../_static/js/citheme.js"></script>
<script src="../_static/js/carbon.js"></script>
<script src="../_static/js/theme.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="next" title="Working with Files" href="files.html" />
<link rel="prev" title="Email Class" href="email.html" />
</head>
<body class="wy-body-for-nav">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-scroll">
<div class="wy-side-nav-search" >
<a href="../index.html">
<img src="../_static/ci-logo-text.svg" class="logo" alt="Logo"/>
</a>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="../search.html" method="get">
<input type="text" name="q" placeholder="Search docs" aria-label="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div><div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
<ul>
<li class="toctree-l1"><a class="reference internal" href="../intro/index.html">Welcome to CodeIgniter4</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../intro/index.html">Welcome to CodeIgniter4</a></li>
<li class="toctree-l2"><a class="reference internal" href="../intro/requirements.html">Server Requirements</a></li>
<li class="toctree-l2"><a class="reference internal" href="../intro/credits.html">Credits</a></li>
<li class="toctree-l2"><a class="reference internal" href="../intro/psr.html">PSR Compliance</a></li>
<li class="toctree-l2"><a class="reference internal" href="../license.html">License Agreement</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../installation/index.html">Installation</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../installation/installing_composer.html">Composer Installation</a></li>
<li class="toctree-l2"><a class="reference internal" href="../installation/installing_manual.html">Manual Installation</a></li>
<li class="toctree-l2"><a class="reference internal" href="../installation/running.html">Running Your App</a></li>
<li class="toctree-l2"><a class="reference internal" href="../installation/troubleshooting.html">Troubleshooting</a></li>
<li class="toctree-l2"><a class="reference internal" href="../installation/deployment.html">Deployment</a></li>
<li class="toctree-l2"><a class="reference internal" href="../changelogs/index.html">Change Logs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../installation/upgrading.html">Upgrading From a Previous Version</a></li>
<li class="toctree-l2"><a class="reference internal" href="../installation/repositories.html">CodeIgniter Repositories</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../tutorial/index.html">Build Your First Application</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../tutorial/static_pages.html">Static Pages</a></li>
<li class="toctree-l2"><a class="reference internal" href="../tutorial/news_section.html">News Section</a></li>
<li class="toctree-l2"><a class="reference internal" href="../tutorial/create_news_items.html">Create News Items</a></li>
<li class="toctree-l2"><a class="reference internal" href="../tutorial/conclusion.html">Conclusion</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../concepts/index.html">CodeIgniter4 Overview</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../concepts/structure.html">Application Structure</a></li>
<li class="toctree-l2"><a class="reference internal" href="../concepts/mvc.html">Models, Views, and Controllers</a></li>
<li class="toctree-l2"><a class="reference internal" href="../concepts/autoloader.html">Autoloading Files</a></li>
<li class="toctree-l2"><a class="reference internal" href="../concepts/services.html">Services</a></li>
<li class="toctree-l2"><a class="reference internal" href="../concepts/factories.html">Factories</a></li>
<li class="toctree-l2"><a class="reference internal" href="../concepts/http.html">Working with HTTP Requests</a></li>
<li class="toctree-l2"><a class="reference internal" href="../concepts/security.html">Security Guidelines</a></li>
<li class="toctree-l2"><a class="reference internal" href="../concepts/goals.html">Design and Architectural Goals</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../general/index.html">General Topics</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../general/configuration.html">Configuration</a></li>
<li class="toctree-l2"><a class="reference internal" href="../general/urls.html">CodeIgniter URLs</a></li>
<li class="toctree-l2"><a class="reference internal" href="../general/helpers.html">Helper Functions</a></li>
<li class="toctree-l2"><a class="reference internal" href="../general/common_functions.html">Global Functions and Constants</a></li>
<li class="toctree-l2"><a class="reference internal" href="../general/logging.html">Logging Information</a></li>
<li class="toctree-l2"><a class="reference internal" href="../general/errors.html">Error Handling</a></li>
<li class="toctree-l2"><a class="reference internal" href="../general/caching.html">Web Page Caching</a></li>
<li class="toctree-l2"><a class="reference internal" href="../general/ajax.html">AJAX Requests</a></li>
<li class="toctree-l2"><a class="reference internal" href="../general/modules.html">Code Modules</a></li>
<li class="toctree-l2"><a class="reference internal" href="../general/managing_apps.html">Managing your Applications</a></li>
<li class="toctree-l2"><a class="reference internal" href="../general/environments.html">Handling Multiple Environments</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../incoming/index.html">Controllers and Routing</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../incoming/routing.html">URI Routing</a></li>
<li class="toctree-l2"><a class="reference internal" href="../incoming/controllers.html">Controllers</a></li>
<li class="toctree-l2"><a class="reference internal" href="../incoming/filters.html">Controller Filters</a></li>
<li class="toctree-l2"><a class="reference internal" href="../incoming/auto_routing_improved.html">Auto Routing (Improved)</a></li>
<li class="toctree-l2"><a class="reference internal" href="../incoming/message.html">HTTP Messages</a></li>
<li class="toctree-l2"><a class="reference internal" href="../incoming/request.html">Request Class</a></li>
<li class="toctree-l2"><a class="reference internal" href="../incoming/incomingrequest.html">IncomingRequest Class</a></li>
<li class="toctree-l2"><a class="reference internal" href="../incoming/content_negotiation.html">Content Negotiation</a></li>
<li class="toctree-l2"><a class="reference internal" href="../incoming/methodspoofing.html">HTTP Method Spoofing</a></li>
<li class="toctree-l2"><a class="reference internal" href="../incoming/restful.html">RESTful Resource Handling</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../outgoing/index.html">Building Responses</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../outgoing/views.html">Views</a></li>
<li class="toctree-l2"><a class="reference internal" href="../outgoing/view_renderer.html">View Renderer</a></li>
<li class="toctree-l2"><a class="reference internal" href="../outgoing/view_layouts.html">View Layouts</a></li>
<li class="toctree-l2"><a class="reference internal" href="../outgoing/view_cells.html">View Cells</a></li>
<li class="toctree-l2"><a class="reference internal" href="../outgoing/view_parser.html">View Parser</a></li>
<li class="toctree-l2"><a class="reference internal" href="../outgoing/view_decorators.html">View Decorators</a></li>
<li class="toctree-l2"><a class="reference internal" href="../outgoing/table.html">HTML Table Class</a></li>
<li class="toctree-l2"><a class="reference internal" href="../outgoing/response.html">HTTP Responses</a></li>
<li class="toctree-l2"><a class="reference internal" href="../outgoing/api_responses.html">API Response Trait</a></li>
<li class="toctree-l2"><a class="reference internal" href="../outgoing/csp.html">Content Security Policy</a></li>
<li class="toctree-l2"><a class="reference internal" href="../outgoing/localization.html">Localization</a></li>
<li class="toctree-l2"><a class="reference internal" href="../outgoing/alternative_php.html">Alternate PHP Syntax for View Files</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../database/index.html">Working with Databases</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../database/examples.html">Quick Start: Usage Examples</a></li>
<li class="toctree-l2"><a class="reference internal" href="../database/configuration.html">Database Configuration</a></li>
<li class="toctree-l2"><a class="reference internal" href="../database/connecting.html">Connecting to a Database</a></li>
<li class="toctree-l2"><a class="reference internal" href="../database/queries.html">Running Queries</a></li>
<li class="toctree-l2"><a class="reference internal" href="../database/results.html">Generating Query Results</a></li>
<li class="toctree-l2"><a class="reference internal" href="../database/helpers.html">Query Helper Methods</a></li>
<li class="toctree-l2"><a class="reference internal" href="../database/query_builder.html">Query Builder Class</a></li>
<li class="toctree-l2"><a class="reference internal" href="../database/transactions.html">Transactions</a></li>
<li class="toctree-l2"><a class="reference internal" href="../database/metadata.html">Getting Metadata</a></li>
<li class="toctree-l2"><a class="reference internal" href="../database/call_function.html">Custom Function Calls</a></li>
<li class="toctree-l2"><a class="reference internal" href="../database/events.html">Database Events</a></li>
<li class="toctree-l2"><a class="reference internal" href="../database/utilities.html">Database Utilities</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../models/index.html">Modeling Data</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../models/model.html">Using CodeIgniter's Model</a></li>
<li class="toctree-l2"><a class="reference internal" href="../models/entities.html">Using Entity Classes</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../dbmgmt/index.html">Managing Databases</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../dbmgmt/forge.html">Database Forge</a></li>
<li class="toctree-l2"><a class="reference internal" href="../dbmgmt/migration.html">Database Migrations</a></li>
<li class="toctree-l2"><a class="reference internal" href="../dbmgmt/seeds.html">Database Seeding</a></li>
<li class="toctree-l2"><a class="reference internal" href="../dbmgmt/db_commands.html">Database Commands</a></li>
</ul>
</li>
</ul>
<ul class="current">
<li class="toctree-l1 current"><a class="reference internal" href="index.html">Library Reference</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="caching.html">Caching Driver</a></li>
<li class="toctree-l2"><a class="reference internal" href="cookies.html">Cookies</a></li>
<li class="toctree-l2"><a class="reference internal" href="cors.html">Cross-Origin Resource Sharing (CORS)</a></li>
<li class="toctree-l2"><a class="reference internal" href="curlrequest.html">CURLRequest Class</a></li>
<li class="toctree-l2"><a class="reference internal" href="email.html">Email Class</a></li>
<li class="toctree-l2 current"><a class="current reference internal" href="#">Encryption Service</a></li>
<li class="toctree-l2"><a class="reference internal" href="files.html">Working with Files</a></li>
<li class="toctree-l2"><a class="reference internal" href="file_collections.html">File Collections</a></li>
<li class="toctree-l2"><a class="reference internal" href="honeypot.html">Honeypot Class</a></li>
<li class="toctree-l2"><a class="reference internal" href="images.html">Image Manipulation Class</a></li>
<li class="toctree-l2"><a class="reference internal" href="pagination.html">Pagination</a></li>
<li class="toctree-l2"><a class="reference internal" href="publisher.html">Publisher</a></li>
<li class="toctree-l2"><a class="reference internal" href="security.html">Security</a></li>
<li class="toctree-l2"><a class="reference internal" href="sessions.html">Session Library</a></li>
<li class="toctree-l2"><a class="reference internal" href="throttler.html">Throttler</a></li>
<li class="toctree-l2"><a class="reference internal" href="time.html">Times and Dates</a></li>
<li class="toctree-l2"><a class="reference internal" href="typography.html">Typography</a></li>
<li class="toctree-l2"><a class="reference internal" href="uploaded_files.html">Working with Uploaded Files</a></li>
<li class="toctree-l2"><a class="reference internal" href="uri.html">Working with URIs</a></li>
<li class="toctree-l2"><a class="reference internal" href="user_agent.html">User Agent Class</a></li>
<li class="toctree-l2"><a class="reference internal" href="validation.html">Validation</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../helpers/index.html">Helpers</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../helpers/array_helper.html">Array Helper</a></li>
<li class="toctree-l2"><a class="reference internal" href="../helpers/cookie_helper.html">Cookie Helper</a></li>
<li class="toctree-l2"><a class="reference internal" href="../helpers/date_helper.html">Date Helper</a></li>
<li class="toctree-l2"><a class="reference internal" href="../helpers/filesystem_helper.html">Filesystem Helper</a></li>
<li class="toctree-l2"><a class="reference internal" href="../helpers/form_helper.html">Form Helper</a></li>
<li class="toctree-l2"><a class="reference internal" href="../helpers/html_helper.html">HTML Helper</a></li>
<li class="toctree-l2"><a class="reference internal" href="../helpers/inflector_helper.html">Inflector Helper</a></li>
<li class="toctree-l2"><a class="reference internal" href="../helpers/number_helper.html">Number Helper</a></li>
<li class="toctree-l2"><a class="reference internal" href="../helpers/security_helper.html">Security Helper</a></li>
<li class="toctree-l2"><a class="reference internal" href="../helpers/test_helper.html">Test Helper</a></li>
<li class="toctree-l2"><a class="reference internal" href="../helpers/text_helper.html">Text Helper</a></li>
<li class="toctree-l2"><a class="reference internal" href="../helpers/url_helper.html">URL Helper</a></li>
<li class="toctree-l2"><a class="reference internal" href="../helpers/xml_helper.html">XML Helper</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../testing/index.html">Testing</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../testing/overview.html">Getting Started</a></li>
<li class="toctree-l2"><a class="reference internal" href="../testing/database.html">Database</a></li>
<li class="toctree-l2"><a class="reference internal" href="../testing/fabricator.html">Generating Data</a></li>
<li class="toctree-l2"><a class="reference internal" href="../testing/controllers.html">Controller Testing</a></li>
<li class="toctree-l2"><a class="reference internal" href="../testing/feature.html">HTTP Testing</a></li>
<li class="toctree-l2"><a class="reference internal" href="../testing/response.html">Testing Responses</a></li>
<li class="toctree-l2"><a class="reference internal" href="../testing/cli.html">Testing CLI Commands</a></li>
<li class="toctree-l2"><a class="reference internal" href="../testing/mocking.html">Mocking</a></li>
<li class="toctree-l2"><a class="reference internal" href="../testing/benchmark.html">Benchmarking</a></li>
<li class="toctree-l2"><a class="reference internal" href="../testing/debugging.html">Debugging Your Application</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../cli/index.html">Command Line Usage</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../cli/cli_overview.html">CLI Overview</a></li>
<li class="toctree-l2"><a class="reference internal" href="../cli/cli_controllers.html">Running Controllers via CLI</a></li>
<li class="toctree-l2"><a class="reference internal" href="../cli/spark_commands.html">Spark Commands</a></li>
<li class="toctree-l2"><a class="reference internal" href="../cli/cli_commands.html">Creating Spark Commands</a></li>
<li class="toctree-l2"><a class="reference internal" href="../cli/cli_generators.html">CLI Generators</a></li>
<li class="toctree-l2"><a class="reference internal" href="../cli/cli_library.html">CLI Library</a></li>
<li class="toctree-l2"><a class="reference internal" href="../cli/cli_request.html">CLIRequest Class</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../extending/index.html">Extending CodeIgniter</a><ul>
<li class="toctree-l2"><a class="reference internal" href="../extending/core_classes.html">Creating Core System Classes</a></li>
<li class="toctree-l2"><a class="reference internal" href="../extending/common.html">Replacing Common Functions</a></li>
<li class="toctree-l2"><a class="reference internal" href="../extending/events.html">Events</a></li>
<li class="toctree-l2"><a class="reference internal" href="../extending/basecontroller.html">Extending the Controller</a></li>
<li class="toctree-l2"><a class="reference internal" href="../extending/authentication.html">Authentication</a></li>
<li class="toctree-l2"><a class="reference internal" href="../extending/composer_packages.html">Creating Composer Packages</a></li>
<li class="toctree-l2"><a class="reference internal" href="../extending/contributing.html">Contributing to CodeIgniter</a></li>
</ul>
</li>
</ul>
<ul>
<li class="toctree-l1"><a class="reference internal" href="official_packages.html">Official Packages</a></li>
</ul>
</div>
</div>
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap"><nav class="wy-nav-top" aria-label="Mobile navigation menu" >
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="../index.html">CodeIgniter</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content">
<a class="btn btn-neutral float-right" href="https://github.com/codeigniter4/CodeIgniter4/edit/develop/user_guide_src/source/libraries/encryption.rst">Edit this page</a>
<div role="navigation" aria-label="Page navigation">
<ul class="wy-breadcrumbs">
<li><a href="../index.html" class="icon icon-home" aria-label="Home"></a></li>
<li class="breadcrumb-item"><a href="index.html">Library Reference</a></li>
<li class="breadcrumb-item active">Encryption Service</li>
<li class="wy-breadcrumbs-aside">
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div itemprop="articleBody">
<section id="encryption-service">
<h1>Encryption Service<a class="headerlink" href="#encryption-service" title="Permalink to this heading"></a></h1>
<div class="admonition important">
<p class="admonition-title">Important</p>
<p>DO NOT use this or any other <em>encryption</em> library for
password storage! Passwords must be <em>hashed</em> instead, and you
should do that through PHPs <a class="reference external" href="https://www.php.net/password">Password Hashing extension</a>.</p>
</div>
<p>The Encryption Service provides two-way symmetric (secret key) data encryption.
The service will instantiate and/or initialize an
encryption <strong>handler</strong> to suit your parameters as explained below.</p>
<p>Encryption Service handlers must implement CodeIgniters simple <code class="docutils literal notranslate"><span class="pre">EncrypterInterface</span></code>.
Using an appropriate PHP cryptographic extension or third-party library may require
additional software to be installed on your server and/or might need to be explicitly
enabled in your instance of PHP.</p>
<p>The following PHP extensions are currently supported:</p>
<ul class="simple">
<li><p><a class="reference external" href="https://www.php.net/openssl">OpenSSL</a></p></li>
<li><p><a class="reference external" href="https://www.php.net/manual/en/book.sodium">Sodium</a></p></li>
</ul>
<p>This is not a full cryptographic solution. If you need more capabilities, for example,
public-key encryption, we suggest you consider direct use of OpenSSL or
one of the other <a class="reference external" href="https://www.php.net/manual/en/refs.crypto.php">Cryptography Extensions</a>.
A more comprehensive package like <a class="reference external" href="https://github.com/paragonie/halite">Halite</a>
(an O-O package built on libsodium) is another possibility.</p>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>Support for the <code class="docutils literal notranslate"><span class="pre">MCrypt</span></code> extension has been dropped, as that has
been deprecated as of PHP 7.2.</p>
</div>
<nav class="contents local" id="contents">
<ul class="simple">
<li><p><a class="reference internal" href="#using-the-encryption-library" id="id3">Using the Encryption Library</a></p>
<ul>
<li><p><a class="reference internal" href="#configuring-the-library" id="id4">Configuring the Library</a></p>
<ul>
<li><p><a class="reference internal" href="#configuration-to-maintain-compatibility-with-ci3" id="id5">Configuration to Maintain Compatibility with CI3</a></p></li>
<li><p><a class="reference internal" href="#supported-hmac-authentication-algorithms" id="id6">Supported HMAC Authentication Algorithms</a></p></li>
</ul>
</li>
<li><p><a class="reference internal" href="#default-behavior" id="id7">Default Behavior</a></p></li>
<li><p><a class="reference internal" href="#setting-your-encryption-key" id="id8">Setting Your Encryption Key</a></p>
<ul>
<li><p><a class="reference internal" href="#encoding-keys-or-results" id="id9">Encoding Keys or Results</a></p></li>
<li><p><a class="reference internal" href="#using-prefixes-in-storing-keys" id="id10">Using Prefixes in Storing Keys</a></p></li>
</ul>
</li>
<li><p><a class="reference internal" href="#padding" id="id11">Padding</a></p></li>
<li><p><a class="reference internal" href="#encryption-handler-notes" id="id12">Encryption Handler Notes</a></p>
<ul>
<li><p><a class="reference internal" href="#openssl-notes" id="id13">OpenSSL Notes</a></p></li>
<li><p><a class="reference internal" href="#sodium-notes" id="id14">Sodium Notes</a></p></li>
</ul>
</li>
<li><p><a class="reference internal" href="#message-length" id="id15">Message Length</a></p></li>
<li><p><a class="reference internal" href="#using-the-encryption-service-directly" id="id16">Using the Encryption Service Directly</a></p></li>
</ul>
</li>
<li><p><a class="reference internal" href="#namespace-CodeIgniter\Encryption" id="id17">Class Reference</a></p></li>
</ul>
</nav>
<section id="using-the-encryption-library">
<span id="usage"></span><h2><a class="toc-backref" href="#id3" role="doc-backlink">Using the Encryption Library</a><a class="headerlink" href="#using-the-encryption-library" title="Permalink to this heading"></a></h2>
<p>Like all services in CodeIgniter, it can be loaded via <code class="docutils literal notranslate"><span class="pre">Config\Services</span></code>:</p>
<div class="highlight-html+php notranslate"><div class="highlight"><pre><span></span><span class="o">&lt;?</span><span class="nx">php</span>
<span class="nv">$encrypter</span> <span class="o">=</span> <span class="nx">service</span><span class="p">(</span><span class="s1">&#39;encrypter&#39;</span><span class="p">);</span>
</pre></div>
</div>
<p>Assuming you have set your starting key (see <a class="reference internal" href="#configuration"><span class="std std-ref">Configuring the Library</span></a>),
encrypting and decrypting data is simple - pass the appropriate string to <code class="docutils literal notranslate"><span class="pre">encrypt()</span></code>
and/or <code class="docutils literal notranslate"><span class="pre">decrypt()</span></code> methods:</p>
<div class="highlight-html+php notranslate"><div class="highlight"><pre><span></span><span class="o">&lt;?</span><span class="nx">php</span>
<span class="nv">$plainText</span> <span class="o">=</span> <span class="s1">&#39;This is a plain-text message!&#39;</span><span class="p">;</span>
<span class="nv">$ciphertext</span> <span class="o">=</span> <span class="nv">$encrypter</span><span class="o">-&gt;</span><span class="na">encrypt</span><span class="p">(</span><span class="nv">$plainText</span><span class="p">);</span>
<span class="c1">// Outputs: This is a plain-text message!</span>
<span class="k">echo</span> <span class="nv">$encrypter</span><span class="o">-&gt;</span><span class="na">decrypt</span><span class="p">(</span><span class="nv">$ciphertext</span><span class="p">);</span>
</pre></div>
</div>
<p>And thats it! The Encryption library will do everything necessary
for the whole process to be cryptographically secure out-of-the-box.
You dont need to worry about it.</p>
<section id="configuring-the-library">
<span id="configuration"></span><h3><a class="toc-backref" href="#id4" role="doc-backlink">Configuring the Library</a><a class="headerlink" href="#configuring-the-library" title="Permalink to this heading"></a></h3>
<p>The example above uses the configuration settings found in <strong>app/Config/Encryption.php</strong>.</p>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head"><p>Option</p></th>
<th class="head"><p>Possible values (default in parentheses)</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td><p>key</p></td>
<td><p>Encryption key starter</p></td>
</tr>
<tr class="row-odd"><td><p>driver</p></td>
<td><p>Preferred handler, e.g., OpenSSL or Sodium (<code class="docutils literal notranslate"><span class="pre">OpenSSL</span></code>)</p></td>
</tr>
<tr class="row-even"><td><p>digest</p></td>
<td><p>Message digest algorithm (<code class="docutils literal notranslate"><span class="pre">SHA512</span></code>)</p></td>
</tr>
<tr class="row-odd"><td><p>blockSize</p></td>
<td><p>[<strong>SodiumHandler</strong> only] Padding length in bytes (<code class="docutils literal notranslate"><span class="pre">16</span></code>)</p></td>
</tr>
<tr class="row-even"><td><p>cipher</p></td>
<td><p>[<strong>OpenSSLHandler</strong> only] Cipher to use (<code class="docutils literal notranslate"><span class="pre">AES-256-CTR</span></code>)</p></td>
</tr>
<tr class="row-odd"><td><p>encryptKeyInfo</p></td>
<td><p>[<strong>OpenSSLHandler</strong> only] Encryption key info (<code class="docutils literal notranslate"><span class="pre">''</span></code>)</p></td>
</tr>
<tr class="row-even"><td><p>authKeyInfo</p></td>
<td><p>[<strong>OpenSSLHandler</strong> only] Authentication key info (<code class="docutils literal notranslate"><span class="pre">''</span></code>)</p></td>
</tr>
<tr class="row-odd"><td><p>rawData</p></td>
<td><p>[<strong>OpenSSLHandler</strong> only] Whether the cipher-text should be raw (<code class="docutils literal notranslate"><span class="pre">true</span></code>)</p></td>
</tr>
</tbody>
</table>
<p>You can replace the config files settings by passing a configuration
object of your own to the <code class="docutils literal notranslate"><span class="pre">Services</span></code> call. The <code class="docutils literal notranslate"><span class="pre">$config</span></code> variable must be
an instance of the <code class="docutils literal notranslate"><span class="pre">Config\Encryption</span></code> class.</p>
<div class="highlight-html+php notranslate"><div class="highlight"><pre><span></span><span class="o">&lt;?</span><span class="nx">php</span>
<span class="k">use</span> <span class="nx">Config\Encryption</span><span class="p">;</span>
<span class="nv">$config</span> <span class="o">=</span> <span class="nx">config</span><span class="p">(</span><span class="nx">Encryption</span><span class="o">::</span><span class="na">class</span><span class="p">);</span>
<span class="nv">$config</span><span class="o">-&gt;</span><span class="na">key</span> <span class="o">=</span> <span class="s1">&#39;aBigsecret_ofAtleast32Characters&#39;</span><span class="p">;</span>
<span class="nv">$config</span><span class="o">-&gt;</span><span class="na">driver</span> <span class="o">=</span> <span class="s1">&#39;OpenSSL&#39;</span><span class="p">;</span>
<span class="nv">$encrypter</span> <span class="o">=</span> <span class="nx">service</span><span class="p">(</span><span class="s1">&#39;encrypter&#39;</span><span class="p">,</span> <span class="nv">$config</span><span class="p">);</span>
</pre></div>
</div>
<section id="configuration-to-maintain-compatibility-with-ci3">
<span id="encryption-compatible-with-ci3"></span><h4><a class="toc-backref" href="#id5" role="doc-backlink">Configuration to Maintain Compatibility with CI3</a><a class="headerlink" href="#configuration-to-maintain-compatibility-with-ci3" title="Permalink to this heading"></a></h4>
<div class="versionadded">
<p><span class="versionmodified added">New in version 4.3.0.</span></p>
</div>
<p>Since v4.3.0, you can decrypt data encrypted with CI3s Encryption.
If you need to decrypt such data, use the following settings to maintain compatibility.</p>
<div class="highlight-html+php notranslate"><div class="highlight"><pre><span></span><span class="o">&lt;?</span><span class="nx">php</span>
<span class="k">use</span> <span class="nx">Config\Encryption</span><span class="p">;</span>
<span class="nv">$config</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">Encryption</span><span class="p">();</span>
<span class="nv">$config</span><span class="o">-&gt;</span><span class="na">driver</span> <span class="o">=</span> <span class="s1">&#39;OpenSSL&#39;</span><span class="p">;</span>
<span class="c1">// Your CI3&#39;s &#39;encryption_key&#39;</span>
<span class="nv">$config</span><span class="o">-&gt;</span><span class="na">key</span> <span class="o">=</span> <span class="nb">hex2bin</span><span class="p">(</span><span class="s1">&#39;64c70b0b8d45b80b9eba60b8b3c8a34d0193223d20fea46f8644b848bf7ce67f&#39;</span><span class="p">);</span>
<span class="c1">// Your CI3&#39;s &#39;cipher&#39; and &#39;mode&#39;</span>
<span class="nv">$config</span><span class="o">-&gt;</span><span class="na">cipher</span> <span class="o">=</span> <span class="s1">&#39;AES-128-CBC&#39;</span><span class="p">;</span>
<span class="nv">$config</span><span class="o">-&gt;</span><span class="na">rawData</span> <span class="o">=</span> <span class="k">false</span><span class="p">;</span>
<span class="nv">$config</span><span class="o">-&gt;</span><span class="na">encryptKeyInfo</span> <span class="o">=</span> <span class="s1">&#39;encryption&#39;</span><span class="p">;</span>
<span class="nv">$config</span><span class="o">-&gt;</span><span class="na">authKeyInfo</span> <span class="o">=</span> <span class="s1">&#39;authentication&#39;</span><span class="p">;</span>
<span class="nv">$encrypter</span> <span class="o">=</span> <span class="nx">service</span><span class="p">(</span><span class="s1">&#39;encrypter&#39;</span><span class="p">,</span> <span class="nv">$config</span><span class="p">);</span>
</pre></div>
</div>
</section>
<section id="supported-hmac-authentication-algorithms">
<h4><a class="toc-backref" href="#id6" role="doc-backlink">Supported HMAC Authentication Algorithms</a><a class="headerlink" href="#supported-hmac-authentication-algorithms" title="Permalink to this heading"></a></h4>
<p>For HMAC message authentication, the Encryption library supports
usage of the SHA-2 family of algorithms:</p>
<table class="docutils align-default">
<thead>
<tr class="row-odd"><th class="head"><p>Algorithm</p></th>
<th class="head"><p>Raw length (bytes)</p></th>
<th class="head"><p>Hex-encoded length (bytes)</p></th>
</tr>
</thead>
<tbody>
<tr class="row-even"><td><p>SHA512</p></td>
<td><p>64</p></td>
<td><p>128</p></td>
</tr>
<tr class="row-odd"><td><p>SHA384</p></td>
<td><p>48</p></td>
<td><p>96</p></td>
</tr>
<tr class="row-even"><td><p>SHA256</p></td>
<td><p>32</p></td>
<td><p>64</p></td>
</tr>
<tr class="row-odd"><td><p>SHA224</p></td>
<td><p>28</p></td>
<td><p>56</p></td>
</tr>
</tbody>
</table>
<p>The reason for not including other popular algorithms, such as
MD5 or SHA1 is that they are no longer considered secure enough
and as such, we dont want to encourage their usage.
If you absolutely need to use them, it is easy to do so via PHPs
native <a class="reference external" href="http://php.net/manual/en/function.hash-hmac.php">hash_hmac()</a> function.</p>
<p>Stronger algorithms of course will be added in the future as they
appear and become widely available.</p>
</section>
</section>
<section id="default-behavior">
<h3><a class="toc-backref" href="#id7" role="doc-backlink">Default Behavior</a><a class="headerlink" href="#default-behavior" title="Permalink to this heading"></a></h3>
<p>By default, the Encryption Library uses the OpenSSL handler. That handler encrypts using
the AES-256-CTR algorithm, your configured <em>key</em>, and SHA512 HMAC authentication.</p>
</section>
<section id="setting-your-encryption-key">
<h3><a class="toc-backref" href="#id8" role="doc-backlink">Setting Your Encryption Key</a><a class="headerlink" href="#setting-your-encryption-key" title="Permalink to this heading"></a></h3>
<p>Your encryption key <strong>must</strong> be as long as the encryption algorithm in use allows.
For AES-256, thats 256 bits or 32 bytes (characters) long.</p>
<p>The key should be as random as possible, and it <strong>must not</strong> be a regular text string,
nor the output of a hashing function, etc. To create a proper key,
you can use the Encryption librarys <code class="docutils literal notranslate"><span class="pre">createKey()</span></code> method.</p>
<div class="highlight-html+php notranslate"><div class="highlight"><pre><span></span><span class="o">&lt;?</span><span class="nx">php</span>
<span class="c1">// $key will be assigned a 32-byte (256-bit) random key</span>
<span class="nv">$key</span> <span class="o">=</span> <span class="nx">\CodeIgniter\Encryption\Encryption</span><span class="o">::</span><span class="na">createKey</span><span class="p">();</span>
<span class="c1">// for the SodiumHandler, you can use either:</span>
<span class="nv">$key</span> <span class="o">=</span> <span class="nb">sodium_crypto_secretbox_keygen</span><span class="p">();</span>
<span class="nv">$key</span> <span class="o">=</span> <span class="nx">\CodeIgniter\Encryption\Encryption</span><span class="o">::</span><span class="na">createKey</span><span class="p">(</span><span class="nx">SODIUM_CRYPTO_SECRETBOX_KEYBYTES</span><span class="p">);</span>
</pre></div>
</div>
<p>The key can be stored in <strong>app/Config/Encryption.php</strong>, or you can design
a storage mechanism of your own and pass the key dynamically when encrypting/decrypting.</p>
<p>To save your key to your <strong>app/Config/Encryption.php</strong>, open the file
and set:</p>
<div class="highlight-html+php notranslate"><div class="highlight"><pre><span></span><span class="o">&lt;?</span><span class="nx">php</span>
<span class="k">namespace</span> <span class="nx">Config</span><span class="p">;</span>
<span class="k">use</span> <span class="nx">CodeIgniter\Config\BaseConfig</span><span class="p">;</span>
<span class="k">class</span> <span class="nc">Encryption</span> <span class="k">extends</span> <span class="nx">BaseConfig</span>
<span class="p">{</span>
<span class="k">public</span> <span class="nv">$key</span> <span class="o">=</span> <span class="s1">&#39;YOUR KEY&#39;</span><span class="p">;</span>
<span class="c1">// ...</span>
<span class="p">}</span>
</pre></div>
</div>
<section id="encoding-keys-or-results">
<h4><a class="toc-backref" href="#id9" role="doc-backlink">Encoding Keys or Results</a><a class="headerlink" href="#encoding-keys-or-results" title="Permalink to this heading"></a></h4>
<p>Youll notice that the <code class="docutils literal notranslate"><span class="pre">createKey()</span></code> method outputs binary data, which
is hard to deal with (i.e., a copy-paste may damage it), so you may use
<code class="docutils literal notranslate"><span class="pre">bin2hex()</span></code>, or <code class="docutils literal notranslate"><span class="pre">base64_encode</span></code> to work with the key in
a more friendly manner. For example:</p>
<div class="highlight-html+php notranslate"><div class="highlight"><pre><span></span><span class="o">&lt;?</span><span class="nx">php</span>
<span class="c1">// Get a hex-encoded representation of the key:</span>
<span class="nv">$encoded</span> <span class="o">=</span> <span class="nb">bin2hex</span><span class="p">(</span><span class="nx">\CodeIgniter\Encryption\Encryption</span><span class="o">::</span><span class="na">createKey</span><span class="p">(</span><span class="mi">32</span><span class="p">));</span>
<span class="c1">// Put the same value with hex2bin(),</span>
<span class="c1">// so that it is still passed as binary to the library:</span>
<span class="nv">$key</span> <span class="o">=</span> <span class="nb">hex2bin</span><span class="p">(</span><span class="s1">&#39;your-hex-encoded-key&#39;</span><span class="p">);</span>
</pre></div>
</div>
<p>You might find the same technique useful for the results
of encryption:</p>
<div class="highlight-html+php notranslate"><div class="highlight"><pre><span></span><span class="o">&lt;?</span><span class="nx">php</span>
<span class="c1">// Encrypt some text &amp; make the results text</span>
<span class="nv">$encoded</span> <span class="o">=</span> <span class="nb">base64_encode</span><span class="p">(</span><span class="nv">$encrypter</span><span class="o">-&gt;</span><span class="na">encrypt</span><span class="p">(</span><span class="nv">$plaintext</span><span class="p">));</span>
</pre></div>
</div>
</section>
<section id="using-prefixes-in-storing-keys">
<h4><a class="toc-backref" href="#id10" role="doc-backlink">Using Prefixes in Storing Keys</a><a class="headerlink" href="#using-prefixes-in-storing-keys" title="Permalink to this heading"></a></h4>
<p>You may take advantage of two special prefixes in storing your
encryption keys: <code class="docutils literal notranslate"><span class="pre">hex2bin:</span></code> and <code class="docutils literal notranslate"><span class="pre">base64:</span></code>. When these prefixes
immediately precede the value of your key, <code class="docutils literal notranslate"><span class="pre">Encryption</span></code> will
intelligently parse the key and still pass a binary string to
the library.</p>
<div class="highlight-html+php notranslate"><div class="highlight"><pre><span></span><span class="o">&lt;?</span><span class="nx">php</span>
<span class="k">namespace</span> <span class="nx">Config</span><span class="p">;</span>
<span class="k">use</span> <span class="nx">CodeIgniter\Config\BaseConfig</span><span class="p">;</span>
<span class="k">class</span> <span class="nc">Encryption</span> <span class="k">extends</span> <span class="nx">BaseConfig</span>
<span class="p">{</span>
<span class="c1">// In Encryption, you may use</span>
<span class="k">public</span> <span class="nv">$key</span> <span class="o">=</span> <span class="s1">&#39;hex2bin:&lt;your-hex-encoded-key&gt;&#39;</span><span class="p">;</span>
<span class="c1">// or</span>
<span class="k">public</span> <span class="nv">$key</span> <span class="o">=</span> <span class="s1">&#39;base64:&lt;your-base64-encoded-key&gt;&#39;</span><span class="p">;</span>
<span class="c1">// ...</span>
<span class="p">}</span>
</pre></div>
</div>
<p>Similarly, you can use these prefixes in your <strong>.env</strong> file, too!</p>
<div class="highlight-html+php notranslate"><div class="highlight"><pre><span></span><span class="c1">// For hex2bin</span>
<span class="nx">encryption</span><span class="o">.</span><span class="nb">key</span> <span class="o">=</span> <span class="nb">hex2bin</span><span class="o">:&lt;</span><span class="nx">your</span><span class="o">-</span><span class="nx">hex</span><span class="o">-</span><span class="nx">encoded</span><span class="o">-</span><span class="nb">key</span><span class="o">&gt;</span>
<span class="c1">// or</span>
<span class="nx">encryption</span><span class="o">.</span><span class="nb">key</span> <span class="o">=</span> <span class="nx">base64</span><span class="o">:&lt;</span><span class="nx">your</span><span class="o">-</span><span class="nx">base64</span><span class="o">-</span><span class="nx">encoded</span><span class="o">-</span><span class="nb">key</span><span class="o">&gt;</span>
</pre></div>
</div>
</section>
</section>
<section id="padding">
<h3><a class="toc-backref" href="#id11" role="doc-backlink">Padding</a><a class="headerlink" href="#padding" title="Permalink to this heading"></a></h3>
<p>Sometimes, the length of a message may provide a lot of information about its nature. If
a message is one of “yes”, “no” and “maybe”, encrypting the message doesnt help: knowing
the length is enough to know what the message is.</p>
<p>Padding is a technique to mitigate this, by making the length a multiple of a given block size.</p>
<p>Padding is implemented in <code class="docutils literal notranslate"><span class="pre">SodiumHandler</span></code> using libsodiums native <code class="docutils literal notranslate"><span class="pre">sodium_pad</span></code> and <code class="docutils literal notranslate"><span class="pre">sodium_unpad</span></code>
functions. This requires the use of a padding length (in bytes) that is added to the plaintext
message prior to encryption, and removed after decryption. Padding is configurable via the
<code class="docutils literal notranslate"><span class="pre">$blockSize</span></code> property of <code class="docutils literal notranslate"><span class="pre">Config\Encryption</span></code>. This value should be greater than zero.</p>
<div class="admonition important">
<p class="admonition-title">Important</p>
<p>You are advised not to devise your own padding implementation. You must always use
the more secure implementation of a library. Also, passwords should not be padded. Usage of
padding in order to hide the length of a password is not recommended. A client willing to send
a password to a server should hash it instead (even with a single iteration of the hash function).
This ensures that the length of the transmitted data is constant, and that the server doesnt
effortlessly get a copy of the password.</p>
</div>
</section>
<section id="encryption-handler-notes">
<h3><a class="toc-backref" href="#id12" role="doc-backlink">Encryption Handler Notes</a><a class="headerlink" href="#encryption-handler-notes" title="Permalink to this heading"></a></h3>
<section id="openssl-notes">
<h4><a class="toc-backref" href="#id13" role="doc-backlink">OpenSSL Notes</a><a class="headerlink" href="#openssl-notes" title="Permalink to this heading"></a></h4>
<p>The <a class="reference external" href="https://www.php.net/openssl">OpenSSL</a> extension has been a standard part of PHP for a long time.</p>
<p>CodeIgniters OpenSSL handler uses the AES-256-CTR cipher.</p>
<p>The <em>key</em> your configuration provides is used to derive two other keys, one for
encryption and one for authentication. This is achieved by way of a technique known
as an <a class="reference external" href="https://en.wikipedia.org/wiki/HKDF">HMAC-based Key Derivation Function</a> (HKDF).</p>
</section>
<section id="sodium-notes">
<h4><a class="toc-backref" href="#id14" role="doc-backlink">Sodium Notes</a><a class="headerlink" href="#sodium-notes" title="Permalink to this heading"></a></h4>
<p>The <a class="reference external" href="https://www.php.net/manual/en/book.sodium">Sodium</a> extension is bundled by default in PHP as
of PHP 7.2.0.</p>
<p>Sodium uses the algorithms XSalsa20 to encrypt, Poly1305 for MAC, and XS25519 for key exchange in
sending secret messages in an end-to-end scenario. To encrypt and/or authenticate a string using
a shared-key, such as symmetric encryption, Sodium uses the XSalsa20 algorithm to encrypt and
HMAC-SHA512 for the authentication.</p>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>CodeIgniters <code class="docutils literal notranslate"><span class="pre">SodiumHandler</span></code> uses <code class="docutils literal notranslate"><span class="pre">sodium_memzero</span></code> in every encryption or decryption
session. After each session, the message (whether plaintext or ciphertext) and starter key are
wiped out from the buffers. You may need to provide again the key before starting a new session.</p>
</div>
</section>
</section>
<section id="message-length">
<h3><a class="toc-backref" href="#id15" role="doc-backlink">Message Length</a><a class="headerlink" href="#message-length" title="Permalink to this heading"></a></h3>
<p>An encrypted string is usually longer than the original, plain-text string (depending on the cipher).</p>
<p>This is influenced by the cipher algorithm itself, the initialization vector (IV)
prepended to the cipher-text, and the HMAC authentication message that is also prepended.
Furthermore, the encrypted message is also Base64-encoded so that it is safe
for storage and transmission regardless of the character-set in use.</p>
<p>Keep this information in mind when selecting your data storage mechanism.
Cookies, for example, can only hold 4K of information.</p>
</section>
<section id="using-the-encryption-service-directly">
<h3><a class="toc-backref" href="#id16" role="doc-backlink">Using the Encryption Service Directly</a><a class="headerlink" href="#using-the-encryption-service-directly" title="Permalink to this heading"></a></h3>
<p>Instead of (or in addition to) using <code class="docutils literal notranslate"><span class="pre">Services</span></code> as described in <a class="reference internal" href="#usage"><span class="std std-ref">Using the Encryption Library</span></a>,
you can create an “Encrypter” directly, or change the settings of an existing instance.</p>
<div class="highlight-html+php notranslate"><div class="highlight"><pre><span></span><span class="o">&lt;?</span><span class="nx">php</span>
<span class="c1">// create an Encryption instance</span>
<span class="nv">$encryption</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">\CodeIgniter\Encryption\Encryption</span><span class="p">();</span>
<span class="c1">// reconfigure an instance with different settings</span>
<span class="nv">$encrypter</span> <span class="o">=</span> <span class="nv">$encryption</span><span class="o">-&gt;</span><span class="na">initialize</span><span class="p">(</span><span class="nv">$config</span><span class="p">);</span>
</pre></div>
</div>
<p>Remember, that <code class="docutils literal notranslate"><span class="pre">$config</span></code> must be an instance of <code class="docutils literal notranslate"><span class="pre">Config\Encryption</span></code> class.</p>
</section>
</section>
<section id="namespace-CodeIgniter\Encryption">
<span id="class-reference"></span><h2><a class="toc-backref" href="#id17" role="doc-backlink">Class Reference</a><a class="headerlink" href="#namespace-CodeIgniter\Encryption" title="Permalink to this heading"></a></h2>
<dl class="php class">
<dt class="sig sig-object php" id="CodeIgniter\Encryption\Encryption">
<em class="property"><span class="pre">class</span> </em><span class="sig-prename descclassname"><span class="pre">CodeIgniter\Encryption\</span></span><span class="sig-name descname"><span class="pre">Encryption</span></span><a class="headerlink" href="#CodeIgniter\Encryption\Encryption" title="Permalink to this definition"></a></dt>
<dd><dl class="php staticmethod">
<dt class="sig sig-object php" id="CodeIgniter\Encryption\Encryption::createKey">
<em class="property"><span class="pre">static</span> </em><span class="sig-name descname"><span class="pre">createKey</span></span><span class="sig-paren">(</span><span class="optional">[</span><em class="sig-param"><span class="pre">$length</span> <span class="pre">=</span> <span class="pre">32</span></em><span class="optional">]</span><span class="sig-paren">)</span><a class="headerlink" href="#CodeIgniter\Encryption\Encryption::createKey" title="Permalink to this definition"></a></dt>
<dd><dl class="field-list simple">
<dt class="field-odd">Parameters<span class="colon">:</span></dt>
<dd class="field-odd"><ul class="simple">
<li><p><strong>$length</strong> (<span><code class="xref php php-obj docutils literal notranslate"><span class="pre">int</span></code></span>) Output length</p></li>
</ul>
</dd>
<dt class="field-even">Returns<span class="colon">:</span></dt>
<dd class="field-even"><p>A pseudo-random cryptographic key with the specified length, or <code class="docutils literal notranslate"><span class="pre">false</span></code> on failure</p>
</dd>
<dt class="field-odd">Return type<span class="colon">:</span></dt>
<dd class="field-odd"><p><span><code class="xref php php-obj docutils literal notranslate"><span class="pre">string</span></code></span></p>
</dd>
</dl>
<p>Creates a cryptographic key by fetching random data from
the operating systems sources (<em>i.e.</em> <code class="docutils literal notranslate"><span class="pre">/dev/urandom</span></code>).</p>
</dd></dl>
<dl class="php method">
<dt class="sig sig-object php" id="CodeIgniter\Encryption\Encryption::initialize">
<span class="sig-name descname"><span class="pre">initialize</span></span><span class="sig-paren">(</span><span class="optional">[</span><em class="sig-param"><span class="pre">Encryption</span> <span class="pre">$config</span> <span class="pre">=</span> <span class="pre">null</span></em><span class="optional">]</span><span class="sig-paren">)</span><a class="headerlink" href="#CodeIgniter\Encryption\Encryption::initialize" title="Permalink to this definition"></a></dt>
<dd><dl class="field-list simple">
<dt class="field-odd">Parameters<span class="colon">:</span></dt>
<dd class="field-odd"><ul class="simple">
<li><p><strong>$config</strong> (<span><code class="xref php php-obj docutils literal notranslate"><span class="pre">Config\Encryption</span></code></span>) Configuration parameters</p></li>
</ul>
</dd>
<dt class="field-even">Returns<span class="colon">:</span></dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">CodeIgniter\Encryption\EncrypterInterface</span></code> instance</p>
</dd>
<dt class="field-odd">Return type<span class="colon">:</span></dt>
<dd class="field-odd"><p><code class="docutils literal notranslate"><span class="pre">CodeIgniter\Encryption\EncrypterInterface</span></code></p>
</dd>
<dt class="field-even">Throws<span class="colon">:</span></dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">CodeIgniter\Encryption\Exceptions\EncryptionException</span></code></p>
</dd>
</dl>
<p>Initializes (configures) the library to use different settings.</p>
<p>Example:</p>
<div class="highlight-html+php notranslate"><div class="highlight"><pre><span></span><span class="o">&lt;?</span><span class="nx">php</span>
<span class="nv">$encrypter</span> <span class="o">=</span> <span class="nv">$encryption</span><span class="o">-&gt;</span><span class="na">initialize</span><span class="p">([</span><span class="s1">&#39;cipher&#39;</span> <span class="o">=&gt;</span> <span class="s1">&#39;AES-256-CTR&#39;</span><span class="p">]);</span>
</pre></div>
</div>
<p>Please refer to the <a class="reference internal" href="#configuration"><span class="std std-ref">Configuring the Library</span></a> section for detailed info.</p>
</dd></dl>
</dd></dl>
<dl class="php interface">
<dt class="sig sig-object php" id="CodeIgniter\Encryption\CodeIgniter\Encryption\EncrypterInterface">
<em class="property"><span class="pre">interface</span> </em><span class="sig-prename descclassname"><span class="pre">CodeIgniter\Encryption\</span></span><span class="sig-name descname"><span class="pre">CodeIgniter\Encryption\EncrypterInterface</span></span><a class="headerlink" href="#CodeIgniter\Encryption\CodeIgniter\Encryption\EncrypterInterface" title="Permalink to this definition"></a></dt>
<dd><dl class="php method">
<dt class="sig sig-object php" id="CodeIgniter\Encryption\CodeIgniter\Encryption\EncrypterInterface::encrypt">
<span class="sig-name descname"><span class="pre">encrypt</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="pre">$data</span></em><span class="optional">[</span>, <em class="sig-param"><span class="pre">$params</span> <span class="pre">=</span> <span class="pre">null</span></em><span class="optional">]</span><span class="sig-paren">)</span><a class="headerlink" href="#CodeIgniter\Encryption\CodeIgniter\Encryption\EncrypterInterface::encrypt" title="Permalink to this definition"></a></dt>
<dd><dl class="field-list simple">
<dt class="field-odd">Parameters<span class="colon">:</span></dt>
<dd class="field-odd"><ul class="simple">
<li><p><strong>$data</strong> (<span><code class="xref php php-obj docutils literal notranslate"><span class="pre">string</span></code></span>) Data to encrypt</p></li>
<li><p><strong>$params</strong> (<span><code class="xref php php-obj docutils literal notranslate"><span class="pre">array|string|null</span></code></span>) Configuration parameters (key)</p></li>
</ul>
</dd>
<dt class="field-even">Returns<span class="colon">:</span></dt>
<dd class="field-even"><p>Encrypted data</p>
</dd>
<dt class="field-odd">Return type<span class="colon">:</span></dt>
<dd class="field-odd"><p><span><code class="xref php php-obj docutils literal notranslate"><span class="pre">string</span></code></span></p>
</dd>
<dt class="field-even">Throws<span class="colon">:</span></dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">CodeIgniter\Encryption\Exceptions\EncryptionException</span></code></p>
</dd>
</dl>
<p>Encrypts the input data and returns its ciphertext.</p>
<p>If you pass parameters as the second argument, the <code class="docutils literal notranslate"><span class="pre">key</span></code> element
will be used as the starting key for this operation if <code class="docutils literal notranslate"><span class="pre">$params</span></code>
is an array; or the starting key may be passed as a string.</p>
<p>If you are using the SodiumHandler and want to pass a different <code class="docutils literal notranslate"><span class="pre">blockSize</span></code>
on runtime, pass the <code class="docutils literal notranslate"><span class="pre">blockSize</span></code> key in the <code class="docutils literal notranslate"><span class="pre">$params</span></code> array.</p>
<p>Examples:</p>
<div class="highlight-html+php notranslate"><div class="highlight"><pre><span></span><span class="o">&lt;?</span><span class="nx">php</span>
<span class="nv">$ciphertext</span> <span class="o">=</span> <span class="nv">$encrypter</span><span class="o">-&gt;</span><span class="na">encrypt</span><span class="p">(</span><span class="s1">&#39;My secret message&#39;</span><span class="p">);</span>
<span class="nv">$ciphertext</span> <span class="o">=</span> <span class="nv">$encrypter</span><span class="o">-&gt;</span><span class="na">encrypt</span><span class="p">(</span><span class="s1">&#39;My secret message&#39;</span><span class="p">,</span> <span class="p">[</span><span class="s1">&#39;key&#39;</span> <span class="o">=&gt;</span> <span class="s1">&#39;New secret key&#39;</span><span class="p">]);</span>
<span class="nv">$ciphertext</span> <span class="o">=</span> <span class="nv">$encrypter</span><span class="o">-&gt;</span><span class="na">encrypt</span><span class="p">(</span><span class="s1">&#39;My secret message&#39;</span><span class="p">,</span> <span class="p">[</span><span class="s1">&#39;key&#39;</span> <span class="o">=&gt;</span> <span class="s1">&#39;New secret key&#39;</span><span class="p">,</span> <span class="s1">&#39;blockSize&#39;</span> <span class="o">=&gt;</span> <span class="mi">32</span><span class="p">]);</span>
<span class="nv">$ciphertext</span> <span class="o">=</span> <span class="nv">$encrypter</span><span class="o">-&gt;</span><span class="na">encrypt</span><span class="p">(</span><span class="s1">&#39;My secret message&#39;</span><span class="p">,</span> <span class="s1">&#39;New secret key&#39;</span><span class="p">);</span>
<span class="nv">$ciphertext</span> <span class="o">=</span> <span class="nv">$encrypter</span><span class="o">-&gt;</span><span class="na">encrypt</span><span class="p">(</span><span class="s1">&#39;My secret message&#39;</span><span class="p">,</span> <span class="p">[</span><span class="s1">&#39;blockSize&#39;</span> <span class="o">=&gt;</span> <span class="mi">32</span><span class="p">]);</span>
</pre></div>
</div>
</dd></dl>
<dl class="php method">
<dt class="sig sig-object php" id="CodeIgniter\Encryption\CodeIgniter\Encryption\EncrypterInterface::decrypt">
<span class="sig-name descname"><span class="pre">decrypt</span></span><span class="sig-paren">(</span><em class="sig-param"><span class="pre">$data</span></em><span class="optional">[</span>, <em class="sig-param"><span class="pre">$params</span> <span class="pre">=</span> <span class="pre">null</span></em><span class="optional">]</span><span class="sig-paren">)</span><a class="headerlink" href="#CodeIgniter\Encryption\CodeIgniter\Encryption\EncrypterInterface::decrypt" title="Permalink to this definition"></a></dt>
<dd><dl class="field-list simple">
<dt class="field-odd">Parameters<span class="colon">:</span></dt>
<dd class="field-odd"><ul class="simple">
<li><p><strong>$data</strong> (<span><code class="xref php php-obj docutils literal notranslate"><span class="pre">string</span></code></span>) Data to decrypt</p></li>
<li><p><strong>$params</strong> (<span><code class="xref php php-obj docutils literal notranslate"><span class="pre">array|string|null</span></code></span>) Configuration parameters (key)</p></li>
</ul>
</dd>
<dt class="field-even">Returns<span class="colon">:</span></dt>
<dd class="field-even"><p>Decrypted data</p>
</dd>
<dt class="field-odd">Return type<span class="colon">:</span></dt>
<dd class="field-odd"><p><span><code class="xref php php-obj docutils literal notranslate"><span class="pre">string</span></code></span></p>
</dd>
<dt class="field-even">Throws<span class="colon">:</span></dt>
<dd class="field-even"><p><code class="docutils literal notranslate"><span class="pre">CodeIgniter\Encryption\Exceptions\EncryptionException</span></code></p>
</dd>
</dl>
<p>Decrypts the input data and returns it in plain-text.</p>
<p>If you pass parameters as the second argument, the <code class="docutils literal notranslate"><span class="pre">key</span></code> element
will be used as the starting key for this operation if <code class="docutils literal notranslate"><span class="pre">$params</span></code>
is an array; or the starting key may be passed as a string.</p>
<p>If you are using the SodiumHandler and want to pass a different <code class="docutils literal notranslate"><span class="pre">blockSize</span></code>
on runtime, pass the <code class="docutils literal notranslate"><span class="pre">blockSize</span></code> key in the <code class="docutils literal notranslate"><span class="pre">$params</span></code> array.</p>
<p>Examples:</p>
<div class="highlight-html+php notranslate"><div class="highlight"><pre><span></span><span class="o">&lt;?</span><span class="nx">php</span>
<span class="k">echo</span> <span class="nv">$encrypter</span><span class="o">-&gt;</span><span class="na">decrypt</span><span class="p">(</span><span class="nv">$ciphertext</span><span class="p">);</span>
<span class="k">echo</span> <span class="nv">$encrypter</span><span class="o">-&gt;</span><span class="na">decrypt</span><span class="p">(</span><span class="nv">$ciphertext</span><span class="p">,</span> <span class="p">[</span><span class="s1">&#39;key&#39;</span> <span class="o">=&gt;</span> <span class="s1">&#39;New secret key&#39;</span><span class="p">]);</span>
<span class="k">echo</span> <span class="nv">$encrypter</span><span class="o">-&gt;</span><span class="na">decrypt</span><span class="p">(</span><span class="nv">$ciphertext</span><span class="p">,</span> <span class="p">[</span><span class="s1">&#39;key&#39;</span> <span class="o">=&gt;</span> <span class="s1">&#39;New secret key&#39;</span><span class="p">,</span> <span class="s1">&#39;blockSize&#39;</span> <span class="o">=&gt;</span> <span class="mi">32</span><span class="p">]);</span>
<span class="k">echo</span> <span class="nv">$encrypter</span><span class="o">-&gt;</span><span class="na">decrypt</span><span class="p">(</span><span class="nv">$ciphertext</span><span class="p">,</span> <span class="s1">&#39;New secret key&#39;</span><span class="p">);</span>
<span class="k">echo</span> <span class="nv">$encrypter</span><span class="o">-&gt;</span><span class="na">decrypt</span><span class="p">(</span><span class="nv">$ciphertext</span><span class="p">,</span> <span class="p">[</span><span class="s1">&#39;blockSize&#39;</span> <span class="o">=&gt;</span> <span class="mi">32</span><span class="p">]);</span>
</pre></div>
</div>
</dd></dl>
</dd></dl>
</section>
</section>
</div>
</div>
<footer><div class="rst-footer-buttons" role="navigation" aria-label="Footer">
<a href="email.html" class="btn btn-neutral float-left" title="Email Class" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
<a href="files.html" class="btn btn-neutral float-right" title="Working with Files" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
</div>
<hr/>
<div role="contentinfo">
<p>&#169; Copyright 2019-2025 CodeIgniter Foundation.
<span class="lastupdated">Last updated on Feb 07, 2025.
</span></p>
</div>
Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
<a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
provided by <a href="https://readthedocs.org">Read the Docs</a>.
</footer>
</div>
</div>
</section>
</div>
<script>
jQuery(function () {
SphinxRtdTheme.Navigation.enable(false);
});
</script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink