Initial Commit

config.sample.inc.php

@@ -0,0 +1,3 @@
+<?php
+
+$config[''] = "";

lib.php

@@ -0,0 +1,96 @@
+<?php
+
+// The key to use in the encryption
+$key    = "my Key";
+
+// The string to encrypt, this can be any string.
+$string = "Super secret password we should store away safely";
+
+
+/**
+ * @param string $data The data to be encrypted, this can only encrypt strings.
+ * @param string $key The key to use to encrypt the data, this key should be generated using the openssl_random_pseudo_bytes
+ * @param string $cipherMethod The cypher method to use in the encryption process, these can be checked using 
+ * @param bool $integrity_check Check if the encrypted data can also be decypted, this will take 2x more time to process the data, but will make 100% sure that the data is safe and can be decrypted.
+ */
+function encryptData( string $data, string $key, string $cipherMethod = 'AES-256-CBC', bool $integrity_check = TRUE) {
+
+    // Lowercase the cipher
+    $cipherMethod = strtolower($cipherMethod);
+
+    // Check if the encryption method is valid
+    if (!in_array($cipherMethod, openssl_get_cipher_methods())) {
+        // Cypher was not in the available ciphers list.
+        return FALSE;
+    }
+
+    // To encrypt a string   
+    $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length($cipherMethod));
+
+    // Encrypt the data
+    $encryptedData = openssl_encrypt($data, $cipherMethod, $key, OPENSSL_RAW_DATA, $iv);
+
+    // Append the iv to the encrypted data
+    $encryptedData = $iv . $encryptedData;
+
+    // base64 encrypt to make sure we don't lose bytes
+    $encryptedData = base64_encode($encryptedData);
+
+    // Check if we should verify the integrity of the encryption
+    if ( $integrity_check === TRUE ) {
+        // Test for decryption validity
+        if ( md5(decryptData($encryptedData, $key, $cipherMethod)) === md5($data) ) {
+            // Put the output in the result
+            return $encryptedData;
+        } else {
+            // Assign the output to the result
+            return FALSE;
+        }
+    } else {
+        // Simply return the results
+        return $encryptedData;
+    }
+
+}
+
+/**
+ * @param string $data The data to be encrypted, this can only encrypt strings.
+ * @param string $key The key to use to encrypt the data, this key should be generated using the openssl_random_pseudo_bytes
+ * @param string $cipherMethod The cypher method to use in the encryption process, these can be checked using 
+ */
+function decryptData( string $data, string $key, string $cipherMethod = 'AES-256-CBC' ) {
+
+    // Lowercase the cipher
+    $cipherMethod = strtolower($cipherMethod);
+
+    // Check if the encryption method is valid
+    if (!in_array($cipherMethod, openssl_get_cipher_methods())) {
+        // Cypher was not in the available ciphers list.
+        return FALSE;
+    }
+
+    // base64 decode the data.
+    $data = base64_decode($data);
+
+    // Get the length of the IV
+    $iv_length = openssl_cipher_iv_length($cipherMethod);
+    // Get the IV from the decoded data
+    $iv = substr($data,0,$iv_length);
+
+    // Get the encrypted string from the data
+    $data = substr($data, $iv_length);
+
+    // Decrypt the data
+    $data = openssl_decrypt($data,$cipherMethod,$key, OPENSSL_RAW_DATA, $iv);
+
+    // Return the data
+    return $data;
+}
+
+$encryptedData = encryptData($string, $key);
+
+echo "Encrypted: " . $encryptedData;
+echo "\n";
+echo "Decrypted: " . decryptData($encryptedData, $key);
+echo "\n";
+echo "Peak Memory: " . memory_get_peak_usage() / 1024 . "Kb";