This version is outdated. You should upgrade your project to Mako 12.1!
master
12.1 12.0 11.4 11.3 11.2 11.1 11.0 10.0
show older versions 9.1 9.0 8.1 8.0 7.3 7.2 7.1 7.0 6.3 6.2 6.1 6.0 5.7 5.6 5.5 5.4 5.3 5.2 5.1 5.0 4.5 3.6
Security

Encryption and signing

Mako comes with a set of classes to help you encrypt and sign your data.

Make sure to NEVER use the example keys provided with the framework in production. ALWAYS create your own!

Encryption

Basics

The encryption library allows you to encrypt data using Mcrypt or OpenSSL.

First we'll need to get an encrypter instance. This is done using the phpCryptoManager::instance method.

// Returns instance of the "default" crypto configuration defined in the config file

$encrypter = $this->crypto->instance();

// Returns instance of the "openssl" crypto configuration defined in the config file

$encrypter = $this->crypto->instance('openssl');

The phpencrypt method is used to encrypt your data.

$encrypted = $encrypter->encrypt('Hello, world!');

The phpdecrypt method is used to dencrypt your data. It will return FALSE if it's unable to decrypt your data.

$decrypted = $encrypter->decrypt('Hello, world!');

The phpencryptAndSign method will encrypt and sign your data. This will make sure that it has not been tampered with.

$encryptedAndSigned = $encrypter->encryptAndSign('Hello, world!');

The phpvalidateAndDecrypt will first validate your data and then decrypt it. It will return FALSE if any of the two operations fail.

$validatedAndDecrypted = $encrypter->validateAndDecrypt($encryptedAndSigned);

Magic shortcut

You can access the default crypto configuration directly without having to go through the phpinstance method thanks to the magic php__call method.

$encrypted = $this->crypto->encrypt('Hello, world!');

Signing

First we'll need to create a signer instance.

$signer = new Signer('secret_used_to_sign_data');

Make sure to use a cryptographically strong secret and to keep it away from prying eyes.

The phpsign method returns a signed version of the provided string.

$signed = $signer->sign('Hello, world!');

The phpvalidate method will check if your string is valid. It returns the original string if it is and FALSE if not.

$string = $signer->validate($signed);