Routing and controllers
- Array helper
- Command bus
- Date and time
- File system
- HTML helper
- Image manipulation
- Number helper
- Retry helper
- String helper
- URL builder
- UUID helper
Encryption and signing
Mako comes with a set of classes to help you encrypt and sign your data.
Make sure to NEVER use the example secret and keys provided with the framework in production. ALWAYS create your own!
You can easily generate your own secure secret and keys using the
The encryption library allows you to encrypt data using OpenSSL.
First we'll need to get an encrypter instance. This is done using the
// Returns instance of the "default" crypto configuration defined in the config file $encrypter = $this->crypto->getInstance(); // Returns instance of the "openssl" crypto configuration defined in the config file $encrypter = $this->crypto->getInstance('openssl');
encrypt method is used to encrypt your data.
$encrypted = $encrypter->encrypt('Hello, world!');
decrypt method is used to decrypt your data. It throws a
CryptoException if it's unable to decrypt your data.
$decrypted = $encrypter->decrypt($encrypted);
Note that data will automatically be signed with the application secret when encrypted and validated when decrypting when using the Crypto class.
You can access the default crypto configuration directly without having to go through the
instance method thanks to the magic
$encrypted = $this->crypto->encrypt('Hello, world!');
Sometimes you'll have to re-encrypt data. This could be because you have generated a new application secret or encryption key. Luckily, this can easily be achieved in a few simple lines of code.
// Decrypt data using the old key and secret $crypto = new Crypto(new OpenSSL(Key::decode($oldKey)), new Signer(Key::decode($oldSecret))); $decrypted = $crypto->decrypt($encrypted); // Encrypt the data using the new key and secret $crypto = new Crypto(new OpenSSL(Key::decode($newKey)), new Signer(Key::decode($newSecret))); $encrypted = $crypto->encrypt($decrypted);
Note that we're using the
Key::decode() method since we're assuming that your application secret and encryption key were generated by the
app:generate-key reactor commands.
Signing strings allows you to verify both the data integrity and the authenticity of your data. A HMAC (hash-based message authentication code) will be prepended to your string upon signing and stripped when validated.
You can easily sign strings with the application secret using the default signer instance.
$signed = $this->signer->sign('Hello, world!');
If you want to sign strings with a different secret then you can do so by creating a new Signer instance.
$signer = new Signer('secret_used_to_sign_data');
Make sure to use a cryptographically strong secret and to keep it away from prying eyes.
sign method returns a signed version of the provided string.
$signed = $signer->sign('Hello, world!');
validate method will check if your string is valid. It returns the original string if it is and
false if not.
$string = $signer->validate($signed);