Crypt Class

The Crypt class allows encrypt or decrypt a string. The Crypt class is also used internally by for example the Fuel Sessions class.

It uses the encryption and hashing methods provided by PHPSecLib, so it's not dependent on external modules being available, such as mcrypt.

Configuration

The Crypt class is configured through the app/config/crypt.php configuration file. It will be generated and populated with random values when you first use the Crypt class or if one of the required configuration values is missing.

Note that this will require write access to app/config/crypt.php! If this is not possible, make sure all configuration settings are set!

The following configuration settings can be defined:

Param Type Default Description
crypto_key string n/a Random encryption key value used in the encryption routines. Make sure you set this to something unique and random!
crypto_iv string n/a Random encryption initialisation vector used in the encryption routines. Make sure you set this to something unique and random!
crypto_hmac string n/a Random value used in the Hash-based Message Authentication Code (HMAC) routines. Make sure you set this to something unique and random!

If you assign keys manually, note that they are base64_encoded, and the length must be a multiple of 4 to be able to decode it. Make sure the length is correct!

encode($value, $key = false)

The encode method encrypts a string value, optionally with a custom encryption key.

Static No
Parameters
Param Default Description
$value Required String value to encode.
$key
false
Optional custom key value to be used to encode the value passed. If false, the config value 'crypto_key' is used.
Returns string
Example
// encode a variable with a custom key
$value = Crypt::encode($value, 'R@nd0mK~Y');

decode($value, $key = false)

The decode method decrypts a string value, optionally with a custom key.

Static No
Parameters
Param Default Description
$value Required String value to decode.
$key
false
Optional custom key value to be used to decode the value passed. If false, the config value 'crypto_key' is used.
Returns mixed - String value with the decoded value, or false if the value could not be decoded.
Example
// decode a variable with a custom key
$value = Crypt::decode($value, 'R@nd0mK~Y');