Skip to main content

Laravel – Encryption

Laravel – Encryption

Encryption is a process of converting a plain text to a message using some algorithms such that any third user cannot read the information. This is helpful for transmitting sensitive information because there are fewer chances for an intruder to target the information transferred.
Encryption is performed using a process called Cryptography. The text which is to be encrypted is termed as Plain Text and the text or the message obtained after the encryption is called Cipher Text. The process of converting cipher text to plain text is called Decryption.
Laravel uses AES-256 and AES-128 encrypter, which uses Open SSL for encryption. All the values included in Laravel are signed using the protocol Message Authentication Code so that the underlying value cannot be tampered with once it is encrypted.

Configuration

The command used to generate the key in Laravel is shown below −
Please note that this command uses the PHP secure random bytes’ generator and you can see the output as shown in the screenshot given below −
The command given above helps in generating the key which can be used in web application. Observe the screenshot shown below −

Note

The values for encryption are properly aligned in the config/app.php file, which includes two parameters for encryption namely key and cipher. If the value using this key is not properly aligned, all the values encrypted in Laravel will be insecure.

Encryption Process

Encryption of a value can be done by using the encrypt helper in the controllers of Laravel class. These values are encrypted using OpenSSL and AES-256 cipher. All the encrypted values are signed with Message Authentication code (MAC) to check for any modifications of the encrypted string.
The code shown below is mentioned in a controller and is used to store a secret or a sensitive message.

Decryption Process

Decryption of the values is done with the decrypt helper. Observe the following lines of code −
Please note that if the process of decryption is not successful because of invalid MAC being used, then an appropriate exception is thrown.

Popular posts from this blog

What is Lumen?

What is Lumen? Lumen  is PHP micro-framework that built on Laravel’s top components.It is created by Taylor Otwell. It is perfect option for building Laravel based micro-services and fast REST API’s. It’s one of the fastest micro-frameworks available. You can install Lumen using composer by running below command 1 composer create - project -- prefer - dist laravel / lumen blog
Read more

Laravel – Response

Laravel – Response A web application responds to a user’s request in many ways depending on many parameters. This chapter explains you in detail about responses in Laravel web applications. Basic Response Laravel provides several different ways to return response. Response can be sent either from route or from controller. The basic response that can be sent is simple string as shown in the below sample code. This string will be automatically converted to appropriate HTTP response. Example Step 1  − Add the following code to  app/Http/routes.php  file. app/Http/routes.php 1 2 3 Route :: get ( '/basic_response' , function ( ) {    return 'Hello World' ; } ) ; Step 2  −  Visit  the following URL to test the basic response. 1 http : //localhost:8000/basic_response Step 3  − The output will appear as shown in the following image. Attaching Headers The response can be attached t...
Read more

Which template engine Laravel use ?

Which template engine Laravel use ? Laravel uses Blade Templating Engine. Blade is the simple, yet powerful templating engine provided with Laravel. Unlike other popular PHP templating engines, Blade does not restrict you from using plain PHP code in your views. In fact, all Blade views are compiled into plain PHP code and cached until they are modified, meaning Blade adds essentially zero overhead to your application. Blade view files use the .blade.php file extension and are typically stored in the resources/views directory.
Read more