When messages are passed between two systems via a public network, encryption tools must be used to secure the communication channel. The process of encrypting and decrypting a message is complex and prone to errors, but is simplified in this repository by providing the PlainTextMessage
and EncryptedMessage
class abstractions.
Pass your secret message to the PlainTextMessage
constructor along with a private key, and you can call encrypt()
to convert it into an EncryptedMessage
. An EncryptedMessage
is represented by a Cipher and IV value via the getCipherText()
and getIv()
functions. These two strings can be passed to the receiver by any communication mechanism, safe in the knowledge that the contents can not be read without the private key.
On the receiver, construct another EncryptedMessage
with the incoming cipher and IV, and the original message can be read using decrypt()
The CipherText
class also exposes a getUri()
function, for creating a pre-encoded URI. A URI with cipher
and iv
querystring parameters can be passed to the EncryptedUri
class to decrypt back into a PlainTextMessage
.
sender.php
:
use \Gt\Cipher\Message\PlainTextMessage;
use \Gt\Cipher\Message\EncryptedMessage;
$privateKey = "This can be any string, but a long random string is best.";
$message = new PlainTextMessage("Hello, PHP.Gt!");
$cipherText = $message->encrypt($privateKey);
header("Location: " . $cipherText->getUri("/receiver.php"));
receiver.php
:
// This key must be the same on the sender and receiver!
use Gt\Cipher\EncryptedUri;
$privateKey = "This can be any string, but a long random string is best.";
$uri = new EncryptedUri($_SERVER["REQUEST_URI"]);
$plainText = $uri->decryptMessage($privateKey);
echo $plainText;
// Output: Hello, PHP.Gt!