Solital makes use of OpenSSL and Sodium encryption. If you are using Core >= 4.2, you should find the following variables in your .env
file: APP_HASH
, FIRST_SECRET
and SECOND_SECRET
. The APP_HASH
variable is the main variable used by Solital, but if this variable is not available, the other two can be used instead.
To create an encrypted key, use the Hash
class together with the static encrypt
function as shown below:
use Solital\Core\Security\Hash;
$res = Hash::encrypt('word_to_encrypt');
pre($res);
You can define how long this key will be valid. It can be 1 second, 1 hour or 1 year. by default the value is +1 hour
.
use Solital\Core\Security\Hash;
$res = Hash::encrypt('word_to_encrypt', '+1 month');
pre($res);
If you want to decrypt, use the decrypt
function chained with the value
method.
use Solital\Core\Security\Hash;
$res = Hash::decrypt('word_to_decrypt')->value();
pre($res);
If you want to check if the encrypted key is still valid, use isValid
. If you want to verify that the encrypted key is still valid, use isValid
. the isValid
method will returntrue
if it is still valid, and false
if it is already expired
use Solital\Core\Security\Hash;
$res = Hash::decrypt('word_to_decrypt')->isValid();
pre($res);
Solital uses OpenSSL and Sodium to perform value encryption. To change the encryption, change the crypt
value in the bootstrap.yaml
file.
crypt: sodium
Solital supports Sodium encryption. To enable, make sure that libsodium is installed in your development environment. You can use the Hash::checkSodium()
method to check if libsodium is installed.
First, you need to generate a sodium key. This key is automatically renewed with each new request, so it can be stored in a database, in the session or in another type of storage.
use Solital\Core\Security\Hash;
$key = Hash::getSodiumKey();
Use the Hash::sodiumCrypt()
(to encrypt), and Hash::sodiumDecrypt()
(to decrypt) methods. Remember to use the key generated using the Hash::getSodiumKey()
method.
use Solital\Core\Security\Hash;
$key = Hash::getSodiumKey();
# Crypt
$encoded = Hash::sodiumCrypt("HashTest!", $key);
pre($encoded);
# Decrypt
$decoded = Hash::sodiumDecrypt($encoded, $key);
pre($decoded);