This class is use to encrypt text using an AES-256
Important things about the Keys:
- A fixed password is not an AES key. Using it directly as an AES key opens you up to attacks.
- A fixed password should be salted or stretched.
- Fist it should be salted, this means adding Random Data to it, this ensure that data encrypted with the same password will get different ciphertext.
- Second it should be hashed, so that the final result is the correct length.
Almost every algorithim can be broken, the real point is to force the attacker to waste some time, and make them give up.
- As soon as you generate the key store it, usually on a different DataBase that the user information, this will help you to protect your information, in case of an attack the hacker will not have whole information
- because this is random generated key, storing it will help you to decrypt your password later on.
- Add the
include('PATH/AES256.php');to your PHP File, - Create AES256 Object
$aes = new AES256():
- Gets a Salt of 32bits for AES256
$salt = $aes->getSaltKey(16);
- Password encrypted using AES-256 CBC
$password = $aes->encryptString($password, $salt);
- Password decrypted using AES-256 CBC
$password = $aes->decryptString($saltedPassword, $salt);