-
Notifications
You must be signed in to change notification settings - Fork 0
How to encrypt & decrypt
Encrypting data is a one step process and decrypting data is a two step process. All you need for encrypting and decrypting is the key and/or AAD provided when encrypting and a KEFInfo instance which contains essential information needed to decrypt the data.
Encrypting data is done through the encryptDataKEF() function which will take the data provided and split it into ranges set by the byte range of which can be the default or manually set as long as it's not less than the MIN_BYTES or MAX_BYTES constants. Anything below or above will either cause a segmentation fault or be too much for OpenSSL to handle.
The description for the encryptDataKEF() function is below.
tpkarras\KEF\encryptDataKEF(string $data, string $passphrase, string $cipher, int $byte_range = 0, string|null $aad = null, string|null $output = null)(Note: $data can be either a file path or the data itself. $output must be a path with a file name at the end, file must not exist prior.)
Decrypting data requires one more step than encrypting data.
You will have to create a KEFInfo object in order to decrypt the data.
The KEFInfo object has the following parameters required for data decryption and subsequent serving of data.
- The MIME content type, this can be passed as an HTTP Content-Type header. The Content-Type can be retrieved using this function.
$variable->getContentType()- The length of the KEF data and the original data, this is used to verify the integrity of both the KEF and original data, it can also be passed as an HTTP Content-Length header. The Length of either the original or KEF data can be retrieved using this function.
$variable->getLength(bool $type = false)- The length of the KEF data and the original data, both are used to verify the integrity of both the KEF and original data, it can also be passed as an HTTP Content-Length header. The Length of either the original or KEF data can be retrieved using this function.
$variable->getLength(bool $type = false)- The MD5 checksum of the KEF data and the original data, both are used to verify the integrity of both the KEF and original data, it can also be passed as an HTTP Etag header. The checksum of either the original or KEF data can be retrieved using this function.
$variable->getChecksum(bool $type = false)To create the KEFInfo object, simply create a varaible with the data passed into the function like so.
$variable = new tpkarras\KEF\KEFInfo(string $data)To finally decrypt the data, pass in the data, the key and/or AAD like so.
tpkarras\KEF\decryptKEFData(KEFInfo $info, string $data, string $passphrase, string|null $aad = null, int $start = 0, int $end = 0, int $buffer_size = 0)