Last active
September 3, 2025 09:42
-
-
Save turret-io/957e82d44fd6f4493533 to your computer and use it in GitHub Desktop.
AES encryption/decryption in PHP
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // DEFINE our cipher | |
| define('AES_256_CBC', 'aes-256-cbc'); | |
| // Generate a 256-bit encryption key | |
| // This should be stored somewhere instead of recreating it each time | |
| $encryption_key = openssl_random_pseudo_bytes(32); | |
| // Generate an initialization vector | |
| // This *MUST* be available for decryption as well | |
| $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length(AES_256_CBC)); | |
| // Create some data to encrypt | |
| $data = "Encrypt me, please!"; | |
| echo "Before encryption: $data\n"; | |
| // Encrypt $data using aes-256-cbc cipher with the given encryption key and | |
| // our initialization vector. The 0 gives us the default options, but can | |
| // be changed to OPENSSL_RAW_DATA or OPENSSL_ZERO_PADDING | |
| $encrypted = openssl_encrypt($data, AES_256_CBC, $encryption_key, 0, $iv); | |
| echo "Encrypted: $encrypted\n"; | |
| // If we lose the $iv variable, we can't decrypt this, so append it to the | |
| // encrypted data with a separator that we know won't exist in base64-encoded | |
| // data | |
| $encrypted = $encrypted . ':' . $iv; | |
| // To decrypt, separate the encrypted data from the initialization vector ($iv) | |
| $parts = explode(':', $encrypted); | |
| // $parts[0] = encrypted data | |
| // $parts[1] = initialization vector | |
| $decrypted = openssl_decrypt($parts[0], AES_256_CBC, $encryption_key, 0, $parts[1]); | |
| echo "Decrypted: $decrypted\n"; | |
| ?> |
How to make it into AES 128 ECB?
function decrypt($data, $key) {
return openssl_decrypt(base64_decode($data), 'aes-128-ecb', $key, OPENSSL_PKCS1_PADDING);
}
thanks a lot 👍
Hi! Please give advice on how to make it into AES 256 GCM?
thank you so much it working fine
I saved the encrypted keyword to a db. When retrieving that keyword, it is unclear how to decrypt it?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
How to make it into AES 128 ECB?