Arabic
Chinese
Dutch
English
French
German
Indonesian
Italian
Japanese
Korean
Malay
Portuguese
Russian
SpanishPHP Luminova: Crypter Encryption and Decryption Helper
Luminova Crypter makes encryption simple. Encrypt and decrypt data easily with Sodium or OpenSSL using one unified, beginner-friendly static method.
The Crypter class is a simple helper for encryption and decryption, it makes encryption in Luminova easier, safer, and more consistent.
It automatically uses your application’s Encryption Configuration settings, so you don’t have to manually set up or switch handlers. Whether you choose Sodium or OpenSSL, Crypter provides one easy interface for both.
This means you can:
- Encrypt and decrypt data with just a single call.
- Switch between drivers (
Luminova\Security\Encryption\Driver\Openssl,Luminova\Security\Encryption\Driver\Sodium), without changing your code. - Avoid dealing with the low-level details of each handler.
Usages
Crypter Examples
Encrypt and decrypt message.
use Luminova\Security\Encryption\Crypter;
$encrypted = Crypter::encrypt('Hello world');
if($encrypted === false){
echo 'Encryption failed';
return;
}
echo Crypter::decrypt($encrypted);Note
Using
encryptordecryptlogs exceptions in production and return false instead.
Generate a random nonce
use Luminova\Security\Encryption\Crypter;
$nonce = Crypter::nonce(16, 'Hello world');Application Cypher Object
Return instance of application cipher object.
use Luminova\Security\Encryption\Crypter;
$cipher = Crypter::getInstance();Encrypt with cipher object.
$cipher->setData('Hello world');
$cipher->setAssociatedData(['user_id' => 1]);
try{
$cipherText = $cipher->encrypt();
}catch(Throwable $e){
echo 'Encryption failed';
}Decrypt with cipher object.
$cipher->setData('Hello world');
$cipher->setAssociatedData(['user_id' => 1]);
try{
$plainText = $cipher->decrypt();
}catch(Throwable $e){
echo 'Decryption failed';
}Class Definition
- Class namespace:
Luminova\Security\Encryption\Crypter - This class is marked as final and can't be subclassed
Methods
getInstance
Returns a configured application encryption handler instance.
Resolves the active encryption driver (OpenSSL or Sodium), applies the encryption key, cipher method, and key size, and returns a ready-to-use handler.
If no key is provided, the application key (env('app.key')) is used.
public static getInstance(?string $key = null): Luminova\Interface\EncryptionInterfaceParameters:
| Parameter | Type | Description |
|---|---|---|
$key | string|null | Optional encryption key (default: env('app.key')). |
Return Value:
EncryptionInterface - Return instance of application encryption handler (e.g, Openssl or Sodium).
Throws:
- \Luminova\Exceptions\EncryptionException
- If the encryption key is missing.
- If the handler is invalid or its extension is not available.
- If the installed Sodium version is unsupported (< 1.0.14).
Configuration:
Configuration class is located in your controller configuration directory in
/app/Config/Encryption.php.
nonce
Generate a random nonce, or return from a string.
This method generates drivers specific nonce.
public static nonce(int $length, ?string $string = null): ?stringParameters:
| Parameter | Type | Description |
|---|---|---|
$length | int | The nonce length to generate. |
$string | string|null | Optional string to drive the nonce from. |
Return Value:
string|null - Return the generated encryption nonce string or null if failed.
encrypt
Encrypts plaintext using the default encryption configuration.
This method automatically selects the configured handler (OpenSSL or Sodium), generates a noncewhen required, and returns the encrypted payload.
public static encrypt(
string $data,
?string $key = null,
?string $nonce = null,
?string $aad = null
): string|falseParameters:
| Parameter | Type | Description |
|---|---|---|
$data | string | The plaintext to encrypt. |
$key | string|null | Optional encryption key (default: env('app.key')). |
$nonce | string|null | Optional nonce (default: auto-generate). |
$aad | string|null | Additional data to authenticate (default: null). |
Return Value:
string|false - Return encrypted data in binary or base64, or false on failure in production.
Throws:
- \Luminova\Exceptions\EncryptionException - If encryption fails or input is invalid.
Example
use Luminova\Security\Encryption\Crypter;
$encrypted = Crypter::encrypt('Hello world');decrypt
Decrypts encrypted data using the default encryption configuration.
This method resolves the active handler, validates the input, and restores the cipher message to it's original plaintext, using the default application encryption configuration or a custom key.
public static decrypt(string $data, ?string $key = null, ?string $aad = null): string|falseParameters:
| Parameter | Type | Description |
|---|---|---|
$data | string | The encrypted data to decrypt. |
$key | string|null | Optional encryption key (default: env('app.key')). |
$aad | string|null | Additional data to authenticate (default: null). |
Return Value:
string|false - Return decrypted plaintext or false on failure in production.
Throws:
- \Luminova\Exceptions\EncryptionException - If decryption fails or input is invalid.