Cryptography Guide

This documentation covers functionality of objects that use a class that is extended from WWW_Factory class. Methods and calls in this documentation can be used when building your Models, Views and Controller classes and their functionality.

Introduction

Wave Framework has a strong encryption model that it can use to send data in encrypted form between different web servers. Wave Framework uses Rijndael 256bit encryption in ECB and CBC modes by default and there are wrapper methods available for this type of encryption. Of course, as a developer, you can use other encryption methods just as easily as you would with PHP in every other case.

Using Rijndael 256bit Wrapper Functions

Wave Framework wrapper functions for encryption and decryption do multiple things that make sure that the process flows without problems:

Encryption needs two values, a string value that will be encrypted and an encryption key. If only the key is used for encryption, then the encryption will use ECB mode that is less secure than the initialization-vector enhanced CBC mode, but should be still secure for a lot of use cases. Here is an example of a very simple encryption:

	
	// Data and configuration
	$key='my-key';
	$message='my-secret-message';
	
	// Encrypting the string
	$encryptedString=$this->encryptData($message,$key);
	

As a result, the $encryptedString value will be something like this:

	
	purk/cIwlmH74n/WB3TrnMGisLjwzEbNdNqYhGaUW0c=
	

To decrypt this series of characters, then you need to use the encrypted string and the key that was used to encrypt the string in the beginning:

	
	$key='my-key';
	$decryptedString=$this->decryptData($encryptedString,$key);
	

And this would give $decryptedString the value of what was originally there in $message variable.

To use a more secure method for encryption and decryption of data, then you can also provide the secret key or initialization vector. Below is the full example of encrypting a variable and decrypting it with the wrapper function, in CBC mode:

	
	// Data and configuration
	$key='my-key';
	$secretKey='this-key-must-have-32-characters';
	$message='my-secret-message';
	
	// Encrypting the string
	$encryptedString=$this->encryptData($message,$key,$secretKey);
	
	...
	
	// Decrypting the string
	$decryptedString=$this->decryptData($encryptedString,$key,$secretKey);
	

Whether to encrypt data in ECB or CBC mode is entirely up to the developer. Even an encryption without the initialization vector or secret key is very difficult to decrypt, but the CBC mode should be used whenever you wish to make sure that you are using the best encryption that is available through Wave Framework.