defuse/php-encryption is a library that can be used to encrypt and decrypt data. Getting up and running is fairly simple to start encrypting and decrypting data. They have a great tutorial that helps explain the basics of how to use the library as well as important security implications regarding encryption.
Installation is simple with composer.
composer require defuse/php-encryption
Then you'll need to generate an encryption key.
vendor/bin/generate-defuse-key
This will spit out a key that you'll need to keep safe. You could keep the key in your app/config/config.php file in the array at the bottom of the file. While it's not the perfect spot, it's at least something.
app/config/config.php
Now that you have the library and an encryption key, you can start encrypting and decrypting data.
use Defuse\Crypto\Crypto; use Defuse\Crypto\Key; /* * Set in your bootstrap or public/index.php file */ // Encryption method Flight::map('encrypt', function($raw_data) { $encryption_key = /* $config['encryption_key'] or a file_get_contents of where you put the key */; return Crypto::encrypt($raw_data, Key::loadFromAsciiSafeString($encryption_key)); }); // Decryption method Flight::map('decrypt', function($encrypted_data) { $encryption_key = /* $config['encryption_key'] or a file_get_contents of where you put the key */; try { $raw_data = Crypto::decrypt($encrypted_data, Key::loadFromAsciiSafeString($encryption_key)); } catch (Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException $ex) { // An attack! Either the wrong key was loaded, or the ciphertext has // changed since it was created -- either corrupted in the database or // intentionally modified by Eve trying to carry out an attack. // ... handle this case in a way that's suitable to your application ... } return $raw_data; }); Flight::route('/encrypt', function() { $encrypted_data = Flight::encrypt('This is a secret'); echo $encrypted_data; }); Flight::route('/decrypt', function() { $encrypted_data = '...'; // Get the encrypted data from somewhere $decrypted_data = Flight::decrypt($encrypted_data); echo $decrypted_data; });