PHP Sodium Encryption


Libsodium is a modern cryptography library that provides secure encryption, decryption, hashing, and key management. The 3 files below demonstrate how to perform encryption/decryption using files secured in a password-protected folder. filemakerheader.php this file is used to verify the requesting user agent (FileMaker in this example) <?php header("Access-Control-Allow-Origin: *"); header("Content-Type: application/json; charset=UTF-8"); header("Cache-Control: no-cache, must-revalidate"); $http_user_agent = $_SERVER['HTTP_USER_AGENT'] ?? ''; if (stripos($http_user_agent, 'FileMaker') !== false) { // User Agent contains "FileMaker" // Continue to the next steps in the associated script } else { //header("Location: error.php"); exit(); } ?> encryptor.php this file is stored in a password-protected folder on the server <?php require 'filemakerheader.php'; $msg = $_GET["msg"]; $ad = $_GET["ad"]; $url = 'https://yourwebserver.com/protectedfolder/aes256gcmEP.php'; $username = 'protectedfolderadmin'; $password = 'protectedfolderadminpassword'; $headers = array( 'Content-Type: multipart/form-data', 'Authorization: Basic '. base64_encode("$username:$password") ); $postRequest = array( 'msg' => $msg, 'ad' => $ad ); $ch = curl_init($url); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $postRequest); $response = curl_exec($ch); if(curl_errno($ch)){ throw new Exception(curl_error($ch)); } echo $response; curl_close($ch); ?> decryptor.php this file is stored in the same password-protected folder as encryptor.php <?php require 'filemakerheader.php'; $ciphertext = $_GET["ciphertext"]; $key = $_GET["key"]; $nonce = $_GET["nonce"]; $ad = $_GET["ad"]; $url = 'https://yourwebserver.com/protectedfolder/aes256gcmDP.php'; $username = 'protectedfolderadmin'; $password = 'protectedfolderadminpassword'; $headers = array( 'Content-Type: multipart/form-data', 'Authorization: Basic '. base64_encode("$username:$password") ); $postRequest = array( 'ciphertext' => $ciphertext, 'key' => $key, 'nonce' => $nonce, 'ad' => $ad ); $ch = curl_init($url); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $postRequest); $response = curl_exec($ch); if(curl_errno($ch)){ throw new Exception(curl_error($ch)); } echo $response; curl_close($ch); ?>

Libsodium is a modern cryptography library that provides secure encryption, decryption, hashing, and key management. 
The 3 files below demonstrate how to perform encryption/decryption using files secured in a password-protected folder.

filemakerheader.php
this file is used to verify the requesting user agent (FileMaker in this example)
<?php
header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
header("Cache-Control: no-cache, must-revalidate");
$http_user_agent = $_SERVER['HTTP_USER_AGENT'] ?? '';
if (stripos($http_user_agent, 'FileMaker') !== false) {
    // User Agent contains "FileMaker"
    // Continue to the next steps in the associated script
} else {
    //header("Location: error.php");
    exit();
}
?>

encryptor.php
this file is stored in a password-protected folder on the server
<?php
require 'filemakerheader.php';
$msg = $_GET["msg"];
$ad = $_GET["ad"];
$url = 'https://yourwebserver.com/protectedfolder/aes256gcmEP.php';
$username = 'protectedfolderadmin';
$password = 'protectedfolderadminpassword';
$headers = array(
    'Content-Type: multipart/form-data',
    'Authorization: Basic '. base64_encode("$username:$password")
	);
$postRequest = array(
    'msg' => $msg,
    'ad' => $ad
	);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postRequest);	
$response = curl_exec($ch);
if(curl_errno($ch)){
    throw new Exception(curl_error($ch));
}
echo $response;
curl_close($ch);
?>

decryptor.php
this file is stored in the same password-protected folder as encryptor.php
<?php
require 'filemakerheader.php';
$ciphertext = $_GET["ciphertext"];
$key = $_GET["key"];
$nonce = $_GET["nonce"];
$ad = $_GET["ad"];
$url = 'https://yourwebserver.com/protectedfolder/aes256gcmDP.php';
$username = 'protectedfolderadmin';
$password = 'protectedfolderadminpassword';
$headers = array(
    'Content-Type: multipart/form-data',
    'Authorization: Basic '. base64_encode("$username:$password")
	);
$postRequest = array(
    'ciphertext' => $ciphertext,
	'key' => $key,
	'nonce' => $nonce,
    'ad' => $ad
	);
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HTTPHEADER, $headers);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $postRequest);	
$response = curl_exec($ch);
if(curl_errno($ch)){
    throw new Exception(curl_error($ch));
}
echo $response;
curl_close($ch);
?>