Beginner's Guide to getting CipherSweet working with PDO and MYSQL

[isq]

I'm brand new to posting programming questions on forums, and I just tried to get help on Stack Overflow but they downvoted me a bunch and deleted my question because it wasn't specific enough, I guess? I guess I don't know how to make my request more specific, as I'm looking for an easy-to-understand guide to make CipherSweet work with my project, and I don't understand anything after the installation process. What I need is everything else afterwards in a way that's not 1000 feet over my head. Hopefully y'all are more willing to help me than Stack peeps were.

So, I have some experience with BASIC (VERY BASIC) encryption (like sodium crypto secret box and a bit of argon stuff for passwords), and I've built sites on php with MYSQL before that never really needed the sort of encryption (especially SEARCHABLE encrypted data from a database) that I am now needing for a current project (usernames, actual names, email addresses, birthdates, etc.). I need to be able to search by encrypted email addresses, usernames, and actual names, at a minimum, and connecting any of my encryption code with the searchable ability came up null, and research led me to realize this is a huge issue and difficult enough to merit conferences on this subject alone.

Enter CipherSweet, which looks like exactly what I need...if I can just figure out how to use it.

I've never installed anything like this before that I've gotten to work for programming, and I'm guilty of just programming most things I do from scratch (yeah, I know, old school, but it's currently all I know).

This is VERY new to me, and every guide I've found on how to use CipherSweet is so far over my head I feel like I'm reading a foreign language. I've read the guides from Paragonie and got CipherSweet installed on my SiteGround shared-hosting server using Composer (had to go with version 3 because the SiteGround server itself isn't using php 8.1 yet despite the fact I have 8.1 set for my shared hosting site). The rest of the guides at Paragonie (https://ciphersweet.paragonie.com/php/setup), Github, and any I've found thus far on Stack Overflow regarding CipherSweet are completely over my head. I didn't find any information here on the coding forums on CipherSweet (but who knows, maybe I missed something?).

I'm trying to follow the guides on what to do after installation, and I'm just lost. How do I actually intitialize the engine, for example? Where do I place the code recommended? In a connect kind of file? And how do I connect my database? It looks different than what I'm used to. Can I use PDO, as is my usual preference? If so, how?

Any help would be appreciated. I imagine there are just one or two disconnects that -- once understood -- the rest will fall into place.

Thanks!

 

[Kuncode]

CipherSweet is a encryption library for PHP that allows you to encrypt and store sensitive data in a searchable manner. To get started with CipherSweet, follow these steps:

1. Install CipherSweet via Composer.
2. Initialize the engine by including the autoload file generated by Composer in your PHP file.

require __DIR__ . '/vendor/autoload.php';

1. Connect to your database. You can use PDO to connect to your database. Here's an example of how to connect to a MySQL database using PDO:

try {
    $db = new PDO('mysql:host=localhost;dbname=yourdatabase', 'username', 'password');
} catch (PDOException $e) {
    echo $e->getMessage();
}

1. Initialize the encryption engine and set your encryption key.

use ParagonIE\CipherSweet\Backend\ModernCrypto;
use ParagonIE\CipherSweet\EncryptedField;
use ParagonIE\CipherSweet\CipherSweet;

$engine = new ModernCrypto();
$field = new EncryptedField($engine, 'yourdatabase', 'tablename');
$ciphersweet = new CipherSweet($field);
$ciphersweet->setKey('your encryption key');

1. Encrypt and store the sensitive data in your database. Here's an example of how to encrypt and store a username in the database:

$plaintext = 'user123';
$encrypted = $ciphersweet->encrypt($plaintext);

$stmt = $db->prepare("INSERT INTO tablename (username) VALUES (:username)");
$stmt->execute(['username' => $encrypted]);

1. Decrypt and retrieve the sensitive data from your database. Here's an example of how to retrieve and decrypt a username from the database:

$stmt = $db->prepare("SELECT username FROM tablename WHERE id = :id");
$stmt->execute(['id' => $id]);
$row = $stmt->fetch();

$decrypted = $ciphersweet->decrypt($row['username']);

Note: The encryption key should be kept secret and should never be stored in the same place as the encrypted data.

I hope this helps you get started with CipherSweet. If you have any further questions, feel free to ask.