How to Encrypt and Decrypt Large Files Using OpenSSL in PHP – Part 2

Introduction

In Part 1 of this two-part blog post series, we learned how to encrypt large files using OpenSSL in PHP. Now, in Part 2, we will continue our exploration by covering the decryption process. Understanding both encryption and decryption is crucial for implementing secure data handling in PHP applications. Let’s dive into the decryption process and retrieve the original content from the encrypted file.

Prerequisites

Before proceeding with Part 2, make sure you’ve followed Part 1 to encrypt the file successfully. You should have the encrypted file and the encryption key used to encrypt the data.

Part 2: Decrypting the File
To decrypt the file, we need the encrypted file, the encryption key, and the Initialization Vector (IV) that was used during encryption. The IV is usually prepended to the encrypted data, and it helps ensure unique ciphertexts even when encrypting the same data with the same key.

Step 1: Reading the Initialization Vector (IV)
We’ll read the IV from the encrypted file to use it during the decryption process. The IV size depends on the encryption cipher used (in this case, AES-256-CBC).

<?php
function decryptFile($inputFile, $outputFile, $key)
{
    // Check if the input file exists and is readable
    if (!file_exists($inputFile) || !is_readable($inputFile)) {
        return false;
    }

    // Try to open the input and output files in binary mode
    $inputHandle = fopen($inputFile, 'rb');
    $outputHandle = fopen($outputFile, 'wb');

    // Check if file handles were successfully opened
    if (!$inputHandle || !$outputHandle) {
        return false;
    }

    // Read the IV from the encrypted file (IV length depends on the encryption cipher)
    $cipher = 'AES-256-CBC';
    $ivLength = openssl_cipher_iv_length($cipher);
    $iv = fread($inputHandle, $ivLength);

    // Initialize the decryption algorithm
    if (!openssl_cipher_iv_length($cipher)) {
        fclose($inputHandle);
        fclose($outputHandle);
        return false;
    }

    // Decrypt the data in chunks
    while (!feof($inputHandle)) {
        $chunk = fread($inputHandle, 8192); // Chunk size (in this case, 8 KB)

        // Decrypt the chunk
        $decryptedChunk = openssl_decrypt($chunk, $cipher, $key, OPENSSL_RAW_DATA, $iv);
        if ($decryptedChunk === false) {
            fclose($inputHandle);
            fclose($outputHandle);
            return false;
        }

        // Write the decrypted chunk to the output file
        if (fwrite($outputHandle, $decryptedChunk) === false) {
            fclose($inputHandle);
            fclose($outputHandle);
            return false;
        }

        $iv = $chunk; // Use the current chunk as the next IV for the next iteration
    }

    // Close the file handles
    fclose($inputHandle);
    fclose($outputHandle);

    return true;
}

// Example usage
$inputFile = '/path/to/encryptedfile.txt';
$outputFile = '/path/to/decryptedfile.txt';

// Replace 'YOUR_ENCRYPTION_KEY' with the original encryption key used in Part 1
$key = 'YOUR_ENCRYPTION_KEY';

if (decryptFile($inputFile, $outputFile, $key)) {
    echo "File decrypted successfully.";
} else {
    echo "Decryption failed.";
}
?>

Conclusion

In Part 2 of this blog post series, we’ve covered the decryption process using OpenSSL in PHP. By reading the Initialization Vector (IV) from the encrypted file and using the same key used during encryption, we can successfully retrieve the original content from the encrypted file. Implementing both encryption and decryption knowledge ensures a comprehensive understanding of secure data handling in PHP applications.

Remember, data security is essential, and it’s crucial to handle encryption keys securely to protect sensitive information from potential threats. With the knowledge gained in this two-part series, you can confidently encrypt and decrypt large files in your PHP applications while maintaining data confidentiality and integrity. Happy coding!