Class FOFEncryptAesOpenssl
Abstract AES encryption class
-
FOFEncryptAesAbstract
-
FOFEncryptAesOpenssl
implements
FOFEncryptAesInterface
Methods summary
public
|
|
public
mixed
|
#
setEncryptionMode( string $mode = 'cbc', integer $strength = 128 )
Sets the AES encryption mode.
Sets the AES encryption mode.
WARNING: The strength is deprecated as it has a different effect in MCrypt
and OpenSSL. MCrypt was abandoned in 2003 before the Rijndael-128 algorithm was
officially the Advanced Encryption Standard (AES). MCrypt also offered
Rijndael-192 and Rijndael-256 algorithms with different block sizes. These are
NOT used in AES. OpenSSL, however, implements AES correctly. It always uses a
128-bit (16 byte) block. The 192 and 256 bit strengths refer to the key size,
not the block size. Therefore using different strengths in MCrypt and OpenSSL
will result in different and incompatible ciphertexts.
TL;DR: Always use $strength = 128!
Parameters
- $mode
string - $mode Choose between CBC (recommended) or ECB- $strength
integer - $strength Bit strength of the key (128, 192 or 256 bits). DEPRECATED. READ NOTES
ABOVE. Returns
mixed
Implementation of
|
public
string
|
#
encrypt( string $plainText, string $key, null|string $iv = null )
Encrypts a string. Returns the raw binary ciphertext.
Encrypts a string. Returns the raw binary ciphertext.
WARNING: The plaintext is zero-padded to the algorithm's block size. You are
advised to store the size of the plaintext and trim the string to that length
upon decryption.
Parameters
- $plainText
string - $plainText The plaintext to encrypt- $key
string - $key The raw binary key (will be zero-padded or chopped if its size is different
than the block size)- $iv
null|string - $iv The initialization vector (for CBC mode algorithms) Returns
string - The raw encrypted binary string.
Implementation of
|
public
string
|
#
decrypt( string $cipherText, string $key )
Decrypts a string. Returns the raw binary plaintext.
Decrypts a string. Returns the raw binary plaintext.
$ciphertext MUST start with the IV followed by the ciphertext, even for EBC
data (the first block of data is dropped in EBC mode since there is no concept
of IV in EBC).
WARNING: The returned plaintext is zero-padded to the algorithm's block size
during encryption. You are advised to trim the string to the original
plaintext's length upon decryption. While rtrim($decrypted, "\0") sounds
appealing it's NOT the correct approach for binary data (zero bytes may actually
be part of your plaintext, not just padding!).
Parameters
- $cipherText
string - $cipherText The ciphertext to encrypt- $key
string - $key The raw binary key (will be zero-padded or chopped if its size is different
than the block size) Returns
string - The raw unencrypted binary string.
Implementation of
|
public
boolean
|
#
isSupported( FOFUtilsPhpfunc $phpfunc = null )
Is this adapter supported?
Is this adapter supported?
Parameters
Returns
boolean
Implementation of
|
public
integer
|
|
getZeroPadding(),
resizeKey()
Magic methods summary
Properties summary
protected
integer
|
$openSSLOptions
|
#
The OpenSSL options for encryption / decryption
The OpenSSL options for encryption / decryption
|
protected
string
|
$method
|
#
The encryption method to use
The encryption method to use
|
