OpenSSL
Extends AbstractAES Implements AesInterfaceOpenSSL encryption class
| since |
4.0.0 |
|---|---|
| package |
Joomla CMS |
Methods
__construct
Constructor for this class
__construct() :
Response
mixed
decrypt
Decrypts a string. Returns the raw binary plaintext.
decrypt( cipherText, key) :
$ciphertext MUST start with the IV followed by the ciphertext, even for EBC data (the first block of data is dropped in EBC mode since there is no concept of IV in EBC).
WARNING: The returned plaintext is zero-padded to the algorithm's block size during encryption. You are advised to trim the string to the original plaintext's length upon decryption. While rtrim($decrypted, "\0") sounds appealing it's NOT the correct approach for binary data (zero bytes may actually be part of your plaintext, not just padding!).
Arguments
- cipherText
stringThe ciphertext to encrypt- key
stringThe raw binary key (will be zero-padded or chopped if its size is different than the block size)
Response
stringThe raw unencrypted binary string.
encrypt
Encrypts a string. Returns the raw binary ciphertext.
encrypt( plainText, key, null|string iv = null) :
WARNING: The plaintext is zero-padded to the algorithm's block size. You are advised to store the size of the plaintext and trim the string to that length upon decryption.
Arguments
- plainText
stringThe plaintext to encrypt- key
stringThe raw binary key (will be zero-padded or chopped if its size is different than the block size)- iv
null|stringThe initialization vector (for CBC mode algorithms)
Response
stringThe raw encrypted binary string.
getBlockSize
Returns the encryption block size in bytes
getBlockSize() :
Response
int
getZeroPadding
Returns null bytes to append to the string so that it's zero padded to the specified block size
getZeroPadding( string, blockSize) :
Arguments
- string
stringThe binary string which will be zero padded- blockSize
intThe block size
Response
stringThe zero bytes to append to the string to zero pad it to $blockSize
isSupported
Is this adapter supported?
isSupported() :
Response
bool
resizeKey
Trims or zero-pads a key / IV
resizeKey( key, size) : null|string
Arguments
- key
stringThe key or IV to treat- size
intThe block size of the currently used algorithm
Response
null|stringNull if $key is null, treated string of $size byte length otherwise
setEncryptionMode
Sets the AES encryption mode.
setEncryptionMode( mode = 'cbc', strength = 128) :
WARNING: The strength is deprecated as it has a different effect in MCrypt and OpenSSL. MCrypt was abandoned in 2003 before the Rijndael-128 algorithm was officially the Advanced Encryption Standard (AES). MCrypt also offered Rijndael-192 and Rijndael-256 algorithms with different block sizes. These are NOT used in AES. OpenSSL, however, implements AES correctly. It always uses a 128-bit (16 byte) block. The 192 and 256 bit strengths refer to the key size, not the block size. Therefore using different strengths in MCrypt and OpenSSL will result in different and incompatible ciphertexts.
TL;DR: Always use $strength = 128!
Arguments
- mode
stringChoose between CBC (recommended) or ECB- strength
intBit strength of the key (128, 192 or 256 bits). DEPRECATED. READ NOTES ABOVE.
Response
void
Properties
openSSLOptions
The OpenSSL options for encryption / decryption
Type(s)
int
method
The encryption method to use
Type(s)
string