OpenSSL
Extends AbstractAES Implements AesInterfaceOpenSSL encryption class
since |
4.0.0 |
---|---|
package |
Joomla CMS |
Methods
__construct
Constructor for this class
__construct() :
Response
mixed
decrypt
Decrypts a string. Returns the raw binary plaintext.
decrypt( cipherText, key) :
$ciphertext MUST start with the IV followed by the ciphertext, even for EBC data (the first block of data is dropped in EBC mode since there is no concept of IV in EBC).
WARNING: The returned plaintext is zero-padded to the algorithm's block size during encryption. You are advised to trim the string to the original plaintext's length upon decryption. While rtrim($decrypted, "\0") sounds appealing it's NOT the correct approach for binary data (zero bytes may actually be part of your plaintext, not just padding!).
Arguments
- cipherText
string
The ciphertext to encrypt- key
string
The raw binary key (will be zero-padded or chopped if its size is different than the block size)
Response
string
The raw unencrypted binary string.
encrypt
Encrypts a string. Returns the raw binary ciphertext.
encrypt( plainText, key, null|string iv = null) :
WARNING: The plaintext is zero-padded to the algorithm's block size. You are advised to store the size of the plaintext and trim the string to that length upon decryption.
Arguments
- plainText
string
The plaintext to encrypt- key
string
The raw binary key (will be zero-padded or chopped if its size is different than the block size)- iv
null|string
The initialization vector (for CBC mode algorithms)
Response
string
The raw encrypted binary string.
getBlockSize
Returns the encryption block size in bytes
getBlockSize() :
Response
int
getZeroPadding
Returns null bytes to append to the string so that it's zero padded to the specified block size
getZeroPadding( string, blockSize) :
Arguments
- string
string
The binary string which will be zero padded- blockSize
int
The block size
Response
string
The zero bytes to append to the string to zero pad it to $blockSize
isSupported
Is this adapter supported?
isSupported() :
Response
bool
resizeKey
Trims or zero-pads a key / IV
resizeKey( key, size) : null|string
Arguments
- key
string
The key or IV to treat- size
int
The block size of the currently used algorithm
Response
null|string
Null if $key is null, treated string of $size byte length otherwise
setEncryptionMode
Sets the AES encryption mode.
setEncryptionMode( mode = 'cbc', strength = 128) :
WARNING: The strength is deprecated as it has a different effect in MCrypt and OpenSSL. MCrypt was abandoned in 2003 before the Rijndael-128 algorithm was officially the Advanced Encryption Standard (AES). MCrypt also offered Rijndael-192 and Rijndael-256 algorithms with different block sizes. These are NOT used in AES. OpenSSL, however, implements AES correctly. It always uses a 128-bit (16 byte) block. The 192 and 256 bit strengths refer to the key size, not the block size. Therefore using different strengths in MCrypt and OpenSSL will result in different and incompatible ciphertexts.
TL;DR: Always use $strength = 128!
Arguments
- mode
string
Choose between CBC (recommended) or ECB- strength
int
Bit strength of the key (128, 192 or 256 bits). DEPRECATED. READ NOTES ABOVE.
Response
void
Properties
openSSLOptions
The OpenSSL options for encryption / decryption
Type(s)
int
method
The encryption method to use
Type(s)
string