-
-
Save RiANOl/1077723 to your computer and use it in GitHub Desktop.
AES128 / AES256 CBC with PKCS7Padding in PHP
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<? | |
function aes128_cbc_encrypt($key, $data, $iv) { | |
if(16 !== strlen($key)) $key = hash('MD5', $key, true); | |
if(16 !== strlen($iv)) $iv = hash('MD5', $iv, true); | |
$padding = 16 - (strlen($data) % 16); | |
$data .= str_repeat(chr($padding), $padding); | |
return mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, $iv); | |
} | |
function aes256_cbc_encrypt($key, $data, $iv) { | |
if(32 !== strlen($key)) $key = hash('SHA256', $key, true); | |
if(16 !== strlen($iv)) $iv = hash('MD5', $iv, true); | |
$padding = 16 - (strlen($data) % 16); | |
$data .= str_repeat(chr($padding), $padding); | |
return mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, $iv); | |
} | |
function aes128_cbc_decrypt($key, $data, $iv) { | |
if(16 !== strlen($key)) $key = hash('MD5', $key, true); | |
if(16 !== strlen($iv)) $iv = hash('MD5', $iv, true); | |
$data = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, $iv); | |
$padding = ord($data[strlen($data) - 1]); | |
return substr($data, 0, -$padding); | |
} | |
function aes256_cbc_decrypt($key, $data, $iv) { | |
if(32 !== strlen($key)) $key = hash('SHA256', $key, true); | |
if(16 !== strlen($iv)) $iv = hash('MD5', $iv, true); | |
$data = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, $iv); | |
$padding = ord($data[strlen($data) - 1]); | |
return substr($data, 0, -$padding); | |
} |
I'm not sure if there's another page explaining the context of this gist. For anyone who got here without context (e.g. from Google) - like I did - please note that creating an IV using str_repeat("\0", 16)
makes this code absolutely not production-ready! See Block cipher mode of operation at Wikipedia for more details. In short, "In CBC mode, the IV must... be unpredictable at encryption time."
@bojanmartin Yes, you must create it with http://php.net/manual/en/function.mcrypt-create-iv.php
Superb!
Nice ty !
it's deprecated on php 7+
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Nice ,,, keep it up