14.8.1 Problem
14.8.2 Solution
$key = 'That golden key that opes the palace of eternity.'; $data = 'The chicken escapes at dawn. Send help with Mr. Blue.'; $alg = MCRYPT_BLOWFISH; $mode = MCRYPT_MODE_CBC; $iv = mcrypt_create_iv(mcrypt_get_iv_size($alg,$mode),MCRYPT_DEV_URANDOM); $encrypted_data = mcrypt_encrypt($alg, $key, $data, $mode, $iv); $plain_text = base64_encode($encrypted_data); print $plain_text."\n"; $decoded = mcrypt_decrypt($alg,$key,base64_decode($plain_text),$mode,$iv); print $decoded."\n"; NNB9WnuCYjyd3Y7vUh7XDfWFCWnQY0BsMehHNmBHbGOdJ3cM+yghABb/XyrJ+w3xz9tms74/a70= The chicken escapes at dawn. Send help with Mr. Blue.
14.8.3 Discussion
The mcrypt extension is an interface with mcrypt,
a library that implements many different encryption algorithms. The data is
encrypted and decrypted by mcrypt_encrypt( ) and
mcrypt_decrypt( ), respectively. They each take five arguments. The
first is the algorithm to use. To find which algorithms mcrypt supports
on your system, call mcrypt_list_algorithms( ).
The full list of mcrypt algorithms is shown in Table 14-1. The second argument is the
encryption key; the third argument is the data to encrypt or decrypt. The fourth
argument is the mode for the encryption or decryption (a
list of supported modes is returned by mcrypt_list_modes( )). The fifth argument is an initialization vector (IV), used by some modes as part of
the encryption or decryption process.
Table 14-1
lists all the possible
mcrypt algorithms, including the constant value used to indicate the
algorithm, the key and block sizes in bits, and whether the algorithm is
supported by libmcrypt 2.2.x and 2.4.x.
|
Algorithm constant
|
Description
|
Key size
|
Block size
|
2.2.x
|
2.4.x
|
|---|---|---|---|---|---|
|
MCRYPT_3DES
|
Triple DES
|
168 (112 effective)
|
64
|
Yes
|
Yes
|
|
MCRYPT_TRIPLEDES
|
Triple DES
|
168 (112 effective)
|
64
|
No
|
Yes
|
|
MCRYPT_3WAY
|
3way (Joan Daemen)
|
96
|
96
|
Yes
|
No
|
|
MCRYPT_THREEWAY
|
3way
|
96
|
96
|
Yes
|
Yes
|
|
MCRYPT_BLOWFISH
|
Blowfish (Bruce Schneier)
|
Up to 448
|
64
|
No
|
Yes
|
|
MCRYPT_BLOWFISH_COMPAT
|
Blowfish with compatibility to other implementations
|
Up to 448
|
64
|
No
|
Yes
|
|
MCRYPT_BLOWFISH_128
|
Blowfish
|
128
|
64
|
Yes
|
No
|
|
MCRYPT_BLOWFISH_192
|
Blowfish
|
192
|
64
|
Yes
|
|
|
MCRYPT_BLOWFISH_256
|
Blowfish
|
256
|
64
|
Yes
|
No
|
|
MCRYPT_BLOWFISH_448
|
Blowfish
|
448
|
64
|
Yes
|
No
|
|
MCRYPT_CAST_128
|
CAST (Carlisle Adams and Stafford Tavares)
|
128
|
64
|
Yes
|
Yes
|
|
MCRYPT_CAST_256
|
CAST
|
256
|
128
|
Yes
|
Yes
|
|
MCRYPT_CRYPT
|
One-rotor Unix crypt
|
104
|
8
|
Yes
| |
|
MCRYPT_ENIGNA
|
One-rotor Unix crypt
|
104
|
8
|
No
|
Yes
|
|
MCRYPT_DES
|
U.S. Data Encryption Standard
|
56
|
64
|
Yes
|
Yes
|
|
MCRYPT_GOST
|
Soviet Gosudarstvennyi Standard ("Government Standard")
|
256
|
64
|
Yes
|
Yes
|
|
MCRYPT_IDEA
|
International Data Encryption Algorithm
|
128
|
64
|
Yes
|
Yes
|
|
MCRYPT_LOKI97
|
LOKI97 (Lawrie Brown, Josef Pieprzyk)
|
128, 192, or 256
|
64
|
Yes
|
Yes
|
|
MCRYPT_MARS
|
MARS (IBM)
|
128-448
|
128
|
No
|
Yes
|
|
MCRYPT_PANAMA
|
PANAMA (Joan Daemen, Craig Clapp)
|
-
|
Stream
|
No
|
Yes
|
|
MCRYPT_RC2
|
Rivest Cipher 2
|
8-1024
|
64
|
No
|
Yes
|
|
MCRYPT_RC2_1024
|
Rivest Cipher 2
|
1024
|
64
|
Yes
|
No
|
|
MCRYPT_RC2_128
|
Rivest Cipher 2
|
128
|
64
|
Yes
|
No
|
|
MCRYPT_RC2_256
|
Rivest Cipher 2
|
256
|
64
|
Yes
|
No
|
|
MCRYPT_RC4
|
Rivest Cipher 4
|
Up to 2048
|
Stream
|
Yes
|
No
|
|
MCRYPT_ARCFOUR
|
Non-trademarked RC4 compatible
|
Up to 2048
|
Stream
|
No
|
Yes
|
|
MCRYPT_ARCFOUR_IV
|
Arcfour with Initialization Vector
|
Up to 2048
|
Stream
|
No
|
Yes
|
|
MCRYPT_RC6
|
Rivest Cipher 6
|
128, 192, or 256
|
128
|
No
|
Yes
|
|
MCRYPT_RC6_128
|
Rivest Cipher 6
|
128
|
128
|
Yes
|
No
|
|
MCRYPT_RC6_192
|
Rivest Cipher 6
|
192
|
128
|
Yes
|
No
|
|
MCRYPT_RC6_256
|
Rivest Cipher 6
|
256
|
128
|
Yes
|
No
|
|
MCRYPT_RIJNDAEL_128
|
Rijndael (Joan Daemen, Vincent Rijmen)
|
128
|
128
|
Yes
|
Yes
|
|
MCRYPT_RIJNDAEL_192
|
Rijndael
|
192
|
192
|
Yes
|
Yes
|
|
MCRYPT_RIJNDAEL_256
|
Rijndael
|
256
|
256
|
Yes
|
Yes
|
|
MCRYPT_SAFERPLUS
|
SAFER+ (based on SAFER)
|
128, 192, or 256
|
128
|
Yes
|
Yes
|
|
MCRYPT_SAFER_128
|
Secure And Fast Encryption Routine with strengthened key
schedule
|
128
|
64
|
Yes
|
Yes
|
|
MCRYPT_SAFER_64
|
Secure And Fast Encryption Routine with strengthened
key
|
64
|
64
|
Yes
|
Yes
|
|
MCRYPT_SERPENT
|
Serpent (Ross Anderson, Eli Biham, Lars Knudsen)
|
128, 192, or 256
|
128
|
No
|
Yes
|
|
MCRYPT_SERPENT_128
|
Serpent
|
128
|
128
|
Yes
|
No
|
|
MCRYPT_SERPENT_192
|
Serpent
|
192
|
128
|
Yes
|
No
|
|
MCRYPT_SERPENT_256
|
Serpent
|
256
|
128
|
Yes
|
No
|
|
MCRYPT_SKIPJACK
|
U.S. NSA Clipper Escrowed Encryption Standard
|
80
|
64
|
No
|
Yes
|
|
MCRYPT_TWOFISH
|
Twofish (Counterpane Systems)
|
128, 192, or 256
|
128
|
No
|
Yes
|
|
MCRYPT_TWOFISH_128
|
Twofish
|
128
|
128
|
Yes
|
No
|
|
MCRYPT_TWOFISH_192
|
Twofish
|
192
|
128
|
Yes
|
No
|
|
MCRYPT_TWOFISH_256
|
Twofish
|
256
|
128
|
Yes
|
No
|
|
MCRYPT_WAKE
|
Word Auto Key Encryption (David Wheeler)
|
256
|
32
|
No
|
Yes
|
|
MCRYPT_XTEA
|
Extended Tiny Encryption Algorithm (David Wheeler, Roger
Needham)
|
128
|
64
|
Yes
|
Yes
|
Except for the
data to encrypt or decrypt, all the other arguments must be the same when
encrypting and decrypting. If you're using a mode that requires an
initialization vector, it's okay to pass the initialization vector in the clear
with the encrypted text.
The different modes are appropriate in different circumstances.
Cipher
Block Chaining (CBC) mode encrypts the data in blocks, and uses the encrypted
value of each block (as well as the key) to compute the encrypted value of the
next block. The initialization vector affects the encrypted value of the first
block. Cipher Feedback (CFB) and Output
Feedback (OFB) also use an initialization vector, but they encrypt data in units
smaller than the block size. Note that OFB mode has security problems if you
encrypt data in smaller units than its block size. Electronic Code Book (ECB) mode
encrypts data in discreet blocks that don't depend on each other. ECB mode
doesn't use an initialization vector. It is also less secure than other modes
for repeated use, because the same plaintext with a given key always produces
the same ciphertext. Constants to set each mode are
listed in Table 14-2.
|
Mode constant
|
Description
|
|---|---|
|
MCRYPT_MODE_ECB
|
Electronic Code Book mode
|
|
MCRYPT_MODE_CBC
|
Cipher Block Chaining mode
|
|
MCRYPT_MODE_CFB
|
Cipher Feedback mode
|
|
MCRYPT_MODE_OFB
|
Output Feedback mode with 8 bits of feedback
|
|
MCRYPT_MODE_NOFB
|
Output Feedback mode with n bits
of feedback, where n is the block size of the
algorithm used (libmcrypt 2.4 and higher only)
|
|
MCRYPT_MODE_STREAM
|
Stream Cipher mode, for algorithms such as RC4 and WAKE
(libmcrypt 2.4 and higher only)
|
Different algorithms have different block sizes. You can retrieve the block size for a
particular algorithm with mcrypt_get_block_size( ) . Similarly, the initialization
vector size is determined by the algorithm and the mode. mcrypt_create_iv(
) and mcrypt_get_iv_size( )
make it easy to create an appropriate random initialization vector:
$iv = mcrypt_create_iv(mcrypt_get_iv_size($alg,$mode),MCRYPT_DEV_URANDOM);
The first argument to mcrypt_create_iv( ) is the size
of the vector, and the second is a source of randomness. You have three choices for the source of
randomness. MCRYPT_DEV_RANDOM reads from the pseudodevice /dev/random, MCRYPT_DEV_URANDOM reads from the
pseudo-device /dev/urandom, and
MCRYPT_RAND uses an internal random number generator. Not all operating
systems support random-generating pseudo-devices. Make sure to call srand(
) before using MCRYPT_RAND in order to get
a nonrepeating random number stream.
The code and examples in this recipe are compatible with mcrypt 2.4. PHP's mcrypt interface supports both
mcrypt 2.2 and mcrypt 2.4, but there are
differences between the two. With mcrypt 2.2, PHP
supports only the following mcrypt functions: mcrypt_ecb( ),
mcrypt_cbc( ), mcrypt_cfb( ), mcrypt_ofb( ),
mcrypt_get_key_size( ), mcrypt_get_block_size( ),
mcrypt_get_cipher_name( ), and mcrypt_create_iv( ). To encrypt
or decrypt data with mcrypt 2.2, call the appropriate
mcrypt_MODE( ) function, based on what mode
you want to use, and pass it an argument that instructs it to encrypt or
decrypt. The following code is the mcrypt 2.2-compatible version of the
code in the Solution:
$key = 'That golden key that opes the palace of eternity.'; $data = 'The chicken escapes at dawn. Send help with Mr. Blue.'; $alg = MCRYPT_BLOWFISH; $iv = mcrypt_create_iv(mcrypt_get_block_size($alg),MCRYPT_DEV_URANDOM); $encrypted_data = mcrypt_cbc($alg,$key,$data,MCRYPT_ENCRYPT); $plain_text = base64_encode($encrypted_data); print $plain_text."\n"; $decoded = mcrypt_cbc($alg,$key,base64_decode($plain_text),MCRYPT_DECRYPT); print $decoded."\n";
