Last active
June 13, 2016 17:31
-
-
Save gundamew/2f3705db4c421f1ddd2655a72697abc4 to your computer and use it in GitHub Desktop.
An AES encryption implementation in PHP with Mcrypt module.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * An AES encryption implementation in PHP with Mcrypt module. | |
| * | |
| * Key length is 256, CBC mode, and use PKCS#7 padding. | |
| * | |
| * Example: | |
| * $aes = new McryptAes256; | |
| * $encryptedString = $aes->encrypt($rawString); | |
| * $decryptedString = $aes->decrypt($encryptedString); | |
| * | |
| * Reference: | |
| * http://my.oschina.net/u/435872/blog/131799 | |
| */ | |
| class McryptAes256 { | |
| /** | |
| * Cipher name. MCRYPT_RIJNDAEL_128 is compliant with AES. | |
| * | |
| * @var string | |
| */ | |
| private $cipher = MCRYPT_RIJNDAEL_128; | |
| /** | |
| * Mode of operation. Choose CBC. | |
| * | |
| * @var string | |
| */ | |
| private $mode = MCRYPT_MODE_CBC; | |
| /** | |
| * Encryption key. The key length must be 256 bits to meet AES-256 requirements. | |
| * | |
| * @var string | |
| */ | |
| private $key = ''; | |
| /** | |
| * Initialization vector. 128 bits long is good. | |
| * | |
| * @var string | |
| */ | |
| private $iv = ''; | |
| /** | |
| * Setting encryption key and initialization vector. | |
| * | |
| * @param string $key | |
| * @param string $iv | |
| */ | |
| public function __construct($key = '', $iv = '') | |
| { | |
| $this->setKey($key); | |
| $this->setIv($iv); | |
| } | |
| /** | |
| * Encryption key setter. | |
| * | |
| * @param string $key | |
| */ | |
| private function setKey($key) | |
| { | |
| $this->key = (empty($key)) ? $this->getRandomString(mcrypt_get_key_size($this->cipher, $this->mode)) : $key; | |
| } | |
| /** | |
| * Initialization vector setter. | |
| * | |
| * @param string $iv | |
| */ | |
| private function setIv($iv) | |
| { | |
| $this->iv = (empty($iv)) ? mcrypt_create_iv(mcrypt_get_iv_size($this->cipher, $this->mode), MCRYPT_RAND) : $iv; | |
| } | |
| /** | |
| * Random string generator. | |
| * | |
| * @param int $length | |
| * | |
| * @return string | |
| */ | |
| private function getRandomString($length) | |
| { | |
| return substr(md5(time()), 0, $length); | |
| } | |
| /** | |
| * Encrypt input string with Mcrypt. | |
| * | |
| * @param string $rawString | |
| * | |
| * @return string | |
| */ | |
| public function encrypt($rawString) | |
| { | |
| $paddedString = $this->pkcs7Padding($rawString); | |
| $encryptedBin = mcrypt_encrypt($this->cipher, $this->key, $paddedString, $this->mode, $this->iv); | |
| return base64_encode($encryptedBin); | |
| } | |
| /** | |
| * Decrypt Mcrypt encrypted string. | |
| * | |
| * @param string $encryptedString | |
| * | |
| * @return string | |
| */ | |
| public function decrypt($encryptedString) | |
| { | |
| $encryptedBin = base64_decode($encryptedString); | |
| $decryptedString = mcrypt_decrypt($this->cipher, $this->key, $encryptedBin, $this->mode, $this->iv); | |
| // Remove padding bytes | |
| $blockSize = mcrypt_get_block_size($this->cipher, $this->mode); | |
| $lastChar = substr($decryptedString, -1, 1); | |
| $paddingSize = ord($lastChar); | |
| $originSize = $blockSize - $paddingSize; | |
| return substr($decryptedString, 0, $originSize); | |
| } | |
| /** | |
| * Use PKCS#7 padding. See https://en.wikipedia.org/wiki/Padding_(cryptography)#PKCS7 for more information. | |
| * | |
| * @param string $rawString | |
| * | |
| * @return string | |
| */ | |
| private function pkcs7Padding($rawString) | |
| { | |
| $blockSize = mcrypt_get_block_size($this->cipher, $this->mode); | |
| $paddingSize = $blockSize - (strlen($rawString) % $blockSize); | |
| $paddingChar = chr($paddingSize); | |
| return $rawString . str_repeat($paddingChar, $paddingSize); | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment