1

Using mcrypt I had a handy reference for cypher variables:

<?php

error_reporting(E_ERROR | E_PARSE);
$algorithms = mcrypt_list_algorithms();
$modes = mcrypt_list_modes();
echo '<table><th>Algorithm</th><th>Mode</th><th>Key Size</th><th>IV Size</th><th>Block Size</th>';
foreach ($algorithms as $algo) 
    {
    foreach ($modes as $mode) 
        {
        $key_size = mcrypt_get_key_size($algo,$mode);
        $iv_size = mcrypt_get_iv_size($algo,$mode);
        $block_size = mcrypt_get_block_size($algo,$mode);
        if($key_size != null) {echo '<tr><td>'.$algo.'</td><td>'.$mode.'</td><td>'.$key_size.'</td><td>'.$iv_size.'</td><td>'.$block_size.'</td></tr>';}
        }
    }
echo '</table>';

With openssl the only function I see available is iv size

Using the methods pioneered by famed developer Rube Goldberg I came up with:

<?php
$methods = openssl_get_cipher_methods();
$data = openssl_random_pseudo_bytes(1024);

echo '
    <style>
    table {border-collapse:collapse;}
    td {border:1px solid; width:100px; padding:0px 5px 0px 5px;text-align:center;}
    td.algo {text-align:left; width:200px;}
    </style>';
echo '<h3>ALL CYPHERS</h3><table><th>Algorithm</th><th>Key Size</th><th>IV Size</th>';
foreach($methods as $algo)
    {
    $key = openssl_random_pseudo_bytes(256);
    $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length($algo));
    do
        {
        $encrypted = openssl_encrypt($data,$algo,$key,OPENSSL_RAW_DATA,$iv);
        $key = substr($key,0,strlen($key)-1);
        $decrypted = openssl_decrypt($encrypted,$algo,$key,OPENSSL_RAW_DATA,$iv);
        }
    while($decrypted == $data);
    if(strlen($key)+1 == 256) {$longkey[] = $algo;}
    echo '<tr><td class="algo">'.$algo.'</td><td>'.(strlen($key)+1).'</td><td>'.strlen($iv).'</td></tr>';
    }
echo '</table>';
echo '<h3>LONG KEY CYPHERS</h3><table><th>Algorithm</th><th>Key Size</th><th>IV Size</th>';
foreach($longkey as $algo)
    {
    $key = openssl_random_pseudo_bytes(1024);
    $iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length($algo));
    do
        {
        $encrypted = openssl_encrypt($data,$algo,$key,OPENSSL_RAW_DATA,$iv);
        $key = substr($key,0,strlen($key)-1);
        $decrypted = openssl_decrypt($encrypted,$algo,$key,OPENSSL_RAW_DATA,$iv);
        }
    while($decrypted == $data);
    echo '<tr><td class="algo">'.$algo.'</td><td>'.(strlen($key)+1).'</td><td>'.strlen($iv).'</td></tr>';
    }
echo '</table>';
  1. There must be a more sensible way to do this
  2. I still don't have a block size
  3. Clearly, the very long keys (gcm, ede) are not synchronous algorithms since the following fails: if(openssl_decrypt($encrypted,$algo,$key,OPENSSL_RAW_DATA,$iv) != $data)

Any suggestions?

illusivetech
  • 139
  • 2
  • 7
  • Also see [Upgrading my encryption library from Mcrypt to OpenSSL](http://stackoverflow.com/q/43329513/608639), [Replace Mcrypt with OpenSSL](http://stackoverflow.com/q/9993909/608639) and [Preparing for removal of Mcrypt in PHP 7.2](http://stackoverflow.com/q/42696657/608639) – jww May 09 '17 at 17:45

0 Answers0