openssl_cipher_iv_length
(PHP 5 >= PHP 5.3.3)
openssl_cipher_iv_length — Gets the cipher iv length
Description
int openssl_cipher_iv_length
( string
$method
)Gets the cipher initialization vector (iv) length.
Parameters
-
method
-
The cipher method, see openssl_get_cipher_methods() for a list of potential values.
Return Values
Returns the cipher length on success, or FALSE
on failure.
Errors/Exceptions
Emits an E_WARNING
level error when the cipher algorithm
is unknown.
Examples
Example #1 openssl_cipher_iv_length() example
<?php
$method = 'AES-128-CBC';
$ivlen = openssl_cipher_iv_length($method);
echo $ivlen;
?>
The above example will output something similar to:
16
- PHP Руководство
- Функции по категориям
- Индекс функций
- Справочник функций
- Криптографические расширения
- OpenSSL
- openssl_cipher_iv_length
- openssl_csr_export_to_file
- openssl_csr_export
- openssl_csr_get_public_key
- openssl_csr_get_subject
- openssl_csr_new
- openssl_csr_sign
- openssl_decrypt
- openssl_dh_compute_key
- openssl_digest
- openssl_encrypt
- openssl_error_string
- openssl_free_key
- openssl_get_cert_locations
- openssl_get_cipher_methods
- openssl_get_md_methods
- openssl_get_privatekey
- openssl_get_publickey
- openssl_open
- openssl_pbkdf2
- openssl_pkcs12_export_to_file
- openssl_pkcs12_export
- openssl_pkcs12_read
- openssl_pkcs7_decrypt
- openssl_pkcs7_encrypt
- openssl_pkcs7_sign
- openssl_pkcs7_verify
- openssl_pkey_export_to_file
- openssl_pkey_export
- openssl_pkey_free
- openssl_pkey_get_details
- openssl_pkey_get_private
- openssl_pkey_get_public
- openssl_pkey_new
- openssl_private_decrypt
- openssl_private_encrypt
- openssl_public_decrypt
- openssl_public_encrypt
- openssl_random_pseudo_bytes
- openssl_seal
- openssl_sign
- openssl_spki_export_challenge
- openssl_spki_export
- openssl_spki_new
- openssl_spki_verify
- openssl_verify
- openssl_x509_check_private_key
- openssl_x509_checkpurpose
- openssl_x509_export_to_file
- openssl_x509_export
- openssl_x509_fingerprint
- openssl_x509_free
- openssl_x509_parse
- openssl_x509_read
Коментарии
The return value is a length in bytes. (Not bits, or anything else.)
<?php
$ciphers = openssl_get_cipher_methods();
//ECB mode should be avoided
$ciphers = array_filter($ciphers, function ($n) {
return stripos($n, "ecb") === FALSE;
});
// At least as early as Aug 2016, Openssl declared the following weak: RC2, RC4, DES, 3DES, MD5 based
$ciphers = array_filter($ciphers, function ($c) {
return stripos($c, "des") === FALSE;
});
$ciphers = array_filter($ciphers, function ($c) {
return stripos($c, "rc2") === FALSE;
});
$ciphers = array_filter($ciphers, function ($c) {
return stripos($c, "rc4") === FALSE;
});
$ciphers = array_filter($ciphers, function ($c) {
return stripos($c, "md5") === FALSE;
});
if (is_array($ciphers)) {
foreach ($ciphers as $cipher) {
echo $cipher.': ';
echo openssl_cipher_iv_length($cipher);
echo "<br>\n";
}
}
?>
Will be...
AES-xxx-xxx is 16
BF-xxx is 8
CAMELLIA-xxx is 16
CAST5-xxx is 8
IDEA-xxx is 8
SEED-xxx is 16
lower case:
aes-xxx-xxx are mixed between 16 and 12.
id-aes-xxx are mixed between 12 and 8.
The values above are tested with PHP 5.5 - 5.6 on Windows. In PHP 7.x is different than this.