<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title>Encryption Filters</title> </head> <body><div class="manualnavbar" style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="filters.compression.html">Compression Filters</a></div> <div class="next" style="text-align: right; float: right;"><a href="transports.html">List of Supported Socket Transports</a></div> <div class="up"><a href="filters.html">List of Available Filters</a></div> <div class="home"><a href="index.html">PHP Manual</a></div> </div><hr /><div id="filters.encryption" class="section"> <h2 class="title">Encryption Filters</h2> <p class="para"> <div class="warning"><strong class="warning">Warning</strong><p class="simpara">This feature has been <em class="emphasis">DEPRECATED</em> as of PHP 7.1.0. Relying on this feature is highly discouraged.</p></div> </p> <p class="para"> Encryption filters are especially useful for file/stream encryption. </p> <p class="simpara"> <em>mcrypt.*</em> and <em>mdecrypt.*</em> provide symmetric encryption and decryption using libmcrypt. Both sets of filters support the same algorithms available to <a href="ref.mcrypt.html" class="link">mcrypt extension</a> in the form of <em>mcrypt.ciphername</em> where <code class="parameter">ciphername</code> is the name of the cipher as it would be passed to <span class="function"><a href="function.mcrypt-module-open.html" class="function">mcrypt_module_open()</a></span>. The following five filter parameters are also available: </p> <p class="para"> <table class="doctable table"> <caption><strong>mcrypt filter parameters</strong></caption> <thead> <tr> <th>Parameter</th> <th>Required?</th> <th>Default</th> <th>Sample Values</th> </tr> </thead> <tbody class="tbody"> <tr> <td>mode</td> <td>Optional</td> <td>cbc</td> <td>cbc, cfb, ecb, nofb, ofb, stream</td> </tr> <tr> <td>algorithms_dir</td> <td>Optional</td> <td>ini_get('mcrypt.algorithms_dir')</td> <td>Location of algorithms modules</td> </tr> <tr> <td>modes_dir</td> <td>Optional</td> <td>ini_get('mcrypt.modes_dir')</td> <td>Location of modes modules</td> </tr> <tr> <td>iv</td> <td>Required</td> <td>N/A</td> <td>Typically 8, 16, or 32 bytes of binary data. Depends on cipher</td> </tr> <tr> <td>key</td> <td>Required</td> <td>N/A</td> <td>Typically 8, 16, or 32 bytes of binary data. Depends on cipher</td> </tr> </tbody> </table> </p> <div class="example" id="example-6849"> <p><strong>Example #1 Encrypt/Decrypt with Blowfish</strong></p> <div class="example-contents"> <div class="phpcode"><code><span style="color: #000000"> <span style="color: #0000BB"><?php<br /></span><span style="color: #FF8000">//$key assumed to be previously generated<br /></span><span style="color: #0000BB">$iv_size </span><span style="color: #007700">= </span><span style="color: #0000BB">mcrypt_get_iv_size</span><span style="color: #007700">(</span><span style="color: #0000BB">MCRYPT_BLOWFISH</span><span style="color: #007700">, </span><span style="color: #0000BB">MCRYPT_MODE_CBC</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$iv </span><span style="color: #007700">= </span><span style="color: #0000BB">mcrypt_create_iv</span><span style="color: #007700">(</span><span style="color: #0000BB">$iv_size</span><span style="color: #007700">, </span><span style="color: #0000BB">MCRYPT_DEV_URANDOM</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$fp </span><span style="color: #007700">= </span><span style="color: #0000BB">fopen</span><span style="color: #007700">(</span><span style="color: #DD0000">'encrypted-file.enc'</span><span style="color: #007700">, </span><span style="color: #DD0000">'wb'</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">fwrite</span><span style="color: #007700">(</span><span style="color: #0000BB">$fp</span><span style="color: #007700">, </span><span style="color: #0000BB">$iv</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$opts </span><span style="color: #007700">= array(</span><span style="color: #DD0000">'mode'</span><span style="color: #007700">=></span><span style="color: #DD0000">'cbc'</span><span style="color: #007700">,</span><span style="color: #DD0000">'iv'</span><span style="color: #007700">=></span><span style="color: #0000BB">$iv</span><span style="color: #007700">, </span><span style="color: #DD0000">'key'</span><span style="color: #007700">=></span><span style="color: #0000BB">$key</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">stream_filter_append</span><span style="color: #007700">(</span><span style="color: #0000BB">$fp</span><span style="color: #007700">, </span><span style="color: #DD0000">'mcrypt.blowfish'</span><span style="color: #007700">, </span><span style="color: #0000BB">STREAM_FILTER_WRITE</span><span style="color: #007700">, </span><span style="color: #0000BB">$opts</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">fwrite</span><span style="color: #007700">(</span><span style="color: #0000BB">$fp</span><span style="color: #007700">, </span><span style="color: #DD0000">'message to encrypt'</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">fclose</span><span style="color: #007700">(</span><span style="color: #0000BB">$fp</span><span style="color: #007700">);<br /><br /></span><span style="color: #FF8000">//decrypt...<br /></span><span style="color: #0000BB">$fp </span><span style="color: #007700">= </span><span style="color: #0000BB">fopen</span><span style="color: #007700">(</span><span style="color: #DD0000">'encrypted-file.enc'</span><span style="color: #007700">, </span><span style="color: #DD0000">'rb'</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$iv </span><span style="color: #007700">= </span><span style="color: #0000BB">fread</span><span style="color: #007700">(</span><span style="color: #0000BB">$fp</span><span style="color: #007700">, </span><span style="color: #0000BB">$iv_size </span><span style="color: #007700">= </span><span style="color: #0000BB">mcrypt_get_iv_size</span><span style="color: #007700">(</span><span style="color: #0000BB">MCRYPT_BLOWFISH</span><span style="color: #007700">, </span><span style="color: #0000BB">MCRYPT_MODE_CBC</span><span style="color: #007700">));<br /></span><span style="color: #0000BB">$opts </span><span style="color: #007700">= array(</span><span style="color: #DD0000">'mode'</span><span style="color: #007700">=></span><span style="color: #DD0000">'cbc'</span><span style="color: #007700">,</span><span style="color: #DD0000">'iv'</span><span style="color: #007700">=></span><span style="color: #0000BB">$iv</span><span style="color: #007700">, </span><span style="color: #DD0000">'key'</span><span style="color: #007700">=></span><span style="color: #0000BB">$key</span><span style="color: #007700">)<br /></span><span style="color: #0000BB">stream_filter_append</span><span style="color: #007700">(</span><span style="color: #0000BB">$fp</span><span style="color: #007700">, </span><span style="color: #DD0000">'mdecrypt.blowfish'</span><span style="color: #007700">, </span><span style="color: #0000BB">STREAM_FILTER_READ</span><span style="color: #007700">, </span><span style="color: #0000BB">$opts</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$data </span><span style="color: #007700">= </span><span style="color: #0000BB">rtrim</span><span style="color: #007700">(</span><span style="color: #0000BB">stream_get_contents</span><span style="color: #007700">(</span><span style="color: #0000BB">$fp</span><span style="color: #007700">));</span><span style="color: #FF8000">//trims off null padding<br /></span><span style="color: #0000BB">fclose</span><span style="color: #007700">(</span><span style="color: #0000BB">$fp</span><span style="color: #007700">);<br />echo </span><span style="color: #0000BB">$data</span><span style="color: #007700">;<br /></span><span style="color: #0000BB">?></span> </span> </code></div> </div> </div> <div class="example" id="example-6850"> <p><strong>Example #2 Encrypt file using AES-128 CBC with SHA256 HMAC in PHP 5.5+</strong></p> <div class="example-contents"> <div class="phpcode"><code><span style="color: #000000"> <span style="color: #0000BB"><?php<br />AES_CBC</span><span style="color: #007700">::</span><span style="color: #0000BB">encryptFile</span><span style="color: #007700">(</span><span style="color: #0000BB">$password</span><span style="color: #007700">, </span><span style="color: #DD0000">"plaintext.txt"</span><span style="color: #007700">, </span><span style="color: #DD0000">"encrypted.enc"</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">AES_CBC</span><span style="color: #007700">::</span><span style="color: #0000BB">decryptFile</span><span style="color: #007700">(</span><span style="color: #0000BB">$password</span><span style="color: #007700">, </span><span style="color: #DD0000">"encrypted.enc"</span><span style="color: #007700">, </span><span style="color: #DD0000">"decrypted.txt"</span><span style="color: #007700">);<br /><br />class </span><span style="color: #0000BB">AES_CBC<br /></span><span style="color: #007700">{<br /> protected static </span><span style="color: #0000BB">$KEY_SIZES </span><span style="color: #007700">= array(</span><span style="color: #DD0000">'AES-128'</span><span style="color: #007700">=></span><span style="color: #0000BB">16</span><span style="color: #007700">,</span><span style="color: #DD0000">'AES-192'</span><span style="color: #007700">=></span><span style="color: #0000BB">24</span><span style="color: #007700">,</span><span style="color: #DD0000">'AES-256'</span><span style="color: #007700">=></span><span style="color: #0000BB">32</span><span style="color: #007700">);<br /> protected static function </span><span style="color: #0000BB">key_size</span><span style="color: #007700">() { return </span><span style="color: #0000BB">self</span><span style="color: #007700">::</span><span style="color: #0000BB">$KEY_SIZES</span><span style="color: #007700">[</span><span style="color: #DD0000">'AES-128'</span><span style="color: #007700">]; } </span><span style="color: #FF8000">//default AES-128<br /> </span><span style="color: #007700">public static function </span><span style="color: #0000BB">encryptFile</span><span style="color: #007700">(</span><span style="color: #0000BB">$password</span><span style="color: #007700">, </span><span style="color: #0000BB">$input_stream</span><span style="color: #007700">, </span><span style="color: #0000BB">$aes_filename</span><span style="color: #007700">){<br /> </span><span style="color: #0000BB">$iv_size </span><span style="color: #007700">= </span><span style="color: #0000BB">mcrypt_get_iv_size</span><span style="color: #007700">(</span><span style="color: #0000BB">MCRYPT_RIJNDAEL_128</span><span style="color: #007700">, </span><span style="color: #0000BB">MCRYPT_MODE_CBC</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$fin </span><span style="color: #007700">= </span><span style="color: #0000BB">fopen</span><span style="color: #007700">(</span><span style="color: #0000BB">$input_stream</span><span style="color: #007700">, </span><span style="color: #DD0000">"rb"</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$fc </span><span style="color: #007700">= </span><span style="color: #0000BB">fopen</span><span style="color: #007700">(</span><span style="color: #0000BB">$aes_filename</span><span style="color: #007700">, </span><span style="color: #DD0000">"wb+"</span><span style="color: #007700">);<br /> if (!empty(</span><span style="color: #0000BB">$fin</span><span style="color: #007700">) && !empty(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">)) {<br /> </span><span style="color: #0000BB">fwrite</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">, </span><span style="color: #0000BB">str_repeat</span><span style="color: #007700">(</span><span style="color: #DD0000">"_"</span><span style="color: #007700">, </span><span style="color: #0000BB">32</span><span style="color: #007700">) );</span><span style="color: #FF8000">//placeholder, SHA256 HMAC will go here later<br /> </span><span style="color: #0000BB">fwrite</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">, </span><span style="color: #0000BB">$hmac_salt </span><span style="color: #007700">= </span><span style="color: #0000BB">mcrypt_create_iv</span><span style="color: #007700">(</span><span style="color: #0000BB">$iv_size</span><span style="color: #007700">, </span><span style="color: #0000BB">MCRYPT_DEV_URANDOM</span><span style="color: #007700">));<br /> </span><span style="color: #0000BB">fwrite</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">, </span><span style="color: #0000BB">$esalt </span><span style="color: #007700">= </span><span style="color: #0000BB">mcrypt_create_iv</span><span style="color: #007700">(</span><span style="color: #0000BB">$iv_size</span><span style="color: #007700">, </span><span style="color: #0000BB">MCRYPT_DEV_URANDOM</span><span style="color: #007700">));<br /> </span><span style="color: #0000BB">fwrite</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">, </span><span style="color: #0000BB">$iv </span><span style="color: #007700">= </span><span style="color: #0000BB">mcrypt_create_iv</span><span style="color: #007700">(</span><span style="color: #0000BB">$iv_size</span><span style="color: #007700">, </span><span style="color: #0000BB">MCRYPT_DEV_URANDOM</span><span style="color: #007700">));<br /> </span><span style="color: #0000BB">$ekey </span><span style="color: #007700">= </span><span style="color: #0000BB">hash_pbkdf2</span><span style="color: #007700">(</span><span style="color: #DD0000">"sha256"</span><span style="color: #007700">, </span><span style="color: #0000BB">$password</span><span style="color: #007700">, </span><span style="color: #0000BB">$esalt</span><span style="color: #007700">, </span><span style="color: #0000BB">$it</span><span style="color: #007700">=</span><span style="color: #0000BB">1000</span><span style="color: #007700">, </span><span style="color: #0000BB">self</span><span style="color: #007700">::</span><span style="color: #0000BB">key_size</span><span style="color: #007700">(), </span><span style="color: #0000BB">$raw</span><span style="color: #007700">=</span><span style="color: #0000BB">true</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$opts </span><span style="color: #007700">= array(</span><span style="color: #DD0000">'mode'</span><span style="color: #007700">=></span><span style="color: #DD0000">'cbc'</span><span style="color: #007700">, </span><span style="color: #DD0000">'iv'</span><span style="color: #007700">=></span><span style="color: #0000BB">$iv</span><span style="color: #007700">, </span><span style="color: #DD0000">'key'</span><span style="color: #007700">=></span><span style="color: #0000BB">$ekey</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">stream_filter_append</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">, </span><span style="color: #DD0000">'mcrypt.rijndael-128'</span><span style="color: #007700">, </span><span style="color: #0000BB">STREAM_FILTER_WRITE</span><span style="color: #007700">, </span><span style="color: #0000BB">$opts</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$infilesize </span><span style="color: #007700">= </span><span style="color: #0000BB">0</span><span style="color: #007700">;<br /> while (!</span><span style="color: #0000BB">feof</span><span style="color: #007700">(</span><span style="color: #0000BB">$fin</span><span style="color: #007700">)) {<br /> </span><span style="color: #0000BB">$block </span><span style="color: #007700">= </span><span style="color: #0000BB">fread</span><span style="color: #007700">(</span><span style="color: #0000BB">$fin</span><span style="color: #007700">, </span><span style="color: #0000BB">8192</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$infilesize</span><span style="color: #007700">+=</span><span style="color: #0000BB">strlen</span><span style="color: #007700">(</span><span style="color: #0000BB">$block</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">fwrite</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">, </span><span style="color: #0000BB">$block</span><span style="color: #007700">);<br /> }<br /> </span><span style="color: #0000BB">$block_size </span><span style="color: #007700">= </span><span style="color: #0000BB">mcrypt_get_block_size</span><span style="color: #007700">(</span><span style="color: #0000BB">MCRYPT_RIJNDAEL_128</span><span style="color: #007700">, </span><span style="color: #0000BB">MCRYPT_MODE_CBC</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$padding </span><span style="color: #007700">= </span><span style="color: #0000BB">$block_size </span><span style="color: #007700">- (</span><span style="color: #0000BB">$infilesize </span><span style="color: #007700">% </span><span style="color: #0000BB">$block_size</span><span style="color: #007700">);</span><span style="color: #FF8000">//$padding is a number from 1-16<br /> </span><span style="color: #0000BB">fwrite</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">, </span><span style="color: #0000BB">str_repeat</span><span style="color: #007700">(</span><span style="color: #0000BB">chr</span><span style="color: #007700">(</span><span style="color: #0000BB">$padding</span><span style="color: #007700">), </span><span style="color: #0000BB">$padding</span><span style="color: #007700">) );</span><span style="color: #FF8000">//perform PKCS7 padding<br /> </span><span style="color: #0000BB">fclose</span><span style="color: #007700">(</span><span style="color: #0000BB">$fin</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">fclose</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$hmac_raw </span><span style="color: #007700">= </span><span style="color: #0000BB">self</span><span style="color: #007700">::</span><span style="color: #0000BB">calculate_hmac_after_32bytes</span><span style="color: #007700">(</span><span style="color: #0000BB">$password</span><span style="color: #007700">, </span><span style="color: #0000BB">$hmac_salt</span><span style="color: #007700">, </span><span style="color: #0000BB">$aes_filename</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$fc </span><span style="color: #007700">= </span><span style="color: #0000BB">fopen</span><span style="color: #007700">(</span><span style="color: #0000BB">$aes_filename</span><span style="color: #007700">, </span><span style="color: #DD0000">"rb+"</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">fwrite</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">, </span><span style="color: #0000BB">$hmac_raw</span><span style="color: #007700">);</span><span style="color: #FF8000">//overwrite placeholder<br /> </span><span style="color: #0000BB">fclose</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">);<br /> }<br /> }<br /> public static function </span><span style="color: #0000BB">decryptFile</span><span style="color: #007700">(</span><span style="color: #0000BB">$password</span><span style="color: #007700">, </span><span style="color: #0000BB">$aes_filename</span><span style="color: #007700">, </span><span style="color: #0000BB">$out_stream</span><span style="color: #007700">) {<br /> </span><span style="color: #0000BB">$iv_size </span><span style="color: #007700">= </span><span style="color: #0000BB">mcrypt_get_iv_size</span><span style="color: #007700">(</span><span style="color: #0000BB">MCRYPT_RIJNDAEL_128</span><span style="color: #007700">, </span><span style="color: #0000BB">MCRYPT_MODE_CBC</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$hmac_raw </span><span style="color: #007700">= </span><span style="color: #0000BB">file_get_contents</span><span style="color: #007700">(</span><span style="color: #0000BB">$aes_filename</span><span style="color: #007700">, </span><span style="color: #0000BB">false</span><span style="color: #007700">, </span><span style="color: #0000BB">NULL</span><span style="color: #007700">, </span><span style="color: #0000BB">0</span><span style="color: #007700">, </span><span style="color: #0000BB">32</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$hmac_salt </span><span style="color: #007700">= </span><span style="color: #0000BB">file_get_contents</span><span style="color: #007700">(</span><span style="color: #0000BB">$aes_filename</span><span style="color: #007700">, </span><span style="color: #0000BB">false</span><span style="color: #007700">, </span><span style="color: #0000BB">NULL</span><span style="color: #007700">, </span><span style="color: #0000BB">32</span><span style="color: #007700">, </span><span style="color: #0000BB">$iv_size</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$hmac_calc </span><span style="color: #007700">= </span><span style="color: #0000BB">self</span><span style="color: #007700">::</span><span style="color: #0000BB">calculate_hmac_after_32bytes</span><span style="color: #007700">(</span><span style="color: #0000BB">$password</span><span style="color: #007700">, </span><span style="color: #0000BB">$hmac_salt</span><span style="color: #007700">, </span><span style="color: #0000BB">$aes_filename</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$fc </span><span style="color: #007700">= </span><span style="color: #0000BB">fopen</span><span style="color: #007700">(</span><span style="color: #0000BB">$aes_filename</span><span style="color: #007700">, </span><span style="color: #DD0000">"rb"</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$fout </span><span style="color: #007700">= </span><span style="color: #0000BB">fopen</span><span style="color: #007700">(</span><span style="color: #0000BB">$out_stream</span><span style="color: #007700">, </span><span style="color: #DD0000">'wb'</span><span style="color: #007700">);<br /> if (!empty(</span><span style="color: #0000BB">$fout</span><span style="color: #007700">) && !empty(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">) && </span><span style="color: #0000BB">self</span><span style="color: #007700">::</span><span style="color: #0000BB">hash_equals</span><span style="color: #007700">(</span><span style="color: #0000BB">$hmac_raw</span><span style="color: #007700">,</span><span style="color: #0000BB">$hmac_calc</span><span style="color: #007700">)) {<br /> </span><span style="color: #0000BB">fread</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">, </span><span style="color: #0000BB">32</span><span style="color: #007700">+</span><span style="color: #0000BB">$iv_size</span><span style="color: #007700">);</span><span style="color: #FF8000">//skip sha256 hmac and salt<br /> </span><span style="color: #0000BB">$esalt </span><span style="color: #007700">= </span><span style="color: #0000BB">fread</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">, </span><span style="color: #0000BB">$iv_size</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$iv </span><span style="color: #007700">= </span><span style="color: #0000BB">fread</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">, </span><span style="color: #0000BB">$iv_size</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$ekey </span><span style="color: #007700">= </span><span style="color: #0000BB">hash_pbkdf2</span><span style="color: #007700">(</span><span style="color: #DD0000">"sha256"</span><span style="color: #007700">, </span><span style="color: #0000BB">$password</span><span style="color: #007700">, </span><span style="color: #0000BB">$esalt</span><span style="color: #007700">, </span><span style="color: #0000BB">$it</span><span style="color: #007700">=</span><span style="color: #0000BB">1000</span><span style="color: #007700">, </span><span style="color: #0000BB">self</span><span style="color: #007700">::</span><span style="color: #0000BB">key_size</span><span style="color: #007700">(), </span><span style="color: #0000BB">$raw</span><span style="color: #007700">=</span><span style="color: #0000BB">true</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$opts </span><span style="color: #007700">= array(</span><span style="color: #DD0000">'mode'</span><span style="color: #007700">=></span><span style="color: #DD0000">'cbc'</span><span style="color: #007700">, </span><span style="color: #DD0000">'iv'</span><span style="color: #007700">=></span><span style="color: #0000BB">$iv</span><span style="color: #007700">, </span><span style="color: #DD0000">'key'</span><span style="color: #007700">=></span><span style="color: #0000BB">$ekey</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">stream_filter_append</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">, </span><span style="color: #DD0000">'mdecrypt.rijndael-128'</span><span style="color: #007700">, </span><span style="color: #0000BB">STREAM_FILTER_READ</span><span style="color: #007700">, </span><span style="color: #0000BB">$opts</span><span style="color: #007700">);<br /> while (!</span><span style="color: #0000BB">feof</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">)) {<br /> </span><span style="color: #0000BB">$block </span><span style="color: #007700">= </span><span style="color: #0000BB">fread</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">, </span><span style="color: #0000BB">8192</span><span style="color: #007700">);<br /> if (</span><span style="color: #0000BB">feof</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">)) {<br /> </span><span style="color: #0000BB">$padding </span><span style="color: #007700">= </span><span style="color: #0000BB">ord</span><span style="color: #007700">(</span><span style="color: #0000BB">$block</span><span style="color: #007700">[</span><span style="color: #0000BB">strlen</span><span style="color: #007700">(</span><span style="color: #0000BB">$block</span><span style="color: #007700">) - </span><span style="color: #0000BB">1</span><span style="color: #007700">]);</span><span style="color: #FF8000">//assume PKCS7 padding<br /> </span><span style="color: #0000BB">$block </span><span style="color: #007700">= </span><span style="color: #0000BB">substr</span><span style="color: #007700">(</span><span style="color: #0000BB">$block</span><span style="color: #007700">, </span><span style="color: #0000BB">0</span><span style="color: #007700">, </span><span style="color: #0000BB">0</span><span style="color: #007700">-</span><span style="color: #0000BB">$padding</span><span style="color: #007700">);<br /> }<br /> </span><span style="color: #0000BB">fwrite</span><span style="color: #007700">(</span><span style="color: #0000BB">$fout</span><span style="color: #007700">, </span><span style="color: #0000BB">$block</span><span style="color: #007700">);<br /> }<br /> </span><span style="color: #0000BB">fclose</span><span style="color: #007700">(</span><span style="color: #0000BB">$fout</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">fclose</span><span style="color: #007700">(</span><span style="color: #0000BB">$fc</span><span style="color: #007700">);<br /> }<br /> }<br /> private static function </span><span style="color: #0000BB">hash_equals</span><span style="color: #007700">(</span><span style="color: #0000BB">$str1</span><span style="color: #007700">, </span><span style="color: #0000BB">$str2</span><span style="color: #007700">) {<br /> if(</span><span style="color: #0000BB">strlen</span><span style="color: #007700">(</span><span style="color: #0000BB">$str1</span><span style="color: #007700">) == </span><span style="color: #0000BB">strlen</span><span style="color: #007700">(</span><span style="color: #0000BB">$str2</span><span style="color: #007700">)) {<br /> </span><span style="color: #0000BB">$res </span><span style="color: #007700">= </span><span style="color: #0000BB">$str1 </span><span style="color: #007700">^ </span><span style="color: #0000BB">$str2</span><span style="color: #007700">;<br /> for(</span><span style="color: #0000BB">$ret</span><span style="color: #007700">=</span><span style="color: #0000BB">0</span><span style="color: #007700">,</span><span style="color: #0000BB">$i </span><span style="color: #007700">= </span><span style="color: #0000BB">strlen</span><span style="color: #007700">(</span><span style="color: #0000BB">$res</span><span style="color: #007700">) - </span><span style="color: #0000BB">1</span><span style="color: #007700">; </span><span style="color: #0000BB">$i </span><span style="color: #007700">>= </span><span style="color: #0000BB">0</span><span style="color: #007700">; </span><span style="color: #0000BB">$i</span><span style="color: #007700">--) </span><span style="color: #0000BB">$ret </span><span style="color: #007700">|= </span><span style="color: #0000BB">ord</span><span style="color: #007700">(</span><span style="color: #0000BB">$res</span><span style="color: #007700">[</span><span style="color: #0000BB">$i</span><span style="color: #007700">]);<br /> return !</span><span style="color: #0000BB">$ret</span><span style="color: #007700">;<br /> }<br /> return </span><span style="color: #0000BB">false</span><span style="color: #007700">;<br /> }<br /> private static function </span><span style="color: #0000BB">calculate_hmac_after_32bytes</span><span style="color: #007700">(</span><span style="color: #0000BB">$password</span><span style="color: #007700">, </span><span style="color: #0000BB">$hsalt</span><span style="color: #007700">, </span><span style="color: #0000BB">$filename</span><span style="color: #007700">) {<br /> static </span><span style="color: #0000BB">$init</span><span style="color: #007700">=</span><span style="color: #0000BB">0</span><span style="color: #007700">;<br /> </span><span style="color: #0000BB">$init </span><span style="color: #007700">or </span><span style="color: #0000BB">$init </span><span style="color: #007700">= </span><span style="color: #0000BB">stream_filter_register</span><span style="color: #007700">(</span><span style="color: #DD0000">"user-filter.skipfirst32bytes"</span><span style="color: #007700">, </span><span style="color: #DD0000">"FileSkip32Bytes"</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$stream </span><span style="color: #007700">= </span><span style="color: #DD0000">'php://filter/read=user-filter.skipfirst32bytes/resource=' </span><span style="color: #007700">. </span><span style="color: #0000BB">$filename</span><span style="color: #007700">;<br /> </span><span style="color: #0000BB">$hkey </span><span style="color: #007700">= </span><span style="color: #0000BB">hash_pbkdf2</span><span style="color: #007700">(</span><span style="color: #DD0000">"sha256"</span><span style="color: #007700">, </span><span style="color: #0000BB">$password</span><span style="color: #007700">, </span><span style="color: #0000BB">$hsalt</span><span style="color: #007700">, </span><span style="color: #0000BB">$iterations</span><span style="color: #007700">=</span><span style="color: #0000BB">1000</span><span style="color: #007700">, </span><span style="color: #0000BB">24</span><span style="color: #007700">, </span><span style="color: #0000BB">$raw</span><span style="color: #007700">=</span><span style="color: #0000BB">true</span><span style="color: #007700">);<br /> return </span><span style="color: #0000BB">hash_hmac_file</span><span style="color: #007700">(</span><span style="color: #DD0000">'sha256'</span><span style="color: #007700">, </span><span style="color: #0000BB">$stream</span><span style="color: #007700">, </span><span style="color: #0000BB">$hkey</span><span style="color: #007700">, </span><span style="color: #0000BB">$raw</span><span style="color: #007700">=</span><span style="color: #0000BB">true</span><span style="color: #007700">);<br /> }<br />}<br />class </span><span style="color: #0000BB">FileSkip32Bytes </span><span style="color: #007700">extends </span><span style="color: #0000BB">php_user_filter<br /></span><span style="color: #007700">{<br /> private </span><span style="color: #0000BB">$skipped</span><span style="color: #007700">=</span><span style="color: #0000BB">0</span><span style="color: #007700">;<br /> function </span><span style="color: #0000BB">filter</span><span style="color: #007700">(</span><span style="color: #0000BB">$in</span><span style="color: #007700">, </span><span style="color: #0000BB">$out</span><span style="color: #007700">, &</span><span style="color: #0000BB">$consumed</span><span style="color: #007700">, </span><span style="color: #0000BB">$closing</span><span style="color: #007700">) {<br /> while (</span><span style="color: #0000BB">$bucket </span><span style="color: #007700">= </span><span style="color: #0000BB">stream_bucket_make_writeable</span><span style="color: #007700">(</span><span style="color: #0000BB">$in</span><span style="color: #007700">)) {<br /> </span><span style="color: #0000BB">$outlen </span><span style="color: #007700">= </span><span style="color: #0000BB">$bucket</span><span style="color: #007700">-></span><span style="color: #0000BB">datalen</span><span style="color: #007700">;<br /> if (</span><span style="color: #0000BB">$this</span><span style="color: #007700">-></span><span style="color: #0000BB">skipped</span><span style="color: #007700"><</span><span style="color: #0000BB">32</span><span style="color: #007700">){<br /> </span><span style="color: #0000BB">$outlen </span><span style="color: #007700">= </span><span style="color: #0000BB">min</span><span style="color: #007700">(</span><span style="color: #0000BB">$bucket</span><span style="color: #007700">-></span><span style="color: #0000BB">datalen</span><span style="color: #007700">,</span><span style="color: #0000BB">32</span><span style="color: #007700">-</span><span style="color: #0000BB">$this</span><span style="color: #007700">-></span><span style="color: #0000BB">skipped</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$bucket</span><span style="color: #007700">-></span><span style="color: #0000BB">data </span><span style="color: #007700">= </span><span style="color: #0000BB">substr</span><span style="color: #007700">(</span><span style="color: #0000BB">$bucket</span><span style="color: #007700">-></span><span style="color: #0000BB">data</span><span style="color: #007700">, </span><span style="color: #0000BB">$outlen</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$bucket</span><span style="color: #007700">-></span><span style="color: #0000BB">datalen </span><span style="color: #007700">= </span><span style="color: #0000BB">$bucket</span><span style="color: #007700">-></span><span style="color: #0000BB">datalen</span><span style="color: #007700">-</span><span style="color: #0000BB">$outlen</span><span style="color: #007700">;<br /> </span><span style="color: #0000BB">$this</span><span style="color: #007700">-></span><span style="color: #0000BB">skipped</span><span style="color: #007700">+=</span><span style="color: #0000BB">$outlen</span><span style="color: #007700">;<br /> }<br /> </span><span style="color: #0000BB">$consumed </span><span style="color: #007700">+= </span><span style="color: #0000BB">$outlen</span><span style="color: #007700">;<br /> </span><span style="color: #0000BB">stream_bucket_append</span><span style="color: #007700">(</span><span style="color: #0000BB">$out</span><span style="color: #007700">, </span><span style="color: #0000BB">$bucket</span><span style="color: #007700">);<br /> }<br /> return </span><span style="color: #0000BB">PSFS_PASS_ON</span><span style="color: #007700">;<br /> }<br />}<br />class </span><span style="color: #0000BB">AES_128_CBC </span><span style="color: #007700">extends </span><span style="color: #0000BB">AES_CBC </span><span style="color: #007700">{<br /> protected static function </span><span style="color: #0000BB">key_size</span><span style="color: #007700">() { return </span><span style="color: #0000BB">self</span><span style="color: #007700">::</span><span style="color: #0000BB">$KEY_SIZES</span><span style="color: #007700">[</span><span style="color: #DD0000">'AES-128'</span><span style="color: #007700">]; }<br />}<br />class </span><span style="color: #0000BB">AES_192_CBC </span><span style="color: #007700">extends </span><span style="color: #0000BB">AES_CBC </span><span style="color: #007700">{<br /> protected static function </span><span style="color: #0000BB">key_size</span><span style="color: #007700">() { return </span><span style="color: #0000BB">self</span><span style="color: #007700">::</span><span style="color: #0000BB">$KEY_SIZES</span><span style="color: #007700">[</span><span style="color: #DD0000">'AES-192'</span><span style="color: #007700">]; }<br />}<br />class </span><span style="color: #0000BB">AES_256_CBC </span><span style="color: #007700">extends </span><span style="color: #0000BB">AES_CBC </span><span style="color: #007700">{<br /> protected static function </span><span style="color: #0000BB">key_size</span><span style="color: #007700">() { return </span><span style="color: #0000BB">self</span><span style="color: #007700">::</span><span style="color: #0000BB">$KEY_SIZES</span><span style="color: #007700">[</span><span style="color: #DD0000">'AES-256'</span><span style="color: #007700">]; }<br />}</span> </span> </code></div> </div> </div> </div><hr /><div class="manualnavbar" style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="filters.compression.html">Compression Filters</a></div> <div class="next" style="text-align: right; float: right;"><a href="transports.html">List of Supported Socket Transports</a></div> <div class="up"><a href="filters.html">List of Available Filters</a></div> <div class="home"><a href="index.html">PHP Manual</a></div> </div></body></html>