<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <title>Encrypts plaintext with given parameters</title> </head> <body><div class="manualnavbar" style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="function.mcrypt-enc-self-test.html">mcrypt_enc_self_test</a></div> <div class="next" style="text-align: right; float: right;"><a href="function.mcrypt-generic-deinit.html">mcrypt_generic_deinit</a></div> <div class="up"><a href="ref.mcrypt.html">Mcrypt Functions</a></div> <div class="home"><a href="index.html">PHP Manual</a></div> </div><hr /><div id="function.mcrypt-encrypt" class="refentry"> <div class="refnamediv"> <h1 class="refname">mcrypt_encrypt</h1> <p class="verinfo">(PHP 4 >= 4.0.2, PHP 5, PHP 7 < 7.2.0, PECL mcrypt >= 1.0.0)</p><p class="refpurpose"><span class="refname">mcrypt_encrypt</span> — <span class="dc-title">Encrypts plaintext with given parameters</span></p> </div> <div id="function.mcrypt-encrypt-refsynopsisdiv"> <div class="warning"><strong class="warning">Warning</strong><p class="simpara">This function has been <em class="emphasis">DEPRECATED</em> as of PHP 7.1.0. Relying on this function is highly discouraged.</p></div> </div> <div class="refsect1 description" id="refsect1-function.mcrypt-encrypt-description"> <h3 class="title">Description</h3> <div class="methodsynopsis dc-description"> <span class="type">string</span> <span class="methodname"><strong>mcrypt_encrypt</strong></span> ( <span class="methodparam"><span class="type">string</span> <code class="parameter">$cipher</code></span> , <span class="methodparam"><span class="type">string</span> <code class="parameter">$key</code></span> , <span class="methodparam"><span class="type">string</span> <code class="parameter">$data</code></span> , <span class="methodparam"><span class="type">string</span> <code class="parameter">$mode</code></span> [, <span class="methodparam"><span class="type">string</span> <code class="parameter">$iv</code></span> ] )</div> <p class="para rdfs-comment"> Encrypts the data and returns it. </p> </div> <div class="refsect1 parameters" id="refsect1-function.mcrypt-encrypt-parameters"> <h3 class="title">Parameters</h3> <p class="para"> <dl> <dt> <code class="parameter">cipher</code></dt> <dd> <p class="para">One of the <strong><code>MCRYPT_ciphername</code></strong> constants, or the name of the algorithm as string.</p> </dd> <dt> <code class="parameter">key</code></dt> <dd> <p class="para"> The key with which the data will be encrypted. If the provided key size is not supported by the cipher, the function will emit a warning and return <strong><code>FALSE</code></strong> </p> </dd> <dt> <code class="parameter">data</code></dt> <dd> <p class="para"> The data that will be encrypted with the given <code class="parameter">cipher</code> and <code class="parameter">mode</code>. If the size of the data is not n * blocksize, the data will be padded with '<em>\0</em>'. </p> <p class="para"> The returned crypttext can be larger than the size of the data that was given by <code class="parameter">data</code>. </p> </dd> <dt> <code class="parameter">mode</code></dt> <dd> <p class="para">One of the <strong><code>MCRYPT_MODE_modename</code></strong> constants, or one of the following strings: "ecb", "cbc", "cfb", "ofb", "nofb" or "stream".</p> </dd> <dt> <code class="parameter">iv</code></dt> <dd> <p class="para">Used for the initialization in CBC, CFB, OFB modes, and in some algorithms in STREAM mode. If the provided IV size is not supported by the chaining mode or no IV was provided, but the chaining mode requires one, the function will emit a warning and return <strong><code>FALSE</code></strong>.</p> </dd> </dl> </p> </div> <div class="refsect1 returnvalues" id="refsect1-function.mcrypt-encrypt-returnvalues"> <h3 class="title">Return Values</h3> <p class="para"> Returns the encrypted data as a string or <strong><code>FALSE</code></strong> on failure. </p> </div> <div class="refsect1 changelog" id="refsect1-function.mcrypt-encrypt-changelog"> <h3 class="title">Changelog</h3> <p class="para"> <table class="doctable informaltable"> <thead> <tr> <th>Version</th> <th>Description</th> </tr> </thead> <tbody class="tbody"> <tr> <td>5.6.0</td> <td> Invalid <code class="parameter">key</code> and <code class="parameter">iv</code> sizes are no longer accepted. <span class="function"><strong>mcrypt_encrypt()</strong></span> will now throw a warning and return <strong><code>FALSE</code></strong> if the inputs are invalid. Previously keys and IVs were padded with '<em>\0</em>' bytes to the next valid size. </td> </tr> </tbody> </table> </p> </div> <div class="refsect1 examples" id="refsect1-function.mcrypt-encrypt-examples"> <h3 class="title">Examples</h3> <p class="para"> <div class="example" id="example-940"> <p><strong>Example #1 <span class="function"><strong>mcrypt_encrypt()</strong></span> Example</strong></p> <div class="example-contents"> <div class="phpcode"><code><span style="color: #000000"> <span style="color: #0000BB"><?php<br /> </span><span style="color: #FF8000"># --- ENCRYPTION ---<br /><br /> # the key should be random binary, use scrypt, bcrypt or PBKDF2 to<br /> # convert a string into a key<br /> # key is specified using hexadecimal<br /> </span><span style="color: #0000BB">$key </span><span style="color: #007700">= </span><span style="color: #0000BB">pack</span><span style="color: #007700">(</span><span style="color: #DD0000">'H*'</span><span style="color: #007700">, </span><span style="color: #DD0000">"bcb04b7e103a0cd8b54763051cef08bc55abe029fdebae5e1d417e2ffb2a00a3"</span><span style="color: #007700">);<br /> <br /> </span><span style="color: #FF8000"># show key size use either 16, 24 or 32 byte keys for AES-128, 192<br /> # and 256 respectively<br /> </span><span style="color: #0000BB">$key_size </span><span style="color: #007700">= </span><span style="color: #0000BB">strlen</span><span style="color: #007700">(</span><span style="color: #0000BB">$key</span><span style="color: #007700">);<br /> echo </span><span style="color: #DD0000">"Key size: " </span><span style="color: #007700">. </span><span style="color: #0000BB">$key_size </span><span style="color: #007700">. </span><span style="color: #DD0000">"\n"</span><span style="color: #007700">;<br /> <br /> </span><span style="color: #0000BB">$plaintext </span><span style="color: #007700">= </span><span style="color: #DD0000">"This string was AES-256 / CBC / ZeroBytePadding encrypted."</span><span style="color: #007700">;<br /><br /> </span><span style="color: #FF8000"># create a random IV to use with CBC encoding<br /> </span><span style="color: #0000BB">$iv_size </span><span style="color: #007700">= </span><span style="color: #0000BB">mcrypt_get_iv_size</span><span style="color: #007700">(</span><span style="color: #0000BB">MCRYPT_RIJNDAEL_128</span><span style="color: #007700">, </span><span style="color: #0000BB">MCRYPT_MODE_CBC</span><span style="color: #007700">);<br /> </span><span style="color: #0000BB">$iv </span><span style="color: #007700">= </span><span style="color: #0000BB">mcrypt_create_iv</span><span style="color: #007700">(</span><span style="color: #0000BB">$iv_size</span><span style="color: #007700">, </span><span style="color: #0000BB">MCRYPT_RAND</span><span style="color: #007700">);<br /> <br /> </span><span style="color: #FF8000"># creates a cipher text compatible with AES (Rijndael block size = 128)<br /> # to keep the text confidential <br /> # only suitable for encoded input that never ends with value 00h<br /> # (because of default zero padding)<br /> </span><span style="color: #0000BB">$ciphertext </span><span style="color: #007700">= </span><span style="color: #0000BB">mcrypt_encrypt</span><span style="color: #007700">(</span><span style="color: #0000BB">MCRYPT_RIJNDAEL_128</span><span style="color: #007700">, </span><span style="color: #0000BB">$key</span><span style="color: #007700">,<br /> </span><span style="color: #0000BB">$plaintext</span><span style="color: #007700">, </span><span style="color: #0000BB">MCRYPT_MODE_CBC</span><span style="color: #007700">, </span><span style="color: #0000BB">$iv</span><span style="color: #007700">);<br /><br /> </span><span style="color: #FF8000"># prepend the IV for it to be available for decryption<br /> </span><span style="color: #0000BB">$ciphertext </span><span style="color: #007700">= </span><span style="color: #0000BB">$iv </span><span style="color: #007700">. </span><span style="color: #0000BB">$ciphertext</span><span style="color: #007700">;<br /> <br /> </span><span style="color: #FF8000"># encode the resulting cipher text so it can be represented by a string<br /> </span><span style="color: #0000BB">$ciphertext_base64 </span><span style="color: #007700">= </span><span style="color: #0000BB">base64_encode</span><span style="color: #007700">(</span><span style="color: #0000BB">$ciphertext</span><span style="color: #007700">);<br /><br /> echo </span><span style="color: #0000BB">$ciphertext_base64 </span><span style="color: #007700">. </span><span style="color: #DD0000">"\n"</span><span style="color: #007700">;<br /><br /> </span><span style="color: #FF8000"># === WARNING ===<br /><br /> # Resulting cipher text has no integrity or authenticity added<br /> # and is not protected against padding oracle attacks.<br /> <br /> # --- DECRYPTION ---<br /> <br /> </span><span style="color: #0000BB">$ciphertext_dec </span><span style="color: #007700">= </span><span style="color: #0000BB">base64_decode</span><span style="color: #007700">(</span><span style="color: #0000BB">$ciphertext_base64</span><span style="color: #007700">);<br /> <br /> </span><span style="color: #FF8000"># retrieves the IV, iv_size should be created using mcrypt_get_iv_size()<br /> </span><span style="color: #0000BB">$iv_dec </span><span style="color: #007700">= </span><span style="color: #0000BB">substr</span><span style="color: #007700">(</span><span style="color: #0000BB">$ciphertext_dec</span><span style="color: #007700">, </span><span style="color: #0000BB">0</span><span style="color: #007700">, </span><span style="color: #0000BB">$iv_size</span><span style="color: #007700">);<br /> <br /> </span><span style="color: #FF8000"># retrieves the cipher text (everything except the $iv_size in the front)<br /> </span><span style="color: #0000BB">$ciphertext_dec </span><span style="color: #007700">= </span><span style="color: #0000BB">substr</span><span style="color: #007700">(</span><span style="color: #0000BB">$ciphertext_dec</span><span style="color: #007700">, </span><span style="color: #0000BB">$iv_size</span><span style="color: #007700">);<br /><br /> </span><span style="color: #FF8000"># may remove 00h valued characters from end of plain text<br /> </span><span style="color: #0000BB">$plaintext_dec </span><span style="color: #007700">= </span><span style="color: #0000BB">mcrypt_decrypt</span><span style="color: #007700">(</span><span style="color: #0000BB">MCRYPT_RIJNDAEL_128</span><span style="color: #007700">, </span><span style="color: #0000BB">$key</span><span style="color: #007700">,<br /> </span><span style="color: #0000BB">$ciphertext_dec</span><span style="color: #007700">, </span><span style="color: #0000BB">MCRYPT_MODE_CBC</span><span style="color: #007700">, </span><span style="color: #0000BB">$iv_dec</span><span style="color: #007700">);<br /> <br /> echo </span><span style="color: #0000BB">$plaintext_dec </span><span style="color: #007700">. </span><span style="color: #DD0000">"\n"</span><span style="color: #007700">;<br /></span><span style="color: #0000BB">?></span> </span> </code></div> </div> <div class="example-contents"><p>The above example will output:</p></div> <div class="example-contents screen"> <div class="cdata"><pre> Key size: 32 ENJW8mS2KaJoNB5E5CoSAAu0xARgsR1bdzFWpEn+poYw45q+73az5kYi4j+0haevext1dGrcW8Qi59txfCBV8BBj3bzRP3dFCp3CPQSJ8eU= This string was AES-256 / CBC / ZeroBytePadding encrypted. </pre></div> </div> </div> </p> </div> <div class="refsect1 seealso" id="refsect1-function.mcrypt-encrypt-seealso"> <h3 class="title">See Also</h3> <p class="para"> <ul class="simplelist"> <li class="member"><span class="function"><a href="function.mcrypt-decrypt.html" class="function" rel="rdfs-seeAlso">mcrypt_decrypt()</a> - Decrypts crypttext with given parameters</span></li> <li class="member"><span class="function"><a href="function.mcrypt-module-open.html" class="function" rel="rdfs-seeAlso">mcrypt_module_open()</a> - Opens the module of the algorithm and the mode to be used</span></li> </ul> </p> </div> </div><hr /><div class="manualnavbar" style="text-align: center;"> <div class="prev" style="text-align: left; float: left;"><a href="function.mcrypt-enc-self-test.html">mcrypt_enc_self_test</a></div> <div class="next" style="text-align: right; float: right;"><a href="function.mcrypt-generic-deinit.html">mcrypt_generic_deinit</a></div> <div class="up"><a href="ref.mcrypt.html">Mcrypt Functions</a></div> <div class="home"><a href="index.html">PHP Manual</a></div> </div></body></html>