These are two simple functions I built for 256-bit encryption/decryption with mcrypt. I've decided to use MCRYPT_RIJNDAEL_128 because it's AES-compliant, and MCRYPT_MODE_CBC. (ECB mode is inadequate for many purposes because it does not use an IV.)

This function stores a hash of the data to verify that the data was decrypted successfully, but this could be easily removed if necessary.

<?php

) {

// Build a 256-bit $key which is a SHA256 hash of $salt and $password.

);

// Build $iv and $iv_base64. We use a block size of 128 bits (AES compliant) and CBC mode. (Note: ECB mode is inadequate as IV is not used.)

);

if (;

// Encrypt $decrypted and an MD5 of $decrypted using $key. MD5 is fine to use here because it's just to verify successful decryption.

));

// We're done!

;

}

function ) {

// Build a 256-bit $key which is a SHA256 hash of $salt and $password.

);

// Retrieve $iv which is the first 22 characters plus ==, base64_decoded.

);

// Remove $iv from $encrypted.

);

// Decrypt the data. rtrim won't corrupt the data because the last 32 characters are the md5 hash; thus any \0 character has to be padding.

);

// Retrieve $hash which is the last 32 characters of $decrypted.

);

// Remove the last 32 characters from $decrypted.

);

// Integrity check. If this fails, either the data is corrupted, or the password/salt was incorrect.

;

// Yay!

return $decrypted;

}

?>

//This is a des, 3des, aes and gost encryption program i wrote using php for my assignment

<?php

])) {

];

];

];

} else {

die("algorithm not selected");

}

if (){

die("Please enter a text to encrypt! ");

}

if (){

die("Please enter a key! ");

}

function )

{

);

);

);

echo ;

echo ;

echo "<p><b>Key size :</b> ";

foreach ()

{

echo ;

}unset($value);

}

function )

{

);

);

);

echo "<html><hr size='2' ></html>";

echo "<P><P><b>Plain Text : </b>";

echo($themsg);

echo "<p><b>Cipher Text : </b> ";

echo ;

);

);

die();

}

if (){

);

);

);

}elseif (){

);

);

);

}elseif (){

);

);

);

}elseif (){

);

);

);

}else {

die("Please choose an algorithm!");

}

?>

If you want a quick way to see what ciphers, modes, key, block and iv sizes are supported on your server, try something like the following.

Note: I used this simple bash: `locate libmcrypt` from terminal on Mac OS X to determine the install paths to the algorithms and modes directories. Lots of function calls generate warnings for certain ciphers, hence the use of error suppression.

<?php

$modes = mcrypt_list_modes();

();

foreach()

{

echo ;

foreach()

{

echo ;

@(

$cipher,

'/usr/local/libmcrypt-2.5.8/modules/algorithms/',

$mode,

'/usr/local/libmcrypt-2.5.8/modules/modes/');

@);

@);

@);

@);

echo "

<pre>

key_size: ")

.)

.)

." </pre>\n";

;

;

;

;

}

}

?>

people using phpmyadmin are redirected to this manual if they don't have mcrypt installed. If you want to install mcrypt on debian, first check your php version:

yourserver# php --version

Then install the appropriate version of mcrypt (php5-mcrypt if your php version is 5.x)

yourserver# apt-get install php4-mcrypt

...or...

yourserver# apt-get install php5-mcrypt

When using 3DES between PHP and C#, it is to be noted that there are subtle differences that if not strictly observed, will result in annoying problem encrypt/decrypt data.

1), When using a 16 bytes key, php and c# generates total different outcome string. it seems that a 24 bytes key is required for php and c# to work alike.

2), php doesnt have a "padding" option, while c# has 3 (?). My work around is to add nulls i.e. chr(0) to the end of the source string to make its size times of 8, while in c#, PaddingMode.Zeros is required.

3) the key size has to be times of 8, in php, to make it work for c#.

for Suse Linux Enterprise 11 I had used this to resolve the issue (as root)

# yast -i php5-mcrypt

# rcapache2 restart

hope this helps