PHPKonf: Istanbul PHP Conference 2017


Mcrypt can be used to encrypt and decrypt using the above mentioned ciphers. If you linked against libmcrypt-2.2.x, the four important mcrypt commands (mcrypt_cfb(), mcrypt_cbc(), mcrypt_ecb(), and mcrypt_ofb()) can operate in both modes which are named MCRYPT_ENCRYPT and MCRYPT_DECRYPT, respectively.

If you linked against libmcrypt 2.4.x or 2.5.x, these functions are still available, but it is recommended that you use the advanced functions.

Example #1 Encrypt an input value with TripleDES under 2.4.x and higher in ECB mode

"this is a secret key";
$input "Let us meet at 9 o'clock at the secret place.";

$td mcrypt_module_open('tripledes''''ecb''');
$iv mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
$encrypted_data mcrypt_generic($td$input);
This example will give you the encrypted data as a string in $encrypted_data. For a full example see mcrypt_module_open().

add a note add a note

User Contributed Notes 2 notes

jizz @ Nowhere
8 years ago
Ok after having a problem using triple des with .net/visual basic with php I think this could help someone:

Visual Basic 9 with .net 2.0
Encrypting as a stream into the IO/Memory as bytes
Then they get converted back after encryption

I wanted to use base64 encoding to store the VB encryption
The problem I found was ...

I could En/Decrypt within VB and PHP just fine
But when I tried to encrypt one in VB and decrypt in PHP
I got the wrong values with the mcrypt function alone

I found that at least with VB9 that the stream encryption uses a UTF char that is the value for how many missing bytes left in the 8 bit stream.

So if you encrypt 1234 it will add chr(4) four times (the amount of missing bytes)
In php use chr otherwise most browsers/client cant read it.
Im not good at explaining things but the php code I figured out is below.

It will find the missing bytes on input as visual basic does
and replace as needed. For both encryption and decryption.

Example is triple_des and cbc with self key and iv for storing in base64

$key = "E4HD9h4DhS23DYfhHemkS3Nf";// 24 bit Key
$iv = "fYfhHeDm";// 8 bit IV
$input = "Text to encrypt";// text to encrypt
$bit_check=8;// bit amount for diff algor.

$str= encrypt($input,$key,$iv,$bit_check);
echo "Start: $input - Excrypted: $str - Decrypted: ".decrypt($str,$key,$iv,$bit_check);

function encrypt($text,$key,$iv,$bit_check) {
$text_num =str_split($text,$bit_check);
$text_num = $bit_check-strlen($text_num[count($text_num)-1]);
for ($i=0;$i<$text_num; $i++) {$text = $text . chr($text_num);}
$cipher = mcrypt_module_open(MCRYPT_TRIPLEDES,'','cbc','');
mcrypt_generic_init($cipher, $key, $iv);
$decrypted = mcrypt_generic($cipher,$text);
return base64_encode($decrypted);

function decrypt($encrypted_text,$key,$iv,$bit_check){
$cipher = mcrypt_module_open(MCRYPT_TRIPLEDES,'','cbc','');
mcrypt_generic_init($cipher, $key, $iv);
$decrypted = mdecrypt_generic($cipher,base64_decode($encrypted_text));
for($i=0;$i<$bit_check-1; $i++){
return $decrypted;
ivoras at gmail dot com
6 years ago
Note that there can be standard padding in block modes:
To Top