Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

mcrypt(3) [suse man page]

Mcrypt(3)						User Contributed Perl Documentation						 Mcrypt(3)

NAME

       Mcrypt - Perl extension for the Mcrypt cryptography library

SYNOPSIS

	 use Mcrypt;

	 # Procedural routines

	 $td = Mcrypt::mcrypt_load($algorithm, $algorithm_dir,
				   $mode, $mode_dir);

	 Mcrypt::mcrypt_get_key_size($td);   # in bytes
	 Mcrypt::mcrypt_get_iv_size($td);    # in bytes
	 Mcrypt::mcrypt_get_block_size($td); # in bytes

	 Mcrypt::mcrypt_init($td, $key, $iv);

	 $encryptedstr = Mcrypt::mcrypt_encrypt($td, $decryptedstr);
	 $decryptedstr = Mcrypt::mcrypt_decrypt($td, $encryptedstr);

	 Mcrypt::mcrypt_end($td);

	 # Object-oriented methods

	 $td = Mcrypt->new( algorithm => $algorithm,
			    mode => $mode );

	 $keysize = $td->{KEY_SIZE};
	 $ivsize  = $td->{IV_SIZE};
	 $blksize = $td->{BLOCK_SIZE};

	 $td->init($key, $iv);

	 $encryptedstr = $td->encrypt($decryptedstr);
	 $decryptedstr = $td->decrypt($encryptedstr);

	 # If the $td goes out of context,
	 # the destructor will do this for you
	 $td->end();

DESCRIPTION

       This module wraps the libmcrypt encryption library for easy and convenient use from within perl.  Encryption and decryption using a variety
       of algorithms is as easy as a few simple lines of perl.

Exported constants
       The predefined groups of exports in the use statements are as follows:

       use Mcrypt qw(:ALGORITHMS);

       Exports the BLOWFISH DES 3DES GOST CAST_128 XTEA RC2 TWOFISH CAST_256 SAFERPLUS LOKI97 SERPENT RIJNDAEL_128 RIJNDAEL_192 RIJNDAEL_256
       ENIGMA ARCFOUR WAKE libmcrypt algorithms.  See the mcrypt(3) man page for more details.

       use Mcrypt qw(:MODES);

       Exports the CBC ECB CFB OFB bOFB STREAM modes of encryption.  See the mcrypt(3) man page for more details.

       use Mcrypt qw(:FUNCS);

       Exports the following functions: mcrypt_load, mcrypt_unload, mcrypt_init, mcrypt_end, mcrypt_encrypt, mcrypt_decrypt,
       mcrypt_get_block_size, mcrypt_get_iv_size, mcrypt_get_key_size.

EXAMPLES

	 # Procedural approach:
	 # create an ecryption descriptor:
	 #   ALGORITHM: blowfish (256 bit key + 16 byte IV)
	 #   MODE:	cfb
	 # The user application has set:
	 #   $method to either "encrypt" or "decrypt"
	 #   $infile to the input filename
	 #   $outfile to the output filename
	 my($td) = Mcrypt::mcrypt_load( Mcrypt::BLOWFISH, '',
					Mcrypt::CFB, '' );
	 my($key) = "32 bytes of your apps secret key";  # secret key
	 my($iv) = "16 bytes of rand"; # shared initialization vector
	 Mcrypt::mcrypt_init($td, $key, $iv) || die "Could not initialize td";
	 print Mcrypt::mcrypt_encrypt($td, $_) while(<>);
	 Mcrypt::mcrypt_end($td);

	 # OO approach of the above except decrypting
	 my($td) = Mcrypt->new( algorithm => Mcrypt::BLOWFISH,
				mode => Mcrypt::CFB,
				verbose => 0 );
	 my($key) = "k" x $td->{KEY_SIZE};
	 my($iv) = "i" x $td->{IV_SIZE};
	 $td->init($key, $iv);
	 print $td->decrypt($_) while (<>);
	 $td->end();

AUTHOR

       Theo Schlossnagle <jesus@omniti.com>

SEE ALSO

       The libmcrypt man page: mcrypt(3).  Other libmcrypt information is available at http://mcrypt.hellug.gr/.

perl v5.12.1							    2010-07-05								 Mcrypt(3)

Check Out this Related Man Page

MCRYPT_ENCRYPT(3)							 1							 MCRYPT_ENCRYPT(3)

mcrypt_encrypt - Encrypts plaintext with given parameters

SYNOPSIS

       string mcrypt_encrypt (string  $cipher, string  $key, string  $data, string  $mode, [string  $iv])

DESCRIPTION

	Encrypts the data and returns it.

PARAMETERS

	      o $cipher
		-One of the MCRYPT_ciphername constants, or the name of the algorithm as string.

	      o $key
		-  The key with which the data will be encrypted. If it's smaller than the required keysize, it is padded with ' '. It is better
		not to use ASCII strings for keys.  It is recommended to use the mhash functions to create a key from a string.

	      o $data
		- The data that will be encrypted with the given $cipher and $mode. If the size of the data is not n * blocksize, the data will be
		padded with ' '.  The returned crypttext can be larger than the size of the data that was given by $data.

	      o $mode
		-One of the MCRYPT_MODE_modename constants, or one of the following strings: "ecb", "cbc", "cfb", "ofb", "nofb" or "stream".

	      o $iv
		-Used  for  the initialization in CBC, CFB, OFB modes, and in some algorithms in STREAM mode. If you do not supply an IV, while it
		is needed for an algorithm, the function issues a warning and uses an IV with all its bytes set to " ".

RETURN VALUES

	Returns the encrypted data, as a string.

EXAMPLES

       Example #1

	      mcrypt_encrypt(3) Example

	      <?php
		  # --- ENCRYPTION ---

		  # the key should be random binary, use scrypt, bcrypt or PBKDF2 to
		  # convert a string into a key
		  # key is specified using hexadecimal
		  $key = pack('H*', "bcb04b7e103a0cd8b54763051cef08bc55abe029fdebae5e1d417e2ffb2a00a3");

		  # show key size use either 16, 24 or 32 byte keys for AES-128, 192
		  # and 256 respectively
		  $key_size =  strlen($key);
		  echo "Key size: " . $key_size . "
";

		  $plaintext = "This string was AES-256 / CBC / ZeroBytePadding encrypted.";

		  # create a random IV to use with CBC encoding
		  $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
		  $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);

		  # creates a cipher text compatible with AES (Rijndael block size = 128)
		  # to keep the text confidential
		  # only suitable for encoded input that never ends with value 00h
		  # (because of default zero padding)
		  $ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key,
					       $plaintext, MCRYPT_MODE_CBC, $iv);

		  # prepend the IV for it to be available for decryption
		  $ciphertext = $iv . $ciphertext;

		  # encode the resulting cipher text so it can be represented by a string
		  $ciphertext_base64 = base64_encode($ciphertext);

		  echo	$ciphertext_base64 . "
";

		  # === WARNING ===

		  # Resulting cipher text has no integrity or authenticity added
		  # and is not protected against padding oracle attacks.

		  # --- DECRYPTION ---

		  $ciphertext_dec = base64_decode($ciphertext_base64);

		  # retrieves the IV, iv_size should be created using mcrypt_get_iv_size()
		  $iv_dec = substr($ciphertext_dec, 0, $iv_size);

		  # retrieves the cipher text (everything except the $iv_size in the front)
		  $ciphertext_dec = substr($ciphertext_dec, $iv_size);

		  # may remove 00h valued characters from end of plain text
		  $plaintext_dec = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key,
						  $ciphertext_dec, MCRYPT_MODE_CBC, $iv_dec);

		  echo	$plaintext_dec . "
";
	      ?>

	      The above example will output:

	      Key size: 32
	      ENJW8mS2KaJoNB5E5CoSAAu0xARgsR1bdzFWpEn+poYw45q+73az5kYi4j+0haevext1dGrcW8Qi59txfCBV8BBj3bzRP3dFCp3CPQSJ8eU=
	      This string was AES-256 / CBC / ZeroBytePadding encrypted.

	See also mcrypt_module_open(3) for a more advanced API and an example.

PHP Documentation Group 													 MCRYPT_ENCRYPT(3)
Man Page