Pure-PHP implementation of AES.

author Jim Wigginton
version 0.1.0
access public
package Crypt_AES

 Methods

Default Constructor.

Crypt_AES(\optional $mode) : \Crypt_AES

Determines whether or not the mcrypt extension should be used. $mode should only, at present, be CRYPT_AES_MODE_ECB or CRYPT_AES_MODE_CBC. If not explictly set, CRYPT_AES_MODE_CBC will be used.

access public

Parameters

$mode

\optional

Integer $mode

Returns

Default Constructor.

Crypt_Rijndael(\optional $mode) : \Crypt_Rijndael
Inherited

Determines whether or not the mcrypt extension should be used. $mode should only, at present, be CRYPT_RIJNDAEL_MODE_ECB or CRYPT_RIJNDAEL_MODE_CBC. If not explictly set, CRYPT_RIJNDAEL_MODE_CBC will be used.

access public
inherited_from \Crypt_Rijndael::Crypt_Rijndael()

Parameters

$mode

\optional

Integer $mode

Returns

Decrypts a block

_decryptBlock(String $in) : String

Optimized over Crypt_Rijndael's implementation by means of loop unrolling.

see \global\Crypt_Rijndael::_decryptBlock()
access private

Parameters

$in

String

Returns

String

Encrypts a block

_encryptBlock(String $in) : String

Optimized over Crypt_Rijndael's implementation by means of loop unrolling.

see \global\Crypt_Rijndael::_encryptBlock()
access private

Parameters

$in

String

Returns

String

Generate CTR XOR encryption key

_generate_xor(Integer $length, String $iv) 
Inherited

Encrypt the output of this and XOR it against the ciphertext / plaintext to get the plaintext / ciphertext in CTR mode.

see \global\Crypt_Rijndael::decrypt()
see \global\Crypt_Rijndael::encrypt()
access public
inherited_from \Crypt_Rijndael::_generate_xor()

Parameters

$length

Integer

$iv

String

Performs inverse S-Box substitutions

_invSubWord($word) 
Inherited

access private
inherited_from \Crypt_Rijndael::_invSubWord()

Parameters

$word

Setup mcrypt

_mcryptSetup() 

Validates all the variables.

access private

Pads a string

_pad($text) 
Inherited

Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize. $block_size - (strlen($text) % $block_size) bytes are added, each of which is equal to chr($block_size - (strlen($text) % $block_size)

If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless and padding will, hence forth, be enabled.

see \global\Crypt_Rijndael::_unpad()
access private
inherited_from \Crypt_Rijndael::_pad()

Parameters

$text

Setup Rijndael

_setup() 
Inherited

Validates all the variables and calculates $Nr - the number of rounds that need to be performed - and $w - the key key schedule.

access private
inherited_from \Crypt_Rijndael::_setup()

String Shift

_string_shift(String $string, \optional $index) : String
Inherited

Inspired by array_shift

access private
inherited_from \Crypt_Rijndael::_string_shift()

Parameters

$string

String

$index

\optional

Integer $index

Returns

String

Performs S-Box substitutions

_subWord($word) 
Inherited

access private
inherited_from \Crypt_Rijndael::_subWord()

Parameters

$word

Unpads a string.

_unpad($text) 
Inherited

If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong and false will be returned.

see \global\Crypt_Rijndael::_pad()
access private
inherited_from \Crypt_Rijndael::_unpad()

Parameters

$text

Decrypts a message.

decrypt(String $ciphertext) 

If strlen($ciphertext) is not a multiple of 16, null bytes will be added to the end of the string until it is.

see \global\Crypt_AES::encrypt()
access public

Parameters

$ciphertext

String

Treat consecutive packets as if they are a discontinuous buffer.

disableContinuousBuffer() 
Inherited

The default behavior.

see \global\Crypt_Rijndael::enableContinuousBuffer()
access public
inherited_from \Crypt_Rijndael::disableContinuousBuffer()

Do not pad packets.

disablePadding() 
Inherited

see \global\Crypt_Rijndael::enablePadding()
access public
inherited_from \Crypt_Rijndael::disablePadding()

Treat consecutive "packets" as if they are a continuous buffer.

enableContinuousBuffer() 
Inherited

Say you have a 32-byte plaintext $plaintext. Using the default behavior, the two following code snippets will yield different outputs:

   echo $rijndael->encrypt(substr($plaintext,  0, 16));
   echo $rijndael->encrypt(substr($plaintext, 16, 16));
   echo $rijndael->encrypt($plaintext);

The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates another, as demonstrated with the following:

   $rijndael->encrypt(substr($plaintext, 0, 16));
   echo $rijndael->decrypt($des->encrypt(substr($plaintext, 16, 16)));
   echo $rijndael->decrypt($des->encrypt(substr($plaintext, 16, 16)));

With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different outputs. The reason is due to the fact that the initialization vector's change after every encryption / decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.

Put another way, when the continuous buffer is enabled, the state of the Crypt_Rijndael() object changes after each encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), however, they are also less intuitive and more likely to cause you problems.

see \global\Crypt_Rijndael::disableContinuousBuffer()
access public
inherited_from \Crypt_Rijndael::enableContinuousBuffer()

Pad "packets".

enablePadding() 
Inherited

Rijndael works by encrypting between sixteen and thirty-two bytes at a time, provided that number is also a multiple of four. If you ever need to encrypt or decrypt something that isn't of the proper length, it becomes necessary to pad the input so that it is of the proper length.

Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH, where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is transmitted separately)

see \global\Crypt_Rijndael::disablePadding()
access public
inherited_from \Crypt_Rijndael::enablePadding()

Encrypts a message.

encrypt(String $plaintext) 

$plaintext will be padded with up to 16 additional bytes. Other AES implementations may or may not pad in the same manner. Other common approaches to padding and the reasons why it's necessary are discussed in the following URL:

http://www.di-mgt.com.au/cryptopad.html

An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does. strlen($plaintext) will still need to be a multiple of 16, however, arbitrary values can be added to make it that length.

see \global\Crypt_AES::decrypt()
access public

Parameters

$plaintext

String

Dummy function

setBlockLength(Integer $length) 

Since Crypt_AES extends Crypt_Rijndael, this function is, technically, available, but it doesn't do anything.

access public

Parameters

$length

Integer

Sets the initialization vector.

setIV(String $iv) 
Inherited

(optional)

SetIV is not required when CRYPT_RIJNDAEL_MODE_ECB is being used. If not explictly set, it'll be assumed to be all zero's.

access public
inherited_from \Crypt_Rijndael::setIV()

Parameters

$iv

String

Sets the key.

setKey(String $key) 
Inherited

Keys can be of any length. Rijndael, itself, requires the use of a key that's between 128-bits and 256-bits long and whose length is a multiple of 32. If the key is less than 256-bits and the key length isn't set, we round the length up to the closest valid key length, padding $key with null bytes. If the key is more than 256-bits, we trim the excess bits.

If the key is not explicitly set, it'll be assumed to be all null bytes.

access public
inherited_from \Crypt_Rijndael::setKey()

Parameters

$key

String

Sets the key length

setKeyLength(Integer $length) 
Inherited

Valid key lengths are 128, 160, 192, 224, and 256. If the length is less than 128, it will be rounded up to 128. If the length is greater then 128 and invalid, it will be rounded down to the closest valid amount.

access public
inherited_from \Crypt_Rijndael::setKeyLength()

Parameters

$length

Integer

 Properties

 

Shift offsets

$c : Array
Inherited

access private
inherited_from \Crypt_Rijndael::$$c
 

Does the key schedule need to be (re)calculated?

$changed : Boolean
Inherited

see \global\setKey()
see \global\setBlockLength()
see \global\setKeyLength()
access private
inherited_from \Crypt_Rijndael::$$changed
 

Continuous Buffer status

$continuousBuffer : Boolean
Inherited

see \global\Crypt_Rijndael::enableContinuousBuffer()
access private
inherited_from \Crypt_Rijndael::$$continuousBuffer
 

Decryption buffer for CTR, OFB and CFB modes

$debuffer : String
Inherited

see \global\Crypt_Rijndael::decrypt()
access private
inherited_from \Crypt_Rijndael::$$debuffer
 

A "sliding" Initialization Vector

$decryptIV : String
Inherited

see \global\Crypt_Rijndael::enableContinuousBuffer()
access private
inherited_from \Crypt_Rijndael::$$decryptIV
 

mcrypt resource for decryption

$demcrypt : String

The mcrypt resource can be recreated every time something needs to be created or it can be created just once. Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.

see \global\Crypt_AES::decrypt()
access private
 

Precomputed invMixColumns table

$dt0 : Array
Inherited

see \global\Crypt_Rijndael()
access private
inherited_from \Crypt_Rijndael::$$dt0
 

Precomputed invMixColumns table

$dt1 : Array
Inherited

see \global\Crypt_Rijndael()
access private
inherited_from \Crypt_Rijndael::$$dt1
 

Precomputed invMixColumns table

$dt2 : Array
Inherited

see \global\Crypt_Rijndael()
access private
inherited_from \Crypt_Rijndael::$$dt2
 

Precomputed invMixColumns table

$dt3 : Array
Inherited

see \global\Crypt_Rijndael()
access private
inherited_from \Crypt_Rijndael::$$dt3
 

The Inverse Key Schedule

$dw : Array
Inherited

see \global\_setup()
access private
inherited_from \Crypt_Rijndael::$$dw
 

mcrypt resource for CFB mode

$ecb : String

see \global\Crypt_AES::encrypt()
see \global\Crypt_AES::decrypt()
access private
 

Encryption buffer for CTR, OFB and CFB modes

$enbuffer : String
Inherited

see \global\Crypt_Rijndael::encrypt()
access private
inherited_from \Crypt_Rijndael::$$enbuffer
 

A "sliding" Initialization Vector

$encryptIV : String
Inherited

see \global\Crypt_Rijndael::enableContinuousBuffer()
access private
inherited_from \Crypt_Rijndael::$$encryptIV
 

mcrypt resource for encryption

$enmcrypt : String

The mcrypt resource can be recreated every time something needs to be created or it can be created just once. Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.

see \global\Crypt_AES::encrypt()
access private
 

Has the key length explicitly been set or should it be derived from the key, itself?

$explicit_key_length : Boolean
Inherited

see \global\setKeyLength()
access private
inherited_from \Crypt_Rijndael::$$explicit_key_length
 

The Initialization Vector

$iv : String
Inherited

see \global\Crypt_Rijndael::setIV()
access private
inherited_from \Crypt_Rijndael::$$iv
 

The Key

$key : String
Inherited

see \global\Crypt_Rijndael::setKey()
access private
inherited_from \Crypt_Rijndael::$$key
 

The Encryption Mode

$mode : Integer
Inherited

see \global\Crypt_Rijndael::Crypt_Rijndael()
access private
inherited_from \Crypt_Rijndael::$$mode
 

Is the mode one that is paddable?

$paddable : Boolean
Inherited

see \global\Crypt_Rijndael::Crypt_Rijndael()
access private
inherited_from \Crypt_Rijndael::$$paddable
 

Padding status

$padding : Boolean
Inherited

see \global\Crypt_Rijndael::enablePadding()
access private
inherited_from \Crypt_Rijndael::$$padding
 

Precomputed mixColumns table

$t0 : Array
Inherited

see \global\Crypt_Rijndael()
access private
inherited_from \Crypt_Rijndael::$$t0
 

Precomputed mixColumns table

$t1 : Array
Inherited

see \global\Crypt_Rijndael()
access private
inherited_from \Crypt_Rijndael::$$t1
 

Precomputed mixColumns table

$t2 : Array
Inherited

see \global\Crypt_Rijndael()
access private
inherited_from \Crypt_Rijndael::$$t2
 

Precomputed mixColumns table

$t3 : Array
Inherited

see \global\Crypt_Rijndael()
access private
inherited_from \Crypt_Rijndael::$$t3
 

The Key Schedule

$w : Array
Inherited

see \global\_setup()
access private
inherited_from \Crypt_Rijndael::$$w