Salsa20

Extends\phpseclib3\Crypt\Common\StreamCipher

Pure-PHP implementation of Salsa20.

author

Jim Wigginton terrafrost@php.net

package

Default

Methods

Default Constructor.

__construct(string $mode)
inherited

$mode could be:

  • ecb

  • cbc

  • ctr

  • cfb

  • cfb8

  • ofb

  • ofb8

  • gcm
Throws
\phpseclib3\Exception\BadModeException

if an invalid / unsupported mode is provided

Arguments

$mode

string

Creates the performance-optimized function for en/decrypt()

createInlineCryptFunction(array $cipher_code): string
inherited

Internally for phpseclib developers:

_createInlineCryptFunction():

  • merge the $cipher_code [setup'ed by _setupInlineCrypt()] with the current [$this->]mode of operation code

  • create the $inline function, which called by encrypt() / decrypt() as its replacement to speed up the en/decryption operations.

  • return the name of the created $inline callback function

  • used to speed up en/decryption

    The main reason why can speed up things [up to 50%] this way are:

  • using variables more effective then regular. (ie no use of expensive arrays but integers $k_0, $k_1 ... or even, for example, the pure $key[] values hardcoded)

  • avoiding 1000's of function calls of ie _encryptBlock() but inlining the crypt operations. in the mode of operation for() loop.

  • full loop unroll the (sometimes key-dependent) rounds avoiding this way ++$i counters and runtime-if's etc...

    The basic code architectur of the generated $inline en/decrypt() lambda function, in pseudo php, is:

    +----------------------------------------------------------------------------------------------+ callback $inline = create_function: lambda_function_0001_crypt_ECB($action, $text) { INSERT PHP CODE OF: $cipher_code['init_crypt']; // general init code. // ie: $sbox'es declarations used for // encrypt and decrypt'ing.
    switch ($action) {
    case 'encrypt':
    INSERT PHP CODE OF:
    $cipher_code['init_encrypt']; // encrypt sepcific init code.
    ie: specified $key or $box
    declarations for encrypt'ing.
    foreach ($ciphertext) {
    $in = $block_size of $ciphertext;
    INSERT PHP CODE OF:
    $cipher_code['encrypt_block']; // encrypt's (string) $in, which is always:
    // strlen($in) == $this->block_size
    // here comes the cipher algorithm in action
    // for encryption.
    // $cipher_code['encrypt_block'] has to
    // encrypt the content of the $in variable
    $plaintext .= $in;
    }
    return $plaintext;
    case 'decrypt':
    INSERT PHP CODE OF:
    $cipher_code['init_decrypt']; // decrypt sepcific init code
    ie: specified $key or $box
    declarations for decrypt'ing.
    foreach ($plaintext) {
    $in = $block_size of $plaintext;
    INSERT PHP CODE OF:
    $cipher_code['decrypt_block']; // decrypt's (string) $in, which is always
    // strlen($in) == $this->block_size
    // here comes the cipher algorithm in action
    // for decryption.
    // $cipher_code['decrypt_block'] has to
    // decrypt the content of the $in variable
    $ciphertext .= $in;
    }
    return $ciphertext;
    }
    }

    +----------------------------------------------------------------------------------------------+

    See also the \phpseclib3\Crypt*::_setupInlineCrypt()'s for productive inline $cipher_code's how they works.

    Structure of: $cipher_code = [ 'init_crypt' => (string) '', // optional 'init_encrypt' => (string) '', // optional 'init_decrypt' => (string) '', // optional 'encrypt_block' => (string) '', // required 'decrypt_block' => (string) '' // required ];

see self::setupInlineCrypt()\phpseclib3\Crypt\Common\SymmetricKey::encrypt()\phpseclib3\Crypt\Common\SymmetricKey::decrypt()

Arguments

$cipher_code

array

Response

string

(the name of the created callback function)

Creates a Poly1305 key using the method discussed in RFC8439

createPoly1305Key()

Encrypts or decrypts a message.

crypt(string $text,integer $mode): string
see \phpseclib3\Crypt\Salsa20::encrypt()\phpseclib3\Crypt\Salsa20::decrypt()

Arguments

$text

string

$mode

integer

Response

string

$text

Decrypts a message.

decrypt(string $ciphertext): string
inherited

If strlen($ciphertext) is not a multiple of the block size, null bytes will be added to the end of the string until it is.

{@internal Could, but not must, extend by the child Crypt_* class}

see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
Throws
\LengthException

if we're inside a block cipher and the ciphertext length is not a multiple of the block size

Arguments

$ciphertext

string

Response

string

$plaintext

Decrypts a block

decryptBlock(string $in): string
inheritedabstract

Note: Must be extended by the child \phpseclib3\Crypt* class

Arguments

$in

string

Response

string

Treat consecutive packets as if they are a discontinuous buffer.

disableContinuousBuffer()
inherited

The default behavior.

{@internal Could, but not must, extend by the child Crypt_* class}

see \phpseclib3\Crypt\Common\SymmetricKey::enableContinuousBuffer()

Do not pad packets.

disablePadding()
inherited

The doubleround function

doubleRound(integer &$x0,integer &$x1,integer &$x2,integer &$x3,integer &$x4,integer &$x5,integer &$x6,integer &$x7,integer &$x8,integer &$x9,integer &$x10,integer &$x11,integer &$x12,integer &$x13,integer &$x14,integer &$x15)
static

Arguments

$x0

integer

(by reference)

$x1

integer

(by reference)

$x2

integer

(by reference)

$x3

integer

(by reference)

$x4

integer

(by reference)

$x5

integer

(by reference)

$x6

integer

(by reference)

$x7

integer

(by reference)

$x8

integer

(by reference)

$x9

integer

(by reference)

$x10

integer

(by reference)

$x11

integer

(by reference)

$x12

integer

(by reference)

$x13

integer

(by reference)

$x14

integer

(by reference)

$x15

integer

(by reference)

Treat consecutive "packets" as if they are a continuous buffer.

enableContinuousBuffer()
inherited

Say you have a 32-byte plaintext $plaintext. Using the default behavior, the two following code snippets will yield different outputs:

echo $rijndael->encrypt(substr($plaintext, 0, 16)); echo $rijndael->encrypt(substr($plaintext, 16, 16)); echo $rijndael->encrypt($plaintext);

The solution is to enable the continuous buffer. Although this will resolve the above discrepancy, it creates another, as demonstrated with the following:

$rijndael->encrypt(substr($plaintext, 0, 16)); echo $rijndael->decrypt($rijndael->encrypt(substr($plaintext, 16, 16))); echo $rijndael->decrypt($rijndael->encrypt(substr($plaintext, 16, 16)));

With the continuous buffer disabled, these would yield the same output. With it enabled, they yield different outputs. The reason is due to the fact that the initialization vector's change after every encryption / decryption round when the continuous buffer is enabled. When it's disabled, they remain constant.

Put another way, when the continuous buffer is enabled, the state of the \phpseclib3\Crypt*() object changes after each encryption / decryption round, whereas otherwise, it'd remain constant. For this reason, it's recommended that continuous buffers not be used. They do offer better security and are, in fact, sometimes required (SSH uses them), however, they are also less intuitive and more likely to cause you problems.

{@internal Could, but not must, extend by the child Crypt_* class}

see \phpseclib3\Crypt\Common\SymmetricKey::disableContinuousBuffer()

Pad "packets".

enablePadding()
inherited

Block ciphers working by encrypting between their specified [$this->]block_size at a time If you ever need to encrypt or decrypt something that isn't of the proper length, it becomes necessary to pad the input so that it is of the proper length.

Padding is enabled by default. Sometimes, however, it is undesirable to pad strings. Such is the case in SSH, where "packets" are padded with random bytes before being encrypted. Unpad these packets and you risk stripping away characters that shouldn't be stripped away. (SSH knows how many bytes are added because the length is transmitted separately)

see \phpseclib3\Crypt\Common\SymmetricKey::disablePadding()

Enables Poly1305 mode.

enablePoly1305()
inherited

Once enabled Poly1305 cannot be disabled.

Throws
\BadMethodCallException

if Poly1305 is enabled whilst in GCM mode

Encrypts a message.

encrypt(string $plaintext): string
inherited

$plaintext will be padded with additional bytes such that it's length is a multiple of the block size. Other cipher implementations may or may not pad in the same manner. Other common approaches to padding and the reasons why it's necessary are discussed in the following URL:

http://www.di-mgt.com.au/cryptopad.html

An alternative to padding is to, separately, send the length of the file. This is what SSH, in fact, does. strlen($plaintext) will still need to be a multiple of the block size, however, arbitrary values can be added to make it that length.

{@internal Could, but not must, extend by the child Crypt_* class}

see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()

Arguments

$plaintext

string

Response

string

$ciphertext

Encrypts a block

encryptBlock(string $in): string
inheritedabstract

Note: Must be extended by the child \phpseclib3\Crypt* class

Arguments

$in

string

Response

string

Returns the current block length in bits

getBlockLength(): integer
inherited

Response

integer

Returns the current block length in bytes

getBlockLengthInBytes(): integer
inherited

Response

integer

Returns the engine currently being utilized

getEngine()
inherited

Get the IV

getIV(string $iv): string
inherited

mcrypt requires an IV even if ECB is used

see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()\phpseclib3\Crypt\Common\SymmetricKey::decrypt()

Arguments

$iv

string

Response

string

Returns the current key length in bits

getKeyLength(): integer
inherited

Response

integer

Return the mode

getMode(): string
inherited

You can do $obj instanceof AES or whatever to get the cipher but you can't do that to get the mode

Response

string

Get the authentication tag

getTag(integer $length = 16): string
inherited

Only used in GCM or Poly1305 mode

see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()
Throws
\LengthException

if $length isn't of a sufficient length

\RuntimeException

if GCM mode isn't being used

Arguments

$length

integer

optional

Response

string

Performs GHASH operation

ghash(string $x): string
inherited

Initialize static variables

initialize_static_variables()
inheritedstatic

Test for engine validity

isValidEngine(string $engine): boolean
inherited
see \phpseclib3\Crypt\Common\SymmetricKey::__construct()

Arguments

$engine

string

Response

boolean

Test for engine validity

isValidEngineHelper(integer $engine): boolean
inherited
see \phpseclib3\Crypt\Common\SymmetricKey::__construct()

Arguments

$engine

integer

Response

boolean

Left Rotate

leftRotate(integer $x,integer $n): integer
static

Arguments

$x

integer

$n

integer

Response

integer

Returns the bit length of a string in a packed format

len64(string $str): string
inheritedstatic

NULL pads a string to be a multiple of 128

nullPad128(string $str): string
inheritedstatic

OpenSSL CTR Processor

openssl_ctr_process(string $plaintext,string &$encryptIV,array &$buffer): string
inherited

PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream for CTR is the same for both encrypting and decrypting this function is re-used by both SymmetricKey::encrypt() and SymmetricKey::decrypt(). Also, OpenSSL doesn't implement CTR for all of it's symmetric ciphers so this function will emulate CTR with ECB when necessary.

see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()\phpseclib3\Crypt\Common\SymmetricKey::decrypt()

Arguments

$plaintext

string

$encryptIV

string

$buffer

array

Response

string

OpenSSL OFB Processor

openssl_ofb_process(string $plaintext,string &$encryptIV,array &$buffer): string
inherited

PHP's OpenSSL bindings do not operate in continuous mode so we'll wrap around it. Since the keystream for OFB is the same for both encrypting and decrypting this function is re-used by both SymmetricKey::encrypt() and SymmetricKey::decrypt().

see \phpseclib3\Crypt\Common\SymmetricKey::encrypt()\phpseclib3\Crypt\Common\SymmetricKey::decrypt()

Arguments

$plaintext

string

$encryptIV

string

$buffer

array

Response

string

phpseclib <-> OpenSSL Mode Mapper

openssl_translate_mode(): string
inherited

May need to be overwritten by classes extending this one in some cases

Response

string

Pads a string

pad(string $text): string
inherited

Pads a string using the RSA PKCS padding standards so that its length is a multiple of the blocksize. $this->block_size - (strlen($text) % $this->block_size) bytes are added, each of which is equal to chr($this->block_size - (strlen($text) % $this->block_size)

If padding is disabled and $text is not a multiple of the blocksize, the string will be padded regardless and padding will, hence forth, be enabled.

see \phpseclib3\Crypt\Common\SymmetricKey::unpad()
Throws
\LengthException

if padding is disabled and the plaintext's length is not a multiple of the block size

Arguments

$text

string

Response

string

PKCS#12 KDF Helper Function

pkcs12helper(integer $n,\phpseclib3\Crypt\Hash $hashObj,string $i,string $d,integer $count): string
inheritedstatic
see \phpseclib3\Crypt\Common\SymmetricKey::setPassword()

Arguments

$n

integer

$i

string

$d

string

$count

integer

Response

string

$a

Calculates Poly1305 MAC

poly1305(string $text): string
inherited

On my system ChaCha20, with libsodium, takes 0.5s. With this custom Poly1305 implementation it takes 1.2s.

see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()\phpseclib3\Crypt\Common\SymmetricKey::encrypt()

Arguments

$text

string

Response

string

The quarterround function

quarterRound(integer &$a,integer &$b,integer &$c,integer &$d)
static

Arguments

$a

integer

$b

integer

$c

integer

$d

integer

Convert float to int

safe_intval(string $x): integer
inheritedstatic

On ARM CPUs converting floats to ints doesn't always work

Arguments

$x

string

Response

integer

eval()'able string for in-line float to int

safe_intval_inline(): string
inheritedstatic

Response

string

The Salsa20 hash function function

salsa20(string $x)
static

Arguments

$x

string

Sets additional authenticated data

setAAD(string $aad)
inherited

setAAD() is only used by gcm or in poly1305 mode

Throws
\BadMethodCallException

if mode isn't GCM or if poly1305 isn't being utilized

Arguments

$aad

string

Sets the counter.

setCounter(integer $counter)

Arguments

$counter

integer

Sets the engine as appropriate

setEngine()
inherited

Sets the initialization vector.

setIV(string $iv)
inherited

setIV() is not required when ecb or gcm modes are being used.

{@internal Can be overwritten by a sub class, but does not have to be}

Throws
\LengthException

if the IV length isn't equal to the block size

\BadMethodCallException

if an IV is provided when one shouldn't be

Arguments

$iv

string

Sets the key.

setKey(string $key)
inherited

The min/max length(s) of the key depends on the cipher which is used. If the key not fits the length(s) of the cipher it will paded with null bytes up to the closest valid key length. If the key is more than max length, we trim the excess bits.

If the key is not explicitly set, it'll be assumed to be all null bytes.

{@internal Could, but not must, extend by the child Crypt_* class}

Arguments

$key

string

Sets the key length.

setKeyLength(integer $length)
inherited

Keys with explicitly set lengths need to be treated accordingly

Arguments

$length

integer

Sets the nonce.

setNonce(string $nonce)
inherited

setNonce() is only required when gcm is used

Throws
\BadMethodCallException

if an nonce is provided when one shouldn't be

Arguments

$nonce

string

Sets the password.

setPassword(string $password,string $method = 'pbkdf2',array<mixed,string> $func_args): boolean
inherited

Depending on what $method is set to, setPassword()'s (optional) parameters are as follows: pbkdf2 or pbkdf1: $hash, $salt, $count, $dkLen

    Where $hash (default = sha1) currently supports the following hashes: see: Crypt/Hash.php
[bcypt](https://en.wikipedia.org/wiki/Bcrypt):
    $salt, $rounds, $keylen

    This is a modified version of bcrypt used by OpenSSH.

{@internal Could, but not must, extend by the child Crypt_* class}

see \phpseclib3\Crypt\Common\Crypt/Hash.php
Throws
\LengthException

if pbkdf1 is being used and the derived key length exceeds the hash length

\RuntimeException

if bcrypt is being used and a salt isn't provided

Arguments

$password

string

$method

string

$func_args

array<mixed,string>

Response

boolean

Enables Poly1305 mode.

setPoly1305Key(string $key = null)
inherited

Once enabled Poly1305 cannot be disabled. If $key is not passed then an attempt to call createPoly1305Key will be made.

Throws
\LengthException

if the key isn't long enough

\BadMethodCallException

if Poly1305 is enabled whilst in GCM mode

Arguments

$key

string

optional

Sets the preferred crypt engine

setPreferredEngine(string $engine)
inherited

Currently, $engine could be:

  • libsodium[very fast]

  • OpenSSL [very fast]

  • mcrypt [fast]

  • Eval [slow]

  • PHP [slowest]

If the preferred crypt engine is not available the fastest available one will be used

see \phpseclib3\Crypt\Common\SymmetricKey::__construct()

Arguments

$engine

string

Sets the authentication tag

setTag(string $tag)
inherited

Only used in GCM mode

see \phpseclib3\Crypt\Common\SymmetricKey::decrypt()
Throws
\LengthException

if $length isn't of a sufficient length

\RuntimeException

if GCM mode isn't being used

Arguments

$tag

string

Setup the self::ENGINE_INTERNAL $engine

setup()
inherited

(re)init, if necessary, the internal cipher $engine and flush all $buffers Used (only) if $engine == self::ENGINE_INTERNAL

_setup() will be called each time if $changed === true typically this happens when using one or more of following public methods:

  • setKey()

  • setIV()

  • disableContinuousBuffer()

  • First run of encrypt() / decrypt() with no init-settings

{@internal setup() is always called before en/decryption.}

{@internal Could, but not must, extend by the child Crypt_* class}

see \phpseclib3\Crypt\Common\SymmetricKey::setKey()\phpseclib3\Crypt\Common\SymmetricKey::setIV()\phpseclib3\Crypt\Common\SymmetricKey::disableContinuousBuffer()

Sets up GCM parameters

setupGCM()
inherited

Setup the key (expansion)

setupKey()
inheritedabstract

Only used if $engine == self::ENGINE_INTERNAL

Note: Must extend by the child \phpseclib3\Crypt* class

see \phpseclib3\Crypt\Common\SymmetricKey::setup()

Unpads a string.

unpad(string $text): string
inherited

If padding is enabled and the reported padding length is invalid the encryption key will be assumed to be wrong and false will be returned.

see \phpseclib3\Crypt\Common\SymmetricKey::pad()
Throws
\LengthException

if the ciphertext's length is not a multiple of the block size

Arguments

$text

string

Response

string

Returns whether or not the algorithm uses an IV

usesIV(): boolean
inherited

Response

boolean

Returns whether or not the algorithm uses a nonce

usesNonce(): boolean
inherited

Response

boolean

Constants

ENCRYPT

ENCRYPT
see

DECRYPT

DECRYPT
see

Encrypt / decrypt using the Counter mode.

MODE_CTR
inherited

Set to -1 since that's what Crypt/Random.php uses to index the CTR mode.

link

http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29

see

Encrypt / decrypt using the Electronic Code Book mode.

MODE_ECB
inherited

Encrypt / decrypt using the Code Book Chaining mode.

MODE_CBC
inherited

Encrypt / decrypt using the Cipher Feedback mode.

MODE_CFB
inherited

Encrypt / decrypt using the Cipher Feedback mode (8bit)

MODE_CFB8
inherited
see

Encrypt / decrypt using the Output Feedback mode (8bit)

MODE_OFB8
inherited
see

Encrypt / decrypt using the Output Feedback mode.

MODE_OFB
inherited

Encrypt / decrypt using Galois/Counter mode.

MODE_GCM
inherited

Encrypt / decrypt using streaming mode.

MODE_STREAM
inherited
see

Mode Map

MODE_MAP
inherited
see

Base value for the internal implementation $engine switch

ENGINE_INTERNAL
inherited
see

Base value for the eval() implementation $engine switch

ENGINE_EVAL
inherited
see

Base value for the mcrypt implementation $engine switch

ENGINE_MCRYPT
inherited
see

Base value for the openssl implementation $engine switch

ENGINE_OPENSSL
inherited
see

Base value for the libsodium implementation $engine switch

ENGINE_LIBSODIUM
inherited
see

Base value for the openssl / gcm implementation $engine switch

ENGINE_OPENSSL_GCM
inherited
see

Engine Reverse Map

ENGINE_MAP
inherited
see

Properties

Part 1 of the state

p1 :string|false
var

Type(s)

string|false

Part 2 of the state

p2 :string|false
var

Type(s)

string|false

Key Length (in bytes)

key_length :integer
var

Type(s)

integer

Encryption buffer for CTR, OFB and CFB modes

enbuffer :array
inherited
see
var

Type(s)

array

Decryption buffer for CTR, OFB and CFB modes

debuffer :array
inherited
see
var

Type(s)

array

Counter

counter :integer
var

Type(s)

integer

Using Generated Poly1305 Key

usingGeneratedPoly1305Key :boolean
var

Type(s)

boolean

The Block Length of the block cipher

block_size :integer
inherited
var

Type(s)

integer

The Encryption Mode

mode :integer
inherited
see
var

Type(s)

integer

The Key

key :string
inherited
see
var

Type(s)

string

HMAC Key

hKey :\phpseclib3\Crypt\Common\?string
inherited
see
var

Type(s)

\phpseclib3\Crypt\Common\?string

The Initialization Vector

iv :string
inherited
see
var

Type(s)

string

A "sliding" Initialization Vector

encryptIV :string
inherited
see
var

Type(s)

string

A "sliding" Initialization Vector

decryptIV :string
inherited
see
var

Type(s)

string

Continuous Buffer status

continuousBuffer :boolean
inherited
see
var

Type(s)

boolean

mcrypt resource for encryption

enmcrypt :resource
inherited

The mcrypt resource can be recreated every time something needs to be created or it can be created just once. Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.

see
var

Type(s)

resource

mcrypt resource for decryption

demcrypt :resource
inherited

The mcrypt resource can be recreated every time something needs to be created or it can be created just once. Since mcrypt operates in continuous mode, by default, it'll need to be recreated when in non-continuous mode.

see
var

Type(s)

resource

Does the enmcrypt resource need to be (re)initialized?

enchanged :boolean
inherited
see
var

Type(s)

boolean

Does the demcrypt resource need to be (re)initialized?

dechanged :boolean
inherited
see
var

Type(s)

boolean

mcrypt resource for CFB mode

ecb :resource
inherited

mcrypt's CFB mode, in (and only in) buffered context, is broken, so phpseclib implements the CFB mode by it self, even when the mcrypt php extension is available.

In order to do the CFB-mode work (fast) phpseclib use a separate ECB-mode mcrypt resource.

link

http://phpseclib.sourceforge.net/cfb-demo.phps

see
var

Type(s)

resource

Optimizing value while CFB-encrypting

cfb_init_len :integer
inherited

Only relevant if $continuousBuffer enabled and $engine == self::ENGINE_MCRYPT

It's faster to re-init $enmcrypt if $buffer bytes > $cfb_init_len than using the $ecb resource furthermore.

This value depends of the chosen cipher and the time it would be needed for it's initialization [by mcrypt_generic_init()] which, typically, depends on the complexity on its internaly Key-expanding algorithm.

see
var

Type(s)

integer

Does internal cipher state need to be (re)initialized?

changed :boolean
inherited
see
var

Type(s)

boolean

Does Eval engie need to be (re)initialized?

nonIVChanged :boolean
inherited
see
var

Type(s)

boolean

Padding status

padding :boolean
inherited
see
var

Type(s)

boolean

Is the mode one that is paddable?

paddable :boolean
inherited
see
var

Type(s)

boolean

Holds which crypt engine internaly should be use, which will be determined automatically on __construct()

engine :integer
inherited

Currently available $engines are:

  • self::ENGINE_LIBSODIUM (very fast, php-extension: libsodium, extension_loaded('libsodium') required)
  • self::ENGINE_OPENSSL_GCM (very fast, php-extension: openssl, extension_loaded('openssl') required)
  • self::ENGINE_OPENSSL (very fast, php-extension: openssl, extension_loaded('openssl') required)
  • self::ENGINE_MCRYPT (fast, php-extension: mcrypt, extension_loaded('mcrypt') required)
  • self::ENGINE_EVAL (medium, pure php-engine, no php-extension required)
  • self::ENGINE_INTERNAL (slower, pure php-engine, no php-extension required)
see
var

Type(s)

integer

Holds the preferred crypt engine

preferredEngine :integer
inherited
see
var

Type(s)

integer

The mcrypt specific name of the cipher

cipher_name_mcrypt :string
inherited

Only used if $engine == self::ENGINE_MCRYPT

link

http://www.php.net/mcrypt_module_open

http://www.php.net/mcrypt_list_algorithms

see
var

Type(s)

string

The openssl specific name of the cipher

cipher_name_openssl :string
inherited

Only used if $engine == self::ENGINE_OPENSSL

link

http://www.php.net/openssl-get-cipher-methods

var

Type(s)

string

The openssl specific name of the cipher in ECB mode

cipher_name_openssl_ecb :string
inherited

If OpenSSL does not support the mode we're trying to use (CTR) it can still be emulated with ECB mode.

link

http://www.php.net/openssl-get-cipher-methods

var

Type(s)

string

The default salt used by setPassword()

password_default_salt :string
inherited
see
var

Type(s)

string

The name of the performance-optimized callback function

inline_crypt :Callback
inherited

Used by encrypt() / decrypt() only if $engine == self::ENGINE_INTERNAL

see
var

Type(s)

Callback

If OpenSSL can be used in ECB but not in CTR we can emulate CTR

openssl_emulate_ctr :boolean
inherited
see
var

Type(s)

boolean

Don't truncate / null pad key

skip_key_adjustment :boolean
inherited
see
var

Type(s)

boolean

Has the key length explicitly been set or should it be derived from the key, itself?

explicit_key_length :boolean
inherited
see
var

Type(s)

boolean

Hash subkey for GHASH

h :\phpseclib3\Math\BinaryField\Integer
inherited

Additional authenticated data

aad :string
inherited
var

Type(s)

string

Authentication Tag produced after a round of encryption

newtag :string
inherited
var

Type(s)

string

Authentication Tag to be verified during decryption

oldtag :string
inherited
var

Type(s)

string

GCM Binary Field

gcmField :\phpseclib3\Math\BinaryField
inheritedstatic

Poly1305 Prime Field

poly1305Field :\phpseclib3\Math\PrimeField
inheritedstatic
see
var

Type(s)

\phpseclib3\Math\PrimeField

Flag for using regular vs "safe" intval

use_reg_intval :boolean
inheritedstatic
see
var

Type(s)

boolean

Poly1305 Key

poly1305Key :string
inherited
see
var

Type(s)

string

Poly1305 Flag

usePoly1305 :boolean
inherited
see
var

Type(s)

boolean

The Original Initialization Vector

origIV :string
inherited

GCM uses the nonce to build the IV but we want to be able to distinguish between nonce-derived IV's and user-set IV's

see
var

Type(s)

string

Nonce

nonce :string
inherited

Only used with GCM. We could re-use setIV() but nonce's can be of a different length and toggling between GCM and other modes could be more complicated if we re-used setIV()

see
var

Type(s)

string