Php Generate Random 256 Bit Key
Oct 05, 2016 The RNGCryptoServiceProvider class will generate random bytes in a fixed-length byte array. Cryptographic algorithms require keys of specific length such as 32-bit or 256-bit keys. The following code shows an example of generating a random byte array.
- Generating an AES key. An AES key is a random bitstring of the right length. For a 128-bit AES key you need 16 bytes. For a 256-bit AES key you need 32 bytes. If you need to generate your own AES key for encrypting data, you should use a good random source. The strength of the key depends on the unpredictability of the random.
- How can I securely generate a key suitable for hashing data with AES 256 using PHP? I've tried Googling and found plenty of information about how to encrypt data using AES 256 using PHP, however all of these examples used existing pre-generated keys, wheras I need to generate the key in PHP.
<?php |
// DEFINE our cipher |
define('AES_256_CBC', 'aes-256-cbc'); |
// Generate a 256-bit encryption key |
// This should be stored somewhere instead of recreating it each time |
$encryption_key = openssl_random_pseudo_bytes(32); |
// Generate an initialization vector |
// This *MUST* be available for decryption as well |
$iv = openssl_random_pseudo_bytes(openssl_cipher_iv_length(AES_256_CBC)); |
// Create some data to encrypt |
$data = 'Encrypt me, please!'; |
echo'Before encryption: $datan'; |
// Encrypt $data using aes-256-cbc cipher with the given encryption key and |
// our initialization vector. The 0 gives us the default options, but can |
// be changed to OPENSSL_RAW_DATA or OPENSSL_ZERO_PADDING |
$encrypted = openssl_encrypt($data, AES_256_CBC, $encryption_key, 0, $iv); |
echo'Encrypted: $encryptedn'; |
// If we lose the $iv variable, we can't decrypt this, so: |
// - $encrypted is already base64-encoded from openssl_encrypt |
// - Append a separator that we know won't exist in base64, ':' |
// - And then append a base64-encoded $iv |
$encrypted = $encrypted . ':' . base64_encode($iv); |
// To decrypt, separate the encrypted data from the initialization vector ($iv). |
$parts = explode(':', $encrypted); |
// $parts[0] = encrypted data |
// $parts[1] = base-64 encoded initialization vector |
// Don't forget to base64-decode the $iv before feeding it back to |
//openssl_decrypt |
$decrypted = openssl_decrypt($parts[0], AES_256_CBC, $encryption_key, 0, base64_decode($parts[1])); |
echo'Decrypted: $decryptedn'; |
?> |
Chilkat • HOME • Android™ • Classic ASP • C • C++ • C# • Mono C# • .NET Core C# • C# UWP/WinRT • DataFlex • Delphi ActiveX • Delphi DLL • Visual FoxPro • Java • Lianja • MFC • Objective-C • Perl • PHP ActiveX • PHP Extension • PowerBuilder • PowerShell • PureBasic • CkPython • Chilkat2-Python • Ruby • SQL Server • Swift 2 • Swift 3/4 • Tcl • Unicode C • Unicode C++ • Visual Basic 6.0 • VB.NET • VB.NET UWP/WinRT • VBScript • Xojo Plugin • Node.js • Excel • Go
| Discusses symmetric encryption key generation techniques for block encryption algorithms such as AES, Blowfish, and Twofish, or for other algorithms such as ChaCha20.
|
© 2000-2020 Chilkat Software, Inc. All Rights Reserved.