openssl_get_cipher_methods

(PHP 5 >= 5.3.0, PHP 7)

openssl_get_cipher_methodsRécupère la liste des méthodes cipher disponibles

Description

openssl_get_cipher_methods ([ bool $aliases = FALSE ] ) : array

Récupère la liste des méthodes cipher disponibles.

Liste de paramètres

aliases

Passez TRUE si vous voulez que les alias de cipher soient inclus dans le tableau retourné.

Valeurs de retour

Un array des méthodes cipher disponibles.

Exemples

Exemple #1 Exemple openssl_get_cipher_methods()

Montre à quoi ressemblent les ciphers disponibles, ainsi que les alias disponibles.

<?php
$ciphers             
openssl_get_cipher_methods();
$ciphers_and_aliases openssl_get_cipher_methods(true);
$cipher_aliases      array_diff($ciphers_and_aliases$ciphers);

//ECB mode should be avoided
$ciphers array_filter$ciphers, function($n) { return stripos($n,"ecb")===FALSE; } );

//At least as early as Aug 2016, Openssl declared the following weak: RC2, RC4, DES, 3DES, MD5 based
$ciphers array_filter$ciphers, function($c) { return stripos($c,"des")===FALSE; } );
$ciphers array_filter$ciphers, function($c) { return stripos($c,"rc2")===FALSE; } );
$ciphers array_filter$ciphers, function($c) { return stripos($c,"rc4")===FALSE; } );
$ciphers array_filter$ciphers, function($c) { return stripos($c,"md5")===FALSE; } );
$cipher_aliases array_filter($cipher_aliases,function($c) { return stripos($c,"des")===FALSE; } );
$cipher_aliases array_filter($cipher_aliases,function($c) { return stripos($c,"rc2")===FALSE; } );

print_r($ciphers);
print_r($cipher_aliases);
?>

L'exemple ci-dessus va afficher quelque chose de similaire à :

Array
(
    [0] => AES-128-CBC
    [1] => AES-128-CFB
    [2] => AES-128-CFB1
    [3] => AES-128-CFB8
    [5] => AES-128-OFB
    [6] => AES-192-CBC
    [7] => AES-192-CFB
    [8] => AES-192-CFB1
    [9] => AES-192-CFB8
    [11] => AES-192-OFB
    [12] => AES-256-CBC
    [13] => AES-256-CFB
    [14] => AES-256-CFB1
    [15] => AES-256-CFB8
    [17] => AES-256-OFB
    [18] => BF-CBC
    [19] => BF-CFB
    [21] => BF-OFB
    [22] => CAST5-CBC
    [23] => CAST5-CFB
    [25] => CAST5-OFB
    [41] => IDEA-CBC
    [42] => IDEA-CFB
    [44] => IDEA-OFB
    [53] => aes-128-cbc
    [54] => aes-128-cfb
    [55] => aes-128-cfb1
    [56] => aes-128-cfb8
    [58] => aes-128-ofb
    [59] => aes-192-cbc
    [60] => aes-192-cfb
    [61] => aes-192-cfb1
    [62] => aes-192-cfb8
    [64] => aes-192-ofb
    [65] => aes-256-cbc
    [66] => aes-256-cfb
    [67] => aes-256-cfb1
    [68] => aes-256-cfb8
    [70] => aes-256-ofb
    [71] => bf-cbc
    [72] => bf-cfb
    [74] => bf-ofb
    [75] => cast5-cbc
    [76] => cast5-cfb
    [78] => cast5-ofb
    [94] => idea-cbc
    [95] => idea-cfb
    [97] => idea-ofb
)
Array
(
    [18] => AES128
    [19] => AES192
    [20] => AES256
    [21] => BF
    [26] => CAST
    [27] => CAST-cbc
    [50] => IDEA
    [82] => aes128
    [83] => aes192
    [84] => aes256
    [85] => bf
    [90] => blowfish
    [91] => cast
    [92] => cast-cbc
    [115] => idea
)

Voir aussi

add a note add a note

User Contributed Notes 2 notes

up
4
Alasdair
1 year ago
With OpenSSL 1.1.1 this no longer returns the uppercase variants of the name, i.e. `AES-256-CBC` no longer exists but `aes-256-cbc` does.

https://github.com/oerdnj/deb.sury.org/issues/990
up
0
karel dot wintersky at gmail dot com
2 years ago
May be useful for cyphers execution speed.

<?php

const TEST_COUNT = 100000;
const
SOURCE = 'Note that HTML tags are not allowed in the posts, but the note formatting is preserved.';
const
KEY = "password";

function
TESTER( $testing_function, $argument )
{
   
$t = microtime(true);

    for (
$test_iterator = 0; $test_iterator < TEST_COUNT; $test_iterator++) {
       
$testing_function( $argument );
    }
    return
round(microtime(true) - $t, 4);
}

$crypt = function($cipher) {
   
$ivlen = openssl_cipher_iv_length($cipher);
   
$iv = openssl_random_pseudo_bytes($ivlen);
   
openssl_encrypt(SOURCE, $cipher, KEY, $options=0, $iv);
};

$methods = openssl_get_cipher_methods(false);

array_splice( $methods, 0, count($methods) / 2);

$timings = array();

foreach (
$methods as $cypher) {
   
$time = TESTER( $crypt, $cypher );
   
$timings[ $cypher ] = $time;
    echo
str_pad($cypher, 40, ' ', STR_PAD_LEFT), " have time  ", str_pad($time, 8, STR_PAD_LEFT), ' seconds. ', PHP_EOL;
}

uasort($timings, function($a, $b){
    return
$a <=> $b;
});

$min_time = round(reset($timings) / TEST_COUNT, 7);
$min_cypher = key($timings);

$max_time = round(end($timings) / TEST_COUNT, 7);
$max_cypher = key($timings);

echo
'-------------', PHP_EOL;
echo
"Total tests: ", count($timings), PHP_EOL;
echo
"Max timing : {$max_time} seconds for `{$max_cypher}` algorithm.", PHP_EOL;
echo
"Min timing : {$min_time} seconds for `{$min_cypher}` algorithm.", PHP_EOL;

echo
'Details: ', PHP_EOL;

foreach (
$timings as $m => $t) {
    echo
'- ', str_pad($t, 8, STR_PAD_LEFT), " seconds for `{$m}`"PHP_EOL;
}

echo
PHP_EOL;
To Top