openssl_get_cipher_methods()
(PHP 5 >= 5.3.0, PHP 7)
获取可用的加密算法
说明
openssl_get_cipher_methods([bool $aliases= false]): array
获取可用的加密算法的列表。
参数
- $aliases
如果密码别名应该包含在返回的array中,则设置为
TRUE
.
返回值
一个包含可用加密算法的array。
范例
openssl_get_cipher_methods() example
展示了哪些加密算法能被找到,哪些别名可用。
<?php $ciphers = openssl_get_cipher_methods(); $ciphers_and_aliases = openssl_get_cipher_methods(true); $cipher_aliases = array_diff($ciphers_and_aliases, $ciphers); //ECB mode should be avoided $ciphers = array_filter( $ciphers, function($n) { return stripos($n,"ecb")===FALSE; } ); //At least as early as Aug 2016, Openssl declared the following weak: RC2, RC4, DES, 3DES, MD5 based $ciphers = array_filter( $ciphers, function($c) { return stripos($c,"des")===FALSE; } ); $ciphers = array_filter( $ciphers, function($c) { return stripos($c,"rc2")===FALSE; } ); $ciphers = array_filter( $ciphers, function($c) { return stripos($c,"rc4")===FALSE; } ); $ciphers = array_filter( $ciphers, function($c) { return stripos($c,"md5")===FALSE; } ); $cipher_aliases = array_filter($cipher_aliases,function($c) { return stripos($c,"des")===FALSE; } ); $cipher_aliases = array_filter($cipher_aliases,function($c) { return stripos($c,"rc2")===FALSE; } ); print_r($ciphers); print_r($cipher_aliases); ?>
以上例程的输出类似于:
Array ( [0] => AES-128-CBC [1] => AES-128-CFB [2] => AES-128-CFB1 [3] => AES-128-CFB8 [5] => AES-128-OFB [6] => AES-192-CBC [7] => AES-192-CFB [8] => AES-192-CFB1 [9] => AES-192-CFB8 [11] => AES-192-OFB [12] => AES-256-CBC [13] => AES-256-CFB [14] => AES-256-CFB1 [15] => AES-256-CFB8 [17] => AES-256-OFB [18] => BF-CBC [19] => BF-CFB [21] => BF-OFB [22] => CAST5-CBC [23] => CAST5-CFB [25] => CAST5-OFB [41] => IDEA-CBC [42] => IDEA-CFB [44] => IDEA-OFB [53] => aes-128-cbc [54] => aes-128-cfb [55] => aes-128-cfb1 [56] => aes-128-cfb8 [58] => aes-128-ofb [59] => aes-192-cbc [60] => aes-192-cfb [61] => aes-192-cfb1 [62] => aes-192-cfb8 [64] => aes-192-ofb [65] => aes-256-cbc [66] => aes-256-cfb [67] => aes-256-cfb1 [68] => aes-256-cfb8 [70] => aes-256-ofb [71] => bf-cbc [72] => bf-cfb [74] => bf-ofb [75] => cast5-cbc [76] => cast5-cfb [78] => cast5-ofb [94] => idea-cbc [95] => idea-cfb [97] => idea-ofb ) Array ( [18] => AES128 [19] => AES192 [20] => AES256 [21] => BF [26] => CAST [27] => CAST-cbc [50] => IDEA [82] => aes128 [83] => aes192 [84] => aes256 [85] => bf [90] => blowfish [91] => cast [92] => cast-cbc [115] => idea )
参见
openssl_get_md_methods()
获取可用的摘要算法
With OpenSSL 1.1.1 this no longer returns the uppercase variants of the name, i.e. `AES-256-CBC` no longer exists but `aes-256-cbc` does. https://github.com/oerdnj/deb.sury.org/issues/990
May be useful for cyphers execution speed. <?php const TEST_COUNT = 100000; const SOURCE = 'Note that HTML tags are not allowed in the posts, but the note formatting is preserved.'; const KEY = "password"; function TESTER( $testing_function, $argument ) { $t = microtime(true); for ($test_iterator = 0; $test_iterator < TEST_COUNT; $test_iterator++) { $testing_function( $argument ); } return round(microtime(true) - $t, 4); } $crypt = function($cipher) { $ivlen = openssl_cipher_iv_length($cipher); $iv = openssl_random_pseudo_bytes($ivlen); openssl_encrypt(SOURCE, $cipher, KEY, $options=0, $iv); }; $methods = openssl_get_cipher_methods(false); array_splice( $methods, 0, count($methods) / 2); $timings = array(); foreach ($methods as $cypher) { $time = TESTER( $crypt, $cypher ); $timings[ $cypher ] = $time; echo str_pad($cypher, 40, ' ', STR_PAD_LEFT), " have time ", str_pad($time, 8, STR_PAD_LEFT), ' seconds. ', PHP_EOL; } uasort($timings, function($a, $b){ return $a <=> $b; }); $min_time = round(reset($timings) / TEST_COUNT, 7); $min_cypher = key($timings); $max_time = round(end($timings) / TEST_COUNT, 7); $max_cypher = key($timings); echo '-------------', PHP_EOL; echo "Total tests: ", count($timings), PHP_EOL; echo "Max timing : {$max_time} seconds for `{$max_cypher}` algorithm.", PHP_EOL; echo "Min timing : {$min_time} seconds for `{$min_cypher}` algorithm.", PHP_EOL; echo 'Details: ', PHP_EOL; foreach ($timings as $m => $t) { echo '- ', str_pad($t, 8, STR_PAD_LEFT), " seconds for `{$m}`", PHP_EOL; } echo PHP_EOL;