Jump to content



Recommended Posts

Hi Guys,


I need to generate an AES file key (CBC/PKCS7/256bit) using PHP and then obviously need to store the key.


The second phase is to encrypt a string using the key generated and stored above, however for the moment its the key generation that is the issue.


My first thought was to use OpenSSL as it is a library that can be added to any Apache installation.


Any help is greatly appreciated.


Cheers in advance.

Edited by hackalive
Link to comment
Share on other sites

What exactly is the issue?


Maybe your looking for the openssl php extension?




The issue is I can't seem to find how to create a AES (CBC/PKCS7/256bit) key.


I'm open to OpenSSL and mcrypt - although from what I can tell OpenSSL is better?


They keys need to be compatible with Microsoft's CryptoAPI (and I believe OpenSSL is).

Link to comment
Share on other sites

If you look at the manual page given to you, you might have noticed this function:

openssl_pkey_new - Generates a new private key


Use that to generate your new key. See the manual page for the specific details on how it works.


Thanks for that, however I can't see how to specify CBC/PKC7.


I believe private_key_bits would = 256bit (Key Size)?

Link to comment
Share on other sites

So after taking a few minutes to actually read a bit on the subject of AES, it would seem that the key is nothing more than a random string with a certain byte length. As such to generate your key you just need to generate a random string. The openssl function for this would be openssl_random_pseudo_bytes. If you then want to encrypt some data using your newly generated key you would use openssl_encrypt. You'll also need to generate an IV of the same size as your key string and pass that along with the key during encryption or decryption.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.