<!-- Collection of code snippets by Arne Vajhøj -->
<!-- from articles on eksperten.dk / vajhoej.dk (2004-now) -->
<?php

// generate random IV
function gen_IV($size) {
    return openssl_random_pseudo_bytes($size);
}

// encrypt: binary plain + binary key -> binary cipher
// decrypt: binary cipher + binary key -> binary plain
function encrypt($algchain, $padding, $blksize, $plain, $key) {
    $iv = gen_IV($blksize);
    $temp = openssl_encrypt($plain, $algchain, $key, OPENSSL_RAW_DATA | $padding, $iv);
    return $iv. $temp;
}

function decrypt($algchain, $padding, $blksize, $cipher, $key) {
    $iv = substr($cipher, 0, $blksize);
    $temp = substr($cipher, $blksize, strlen($cipher) - $blksize);
    return openssl_decrypt($temp, $algchain, $key, OPENSSL_RAW_DATA | $padding, $iv);
}

// Base64 encode: binary -> text
// Base64 decode: text -> binary
function encode($b) {
    return base64_encode($b);   
}

function decode($s) {
    return base64_decode($s);
}

// convert text key to binary key
function gen_key($key, $keysize) {
    $hash = hash('sha256', $key, true);
    return substr($hash, 0, $keysize);
}

// encrypt: text plain + text key -> Base64 text cipher
// decrypt: Base64 text cipher + text key -> text plain
function encrypt_encode($algchain, $padding, $blksize, $plain, $key, $keysize) {
    return encode(encrypt($algchain, $padding, $blksize, $plain, gen_key($key, $keysize)));
}

function decode_decrypt($algchain, $padding, $blksize, $cipher, $key, $keysize) {
    return decrypt($algchain, $padding, $blksize, decode($cipher), gen_key($key, $keysize));
}

// test
define('TEXT', 'This is some random text to be used to test encryption.');
define('KEY', 'This is a very long and super secret key that should really be like 4 times as long as keysize');
define('OPENSSL_PKCS5_PADDING', 0); // really just not setting OPENSSL_ZERO_PADDING

function test($label, $algchain, $padding, $keysize, $blksize) {
    echo $label . ":\r\n";
    echo '  ' . TEXT . "\r\n";
    $cipher = encrypt_encode($algchain, $padding, $blksize, TEXT, KEY, $keysize);
    echo '  ' . $cipher . "\r\n";
    $plain = decode_decrypt($algchain, $padding, $blksize, $cipher, KEY, $keysize);
    echo '  ' . $plain . "\r\n";
}

function test2() {
    if(decode_decrypt('AES-128-CBC', OPENSSL_PKCS5_PADDING, 16, 'Xc252As4sZuj12tLJtDk2l60tHxu1hk4FTB0l9IK/q96cWd+Uop4lXcId1hGEmm0SN1Xjua4YqVlr3rvT+Mw4hStrnz3h8TEfdENfUMqLMY=', KEY, 16) != TEXT) {
        echo 'Ooops';
    }
}

test('AES 128 bit', 'AES-128-CBC', OPENSSL_PKCS5_PADDING, 16, 16);
test('AES 192 bit', 'AES-192-CBC', OPENSSL_PKCS5_PADDING, 24, 16);
test('AES 256 bit', 'AES-256-CBC', OPENSSL_PKCS5_PADDING, 32, 16);
test('3DES 168 bit', 'DES-EDE-CBC', OPENSSL_PKCS5_PADDING, 24, 8);
test('CAST5 128 bit', 'CAST5-CBC', OPENSSL_PKCS5_PADDING, 16, 8);
test('IDEA 128 bit', 'IDEA-CBC', OPENSSL_PKCS5_PADDING, 16, 8);
test2();

?>