BestHub
Sign in
Information Security 7 min read

Using PHP mcrypt for Symmetric Encryption: DES and AES Code Examples

This article explains symmetric encryption concepts, lists common algorithms, and demonstrates how to use PHP's mcrypt extension to perform DES and AES encryption and decryption in various modes with complete code examples.

Laravel Tech Community
Laravel Tech Community
Laravel Tech Community
Using PHP mcrypt for Symmetric Encryption: DES and AES Code Examples

Symmetric encryption algorithms encrypt plaintext together with a secret key to produce ciphertext; common algorithms include DES, 3DES, Blowfish, RC4, IDEA, AES and others.

In PHP, the mcrypt extension provides functions to list supported algorithms and modes and to perform encryption and decryption using these algorithms.

<?php
$type_list = mcrypt_list_algorithms();  // mcrypt supported algorithm list
$mode_list = mcrypt_list_modes();      // mcrypt supported mode list
print_r($type_list);
print_r($mode_list);
?>

Below is a complete example of DES encryption in ECB mode using mcrypt_des . It shows key derivation, IV creation, padding, encryption, and base64 output.

<?php
$auth_key = 'safe_key';
$salt = '!@#$%';
$content = 'Hello World';
$td = mcrypt_module_open(mcrypt_des, '', 'ecb', ''); // use DES in ECB mode
$iv_size = mcrypt_enc_get_iv_size($td); // get IV size
$iv = mcrypt_create_iv($iv_size, mcrypt_rand); // create IV
$key_size = mcrypt_enc_get_key_size($td); // max key length
$key = substr(md5($auth_key . $salt), 0, $key_size);

mcrypt_generic_init($td, $key, $iv); // initialize
$secret = mcrypt_generic($td, $content); // encrypt

echo base64_encode($secret);

mcrypt_generic_deinit($td);
mcrypt_module_close($td); // close module
?>

The corresponding DES decryption example restores the original plaintext from the base64‑encoded ciphertext.

<?php
$auth_key = 'safe_key';
$salt = '!@#$%';
$secret = 'nzPa0jPaaNca+Yty/HG4PA==';
$td = mcrypt_module_open(mcrypt_des, '', 'ecb', ''); // use DES in ECB mode
$iv_size = mcrypt_enc_get_iv_size($td);
$iv = mcrypt_create_iv($iv_size, mcrypt_rand);
$key_size = mcrypt_enc_get_key_size($td);
$key = substr(md5($auth_key . $salt), 0, $key_size);

mcrypt_generic_init($td, $key, $iv);
$content = mdecrypt_generic($td, base64_decode($secret)); // decrypt

echo $content;

mcrypt_generic_deinit($td);
mcrypt_module_close($td);
?>

AES (Advanced Encryption Standard) is a block cipher standardized by NIST and widely used. It supports five modes: ECB, CBC, CTR, CFB, and OFB. In PHP’s mcrypt extension, the identifiers rijndael-128 , rijndael-192 , and rijndael-256 correspond to AES with different block/key sizes.

Example of AES‑ECB encryption with manual PKCS#7‑style padding and hexadecimal output:

<?php
$auth_key = 'safe_key';
$salt = '!@#$%';
$content = 'Hello World';
$td = mcrypt_module_open(mcrypt_rijndael_128, '', mcrypt_mode_ecb, '');
$iv_size = mcrypt_enc_get_iv_size($td);
$iv = mcrypt_create_iv($iv_size, mcrypt_rand);
$key_size = mcrypt_enc_get_key_size($td);
$key = substr(md5($auth_key . $salt), 0, $key_size);

mcrypt_generic_init($td, $key, $iv);
$block = mcrypt_get_block_size(mcrypt_rijndael_128, mcrypt_mode_ecb);
$pad = $block - (strlen($content) % $block);
$content .= str_repeat(chr($pad), $pad); // pad to 16 bytes
$secret = mcrypt_generic($td, $content);

echo bin2hex($secret);

mcrypt_generic_deinit($td);
mcrypt_module_close($td);
?>

Corresponding AES‑ECB decryption that removes the padding after converting the hex string back to binary:

<?php
$auth_key = 'safe_key';
$salt = '!@#$%';
$secret = 'd62d9e7e8ad4b0f044e4bd971f695a58';
$td = mcrypt_module_open(mcrypt_rijndael_128, '', mcrypt_mode_ecb, '');
$iv_size = mcrypt_enc_get_iv_size($td);
$iv = mcrypt_create_iv($iv_size, mcrypt_rand);
$key_size = mcrypt_enc_get_key_size($td);
$key = substr(md5($auth_key . $salt), 0, $key_size);

mcrypt_generic_init($td, $key, $iv);
$content = mdecrypt_generic($td, hex2bin($secret));
$len = strlen($content);
$ch = ord($content[$len - 1]); // padding byte

echo substr($content, 0, $len - $ch);

mcrypt_generic_deinit($td);
mcrypt_module_close($td);
?>

AES‑CBC mode requires an initialization vector (IV). The following example encrypts and then decrypts data using CBC, demonstrating the use of the same IV for both operations.

<?php
$auth_key = 'safe_key';
$salt = '!@#$%';
$content = 'Hello World';
$td = mcrypt_module_open(mcrypt_rijndael_128, '', mcrypt_mode_cbc, '');
$iv_size = mcrypt_enc_get_iv_size($td);
$iv = mcrypt_create_iv($iv_size, mcrypt_rand);
$key_size = mcrypt_enc_get_key_size($td);
$key = substr(md5($auth_key . $salt), 0, $key_size);

mcrypt_generic_init($td, $key, $iv);
$secret = mcrypt_generic($td, $content); // encrypt

echo bin2hex($secret);

mcrypt_generic_deinit($td);
mcrypt_module_close($td);

// Decrypt using the same key and IV
$td = mcrypt_module_open(mcrypt_rijndael_128, '', mcrypt_mode_cbc, '');
mcrypt_generic_init($td, $key, $iv);

echo mdecrypt_generic($td, $secret); // decrypt

mcrypt_generic_deinit($td);
mcrypt_module_close($td);
?>

These examples illustrate how PHP developers can employ the mcrypt extension to work with symmetric ciphers, choose appropriate modes, handle padding, and manage keys and IVs for secure data protection.

PHPinformation securitySymmetric EncryptionAESDESmcrypt
Laravel Tech Community
Written by

Laravel Tech Community

Specializing in Laravel development, we continuously publish fresh content and grow alongside the elegant, stable Laravel framework.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment