The return value is a length in bytes. (Not bits, or anything else.)
(PHP 5 >= 5.3.3, PHP 7, PHP 8)
openssl_cipher_iv_length — Gets the cipher iv length
Gets the cipher initialization vector (iv) length.
cipher_algoThe cipher method, see openssl_get_cipher_methods() for a list of potential values.
Returns the cipher length on success, or false on failure.
Emits an E_WARNING level error when the cipher algorithm
is unknown.
Example #1 openssl_cipher_iv_length() example
<?php
$method = 'AES-128-CBC';
$ivlen = openssl_cipher_iv_length($method);
echo $ivlen;
?>The above example will output something similar to:
16
<?php
$ciphers = openssl_get_cipher_methods();
//ECB mode should be avoided
$ciphers = array_filter($ciphers, function ($n) {
return stripos($n, "ecb") === FALSE;
});
// At least as early as Aug 2016, Openssl declared the following weak: RC2, RC4, DES, 3DES, MD5 based
$ciphers = array_filter($ciphers, function ($c) {
return stripos($c, "des") === FALSE;
});
$ciphers = array_filter($ciphers, function ($c) {
return stripos($c, "rc2") === FALSE;
});
$ciphers = array_filter($ciphers, function ($c) {
return stripos($c, "rc4") === FALSE;
});
$ciphers = array_filter($ciphers, function ($c) {
return stripos($c, "md5") === FALSE;
});
if (is_array($ciphers)) {
foreach ($ciphers as $cipher) {
echo $cipher.': ';
echo openssl_cipher_iv_length($cipher);
echo "<br>\n";
}
}
?>
Will be...
AES-xxx-xxx is 16
BF-xxx is 8
CAMELLIA-xxx is 16
CAST5-xxx is 8
IDEA-xxx is 8
SEED-xxx is 16
lower case:
aes-xxx-xxx are mixed between 16 and 12.
id-aes-xxx are mixed between 12 and 8.
The values above are tested with PHP 5.5 - 5.6 on Windows. In PHP 7.x is different than this.