How to securely generate an IV for AES CBC Encryption?

后端未结

关注

 3  469

自闭症患者 2021-01-11 16:39

I work on some crypto stuff.

I use AES 256 with CBC mode
I use OPENSSL

I am aware of the following things (source = wikipedia):

3条回答

礼貌的吻别 (楼主)

2021-01-11 17:12

Just more comfortable to use the same stuff that Thomas sujested:

private function genIv()
{
    $efforts = 0;
    $maxEfforts = 50;
    $wasItSecure = false;

    do
    {
        $efforts+=1;
        $iv = openssl_random_pseudo_bytes(16, $wasItSecure);
        if($efforts == $maxEfforts){
            throw new Exception('Unable to genereate secure iv.');
            break;
        }
    } while (!$wasItSecure);

    return $iv;
}

0 讨论(0)

查看其它3个回答