PHP Conference Nagoya 2025

openssl_cipher_iv_length

(PHP 5 >= 5.3.3, PHP 7, PHP 8)

openssl_cipher_iv_lengthGets the cipher iv length

Description

openssl_cipher_iv_length(string $cipher_algo): int|false

Gets the cipher initialization vector (iv) length.

Parameters

cipher_algo

The cipher method, see openssl_get_cipher_methods() for a list of potential values.

Return Values

Returns the cipher length on success, or false on failure.

Errors/Exceptions

Emits an E_WARNING level error when the cipher algorithm is unknown.

Examples

Example #1 openssl_cipher_iv_length() example

<?php
$method
= 'AES-128-CBC';
$ivlen = openssl_cipher_iv_length($method);

echo
$ivlen;
?>

The above example will output something similar to:

16
add a note

User Contributed Notes 2 notes

up
13
Tim Hunt
9 years ago
The return value is a length in bytes. (Not bits, or anything else.)
up
-2
Vee W.
6 years ago
<?php
$ciphers
= openssl_get_cipher_methods();

//ECB mode should be avoided
$ciphers = array_filter($ciphers, function ($n) {
return
stripos($n, "ecb") === FALSE;
});

// At least as early as Aug 2016, Openssl declared the following weak: RC2, RC4, DES, 3DES, MD5 based
$ciphers = array_filter($ciphers, function ($c) {
return
stripos($c, "des") === FALSE;
});
$ciphers = array_filter($ciphers, function ($c) {
return
stripos($c, "rc2") === FALSE;
});
$ciphers = array_filter($ciphers, function ($c) {
return
stripos($c, "rc4") === FALSE;
});
$ciphers = array_filter($ciphers, function ($c) {
return
stripos($c, "md5") === FALSE;
});

if (
is_array($ciphers)) {
foreach (
$ciphers as $cipher) {
echo
$cipher.': ';
echo
openssl_cipher_iv_length($cipher);
echo
"<br>\n";
}
}
?>

Will be...
AES-xxx-xxx is 16
BF-xxx is 8
CAMELLIA-xxx is 16
CAST5-xxx is 8
IDEA-xxx is 8
SEED-xxx is 16

lower case:
aes-xxx-xxx are mixed between 16 and 12.
id-aes-xxx are mixed between 12 and 8.
The values above are tested with PHP 5.5 - 5.6 on Windows. In PHP 7.x is different than this.
To Top