Adding constants, new structure applied

git-svn-id: https://svn.php.net/repository/phpdoc/en/trunk@89494 c90b9560-bf6c-de11-be94-00142212c4b1
This commit is contained in:
Gabor Hojtsy 2002-07-22 16:58:08 +00:00
parent 6e2d9e7f78
commit 0a5570fffa
2 changed files with 182 additions and 94 deletions

View file

@ -0,0 +1,135 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.1 $ -->
<section id="mcrypt.constants">
&reftitle.constants;
&extension.constants;
<para>
Mcrypt can operate in four block cipher modes (CBC, OFB, CFB, and
ECB). If linked against libmcrypt-2.4.x or higher the functions can also operate
in the block cipher mode nOFB and in STREAM mode. Below you find a list
with all supported encryption modes together with the constants that are
defines for the encryption mode. For a more complete reference and
discussion see &book.applied.cryptography;.
<itemizedlist>
<listitem>
<simpara>
MCRYPT_MODE_ECB (electronic codebook) is suitable for random data,
such as encrypting other keys. Since data there is short and random,
the disadvantages of ECB have a favorable negative effect.
</simpara>
</listitem>
<listitem>
<simpara>
MCRYPT_MODE_CBC (cipher block chaining) is especially suitable for
encrypting files where the security is increased over ECB
significantly.
</simpara>
</listitem>
<listitem>
<simpara>
MCRYPT_MODE_CFB (cipher feedback) is the best mode for encrypting byte
streams where single bytes must be encrypted.
</simpara>
</listitem>
<listitem>
<simpara>
MCRYPT_MODE_OFB (output feedback, in 8bit) is comparable to CFB, but
can be used in applications where error propagation cannot
be tolerated. It's insecure (because it operates in 8bit
mode) so it is not recommended to use it.
</simpara>
</listitem>
<listitem>
<simpara>
MCRYPT_MODE_NOFB (output feedback, in nbit) is comparable to OFB, but
more secure because it operates on the block size of the algorithm.
</simpara>
</listitem>
<listitem>
<simpara>
MCRYPT_MODE_STREAM is an extra mode to include some stream algorithms
like WAKE or RC4.
</simpara>
</listitem>
</itemizedlist>
</para>
<para>
Some other mode and random device constants:
<variablelist>
<varlistentry>
<term>
<constant>MCRYPT_ENCRYPT</constant>
(<link linkend="language.types.integer">integer</link>)
</term>
<listitem>
<simpara>
</simpara>
</listitem>
</varlistentry>
<varlistentry>
<term>
<constant>MCRYPT_DECRYPT</constant>
(<link linkend="language.types.integer">integer</link>)
</term>
<listitem>
<simpara>
</simpara>
</listitem>
</varlistentry>
<varlistentry>
<term>
<constant>MCRYPT_DEV_RANDOM</constant>
(<link linkend="language.types.integer">integer</link>)
</term>
<listitem>
<simpara>
</simpara>
</listitem>
</varlistentry>
<varlistentry>
<term>
<constant>MCRYPT_DEV_URANDOM</constant>
(<link linkend="language.types.integer">integer</link>)
</term>
<listitem>
<simpara>
</simpara>
</listitem>
</varlistentry>
<varlistentry>
<term>
<constant>MCRYPT_RAND</constant>
(<link linkend="language.types.integer">integer</link>)
</term>
<listitem>
<simpara>
</simpara>
</listitem>
</varlistentry>
</variablelist>
</para>
</section>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
sgml-default-dtd-file:"../../../manual.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
-->

View file

@ -1,27 +1,29 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- $Revision: 1.3 $ -->
<!-- $Revision: 1.4 $ -->
<reference id="ref.mcrypt">
<title>Mcrypt Encryption Functions</title>
<titleabbrev>mcrypt</titleabbrev>
<partintro>
<para id="mcrypt.intro">
This is an interface to the mcrypt library, which supports a wide
variety of block algorithms such as DES, TripleDES, Blowfish
(default), 3-WAY, SAFER-SK64, SAFER-SK128, TWOFISH, TEA, RC2 and
GOST in CBC, OFB, CFB and ECB cipher modes. Additionally, it
supports RC6 and IDEA which are considered "non-free".
</para>
<para>
Mcrypt can be used to encrypt and decrypt using the above
mentioned ciphers. If you linked against libmcrypt-2.2.x, the
four important mcrypt commands (<function>mcrypt_cfb</function>,
<function>mcrypt_cbc</function>, <function>mcrypt_ecb</function>,
and <function>mcrypt_ofb</function>) can operate in both modes
which are named MCRYPT_ENCRYPT and MCRYPT_DECRYPT, respectively.
<example>
<title>Encrypt an input value with TripleDES under 2.2.x in ECB mode</title>
<programlisting role="php">
<section id="mcrypt.intro">
&reftitle.intro;
<para>
This is an interface to the mcrypt library, which supports a wide
variety of block algorithms such as DES, TripleDES, Blowfish
(default), 3-WAY, SAFER-SK64, SAFER-SK128, TWOFISH, TEA, RC2 and
GOST in CBC, OFB, CFB and ECB cipher modes. Additionally, it
supports RC6 and IDEA which are considered "non-free".
</para>
<para>
Mcrypt can be used to encrypt and decrypt using the above
mentioned ciphers. If you linked against libmcrypt-2.2.x, the
four important mcrypt commands (<function>mcrypt_cfb</function>,
<function>mcrypt_cbc</function>, <function>mcrypt_ecb</function>,
and <function>mcrypt_ofb</function>) can operate in both modes
which are named MCRYPT_ENCRYPT and MCRYPT_DECRYPT, respectively.
<example>
<title>Encrypt an input value with TripleDES under 2.2.x in ECB mode</title>
<programlisting role="php">
<![CDATA[
<?php
$key = "this is a very secret key";
@ -30,17 +32,17 @@ $input = "Let us meet at 9 o'clock at the secret place.";
$encrypted_data = mcrypt_ecb (MCRYPT_3DES, $key, $input, MCRYPT_ENCRYPT);
?>
]]>
</programlisting>
</example>
This example will give you the encrypted data as a string in
<literal>$encrypted_data</literal>.
</para>
<para>
If you linked against libmcrypt 2.4.x or 2.5.x, these functions are still
available, but it is recommended that you use the advanced functions.
<example>
<title>Encrypt an input value with TripleDES under 2.4.x and higher in ECB mode</title>
<programlisting role="php">
</programlisting>
</example>
This example will give you the encrypted data as a string in
<literal>$encrypted_data</literal>.
</para>
<para>
If you linked against libmcrypt 2.4.x or 2.5.x, these functions are still
available, but it is recommended that you use the advanced functions.
<example>
<title>Encrypt an input value with TripleDES under 2.4.x and higher in ECB mode</title>
<programlisting role="php">
<![CDATA[
<?php
$key = "this is a very secret key";
@ -53,15 +55,16 @@ $encrypted_data = mcrypt_ecb (MCRYPT_3DES, $key, $input, MCRYPT_ENCRYPT);
mcrypt_generic_end ($td);
?>
]]>
</programlisting>
</example>
This example will give you the encrypted data as a string in
<literal>$encrypted_data</literal>. For a full example see
<function>mcrypt_module_open</function>.
</para>
</programlisting>
</example>
This example will give you the encrypted data as a string in
<literal>$encrypted_data</literal>. For a full example see
<function>mcrypt_module_open</function>.
</para>
</section>
<section id="mcrypt.requirements">
<title>Requirements</title>
&reftitle.required;
<para>
These functions work using <ulink url="&url.mcrypt;">mcrypt</ulink>.
</para>
@ -75,7 +78,7 @@ $encrypted_data = mcrypt_ecb (MCRYPT_3DES, $key, $input, MCRYPT_ENCRYPT);
</section>
<section id="mcrypt.installation">
<title>Installation</title>
&reftitle.install;
<para>
To use it, download libmcrypt-x.x.tar.gz from <ulink
url="&url.mcrypt;">here</ulink> and follow the included installation
@ -87,71 +90,21 @@ $encrypted_data = mcrypt_ecb (MCRYPT_3DES, $key, $input, MCRYPT_ENCRYPT);
</section>
<section id="mcrypt.configuration">
<title>Runtime Configuration</title>
&reftitle.runtime;
<para>
<!-- add configuration directives -->
</para>
</section>
<section id="mcrypt.resources">
<title>Resource types</title>
&no.resource;
&reftitle.resources;
&no.resource;
</section>
<section id="mcrypt.constants">
<title>Predefined constants</title>
<para>
Mcrypt can operate in four block cipher modes (CBC, OFB, CFB, and
ECB). If linked against libmcrypt-2.4.x or higher the functions can also operate
in the block cipher mode nOFB and in STREAM mode. Below you find a list
with all supported encryption modes together with the constants that are
defines for the encryption mode. For a more complete reference and
discussion see &book.applied.cryptography;.
<itemizedlist>
<listitem>
<simpara>
MCRYPT_MODE_ECB (electronic codebook) is suitable for random data,
such as encrypting other keys. Since data there is short and random,
the disadvantages of ECB have a favorable negative effect.
</simpara>
</listitem>
<listitem>
<simpara>
MCRYPT_MODE_CBC (cipher block chaining) is especially suitable for
encrypting files where the security is increased over ECB
significantly.
</simpara>
</listitem>
<listitem>
<simpara>
MCRYPT_MODE_CFB (cipher feedback) is the best mode for encrypting byte
streams where single bytes must be encrypted.
</simpara>
</listitem>
<listitem>
<simpara>
MCRYPT_MODE_OFB (output feedback, in 8bit) is comparable to CFB, but
can be used in applications where error propagation cannot
be tolerated. It's insecure (because it operates in 8bit
mode) so it is not recommended to use it.
</simpara>
</listitem>
<listitem>
<simpara>
MCRYPT_MODE_NOFB (output feedback, in nbit) is comparable to OFB, but
more secure because it operates on the block size of the algorithm.
</simpara>
</listitem>
<listitem>
<simpara>
MCRYPT_MODE_STREAM is an extra mode to include some stream algorithms
like WAKE or RC4.
</simpara>
</listitem>
</itemizedlist>
</para>
&reference.mcrypt.constants;
<section id="mcrypt.ciphers">
<title>Mcrypt ciphers</title>
<para>
Here is a list of ciphers which are currently supported by the mcrypt
extension. For a complete list of supported ciphers, see the defines at