Interesting, using MCRYPT_DEV_URANDOM instead of MCRYPT_DEV_RANDOM seems practically instantaneous. Another less elegant solution I've found is to simply str_pad to the length returned by mcrypt_get_iv_size. Still begs the question though, any idea what's holding up the show w/ MCRYPT_DEV_RANDOM? #morbidcuriosity -nathan On Fri, May 31, 2013 at 12:40 AM, Nathan Nobbe <quickshiftin@xxxxxxxxx>wrote: > Hi folks, > > This code: > > <?php > $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, > MCRYPT_MODE_CBC), MCRYPT_DEV_RANDOM); > var_dump($iv); > > Takes just over a minute to run on my laptop and roughly 45 seconds on a > capable server, any idea why? > > time php test-iv.php > string(32) "????'???H??y?PJ?U?1O;6???ѧ" > > real 0m44.917s > user 0m0.024s > sys 0m0.036s > > Also, I've noticed the mcrypt_encypt & mcrypt_decrypt complain with > > The IV parameter must be as long as the blocksize > > when not using mcrypt_create_iv, however, if the value of the IV parameter > is consistent in both calls, the decryption seems to succeed despite the > warning. > > So wondering: > * can the call to mcrypt_create_iv be sped up > * is there an alternative (faster) way to create a proper iv > * how big a risk is it to 'ride dirty' here and not use mcrypt_create_iv > > thanks, > > -nathan >
