Monthly Archives: June 2014


webpasswdWebPasswd is a password app that I have been working on, its a self hosted PHP app, that stores usernames and password (along with notes) in an encrypted file.

I’ve released it under the MIT license and available on github at


PKCS#5 Padding with PHP

Here is a quick class for dealing with PKCS#5 style padding.

This padding is useful for encrypting data with DES/AES which have a multi-byte block size. MCrypt will by default pad out to the next block boundary with Null bytes which will show up in the decrypted data.

A good explanation can be found here.

class PKCS5Padding {
  public static function Pad($unpaddedString, $blockSize) {
    $additionalChars = $blockSize - strlen($unpaddedString) % $blockSize;

    $char = chr($additionalChars);

    return $unpaddedString.str_repeat($char, $additionalChars);
  public static function UnPad($paddedString) {
    $additionalChars = ord(substr($paddedString, -1, 1));

    return substr($paddedString, 0, -$additionalChars);

//Example use. $td is the resource returned by mcrypt_module_open
$paddedData = PKCS5Padding::Pad($data, mcrypt_enc_get_block_size($td));