Preparing for removal of Mcrypt in PHP 7.2

感情迁移 提交于 2019-12-16 20:05:34

问题


So as time moves on mcrypt will go in PHP 7.2. Of course there is an alternative: openssl.

I find it difficult to switch from mcrypt to openssl, using AES 256 CBC and preserving IVs. I am sort of new to cryptography, so I don't really know everything, but I understand the basics.

Let's say I have the following code

function encrypt($masterPassword, $data) 
{
    $keySize = mcrypt_get_key_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
    $ivSize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
    $iv = mcrypt_create_iv($ivSize, MCRYPT_DEV_URANDOM);
    $key = mb_substr(hash('SHA256', $masterPassword), 0, $keySize);
    $encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $data, MCRYPT_MODE_CBC, $iv);
    return base64_encode($iv . $encrypted);
}

function decrypt($masterPassword, $base64) 
{
    $keySize = mcrypt_get_key_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
    $ivSize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
    $key = mb_substr(hash('SHA256', $masterPassword), 0, $keySize);
    $data = base64_decode($base64);
    $iv = substr($data, 0, $ivSize);
    $encrypted = substr($data, $ivSize, strlen($data));
    $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $encrypted, MCRYPT_MODE_CBC, $iv);
    return trim($decrypted);
}

How can I "convert" this code to use openssl insted of mcrypt?


回答1:


You can't convert it, because Rijndael-256 is not AES-256, and the OpenSSL extension doesn't ship with Rijndael-256 support.
AES-256 is Rijndael-128 with a 256-bit (32-byte) key.

Unfortunately, you'll have to re-encrypt all of your data.

Edit: Also, the scheme you're currently using has some problems:

  • It lacks authentication (HMACs are the easiest way to do it in PHP)
  • It lacks proper padding (mcrypt pads with zero bytes; you need something like PKCS#5 padding instead), which is required for block mode encryption to be safe.
  • It's not byte-safe (you're using mb_substr())

The good news is that OpenSSL will do PKCS#5 padding for you automatically, but you should go even further and use a solid encryption library like defuse/php-encryption.



来源:https://stackoverflow.com/questions/42696657/preparing-for-removal-of-mcrypt-in-php-7-2

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!