如何在php中删除mcrypt函数 [英] How to remove mcrypt functions in php

问题描述

PHP 7.1中不推荐使用mcrypt模块，因此我必须使用openssl函数重构旧的加密/解密函数.其实我发现没有办法.

The mcrypt module is deprecated in PHP 7.1, so I have to refactor my old encrypt / decrypt functions with the openssl functions. Actually I found no way doing this.

我的主要问题是:该脚本仍然必须能够解密现有的加密数据.我没有机会使用我的函数解密，而再次使用新函数重新加密数据！

My major problem is: The script still must be able to decrypt existing crypted data. I have no chance to decrypt with my function und re-crypt the data with a new function again!

这是我现有的代码:

function _encrypt($cleartext, $key = "th1s1sav3rys3cr3tk3y") {
  if ($cleartext) {
    $td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_ECB, "");
    $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
    mcrypt_generic_init($td, $key, $iv);
    $encrypted_data_raw = mcrypt_generic($td, $cleartext);
    $encrypted_data = bin2hex($encrypted_data_raw);        
    mcrypt_generic_deinit($td);
    return $encrypted_data;
  } else {
    return false;
  }
}

function _decrypt($crypttext, $key = "th1s1sav3rys3cr3tk3y") {
  if ($crypttext) {
    $td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_ECB, "");
    $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
    mcrypt_generic_init($td, $key, $iv);
    $decrypted_data = trim(mcrypt_decrypt(MCRYPT_TripleDES, $key, hex2bin($crypttext), MCRYPT_MODE_ECB, $iv));
    mcrypt_generic_deinit($td);
    return $decrypted_data;
  } else {
    return false;
  }
}

更新:这是我尝试解决的方法-为了获得相同的$ iv，我只用了与旧函数相同的代码，并尝试以此处描述的方式实现它:

UPDATE: This is the way I tried so solve it - to get the same $iv i took simply the same code as in the old function and try to implement it in the way described here: php: mcrypt_encrypt to openssl_encrypt, and OPENSSL_ZERO_PADDING problems

function _encrypt2($cleartext, $key = "th1s1sav3rys3cr3tk3y") {
    $td = mcrypt_module_open(MCRYPT_TripleDES, "", MCRYPT_MODE_ECB, "");
    $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);        
    $message_padded = $cleartext;
    if (strlen($message_padded) % 8) {
        $message_padded = str_pad($message_padded,
        strlen($message_padded) + 8 - strlen($message_padded) % 8, "\0");
    }
    $encrypted_openssl = openssl_encrypt($message_padded, "DES-EDE3-CBC", $key, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING, $iv);
    return bin2hex($encrypted_openssl);
}

希望您能给我很好的提示.

I hope you can give me good hints.

推荐答案

最后，我得到了解决方案-谢谢大家的帮助和支持，他们将我推向正确的方向并提出了正确的问题.我错过的主要事情是ECB模式(我参加了CBC ...).因此，并不需要$ iv的所有东西.

Finally I got the solution - thank you all for your help and support by pushing me into the right direction and asking the right questions. The main thing I missed was ECB-Mode (I took CBC...). So all the stuff with the $iv wasn't really needed.

要在此处完成我的新功能的答案:

To complete the answer here my new functions:

function _encrypt_openssl($cleartext, $key = "th1s1sav3rys3cr3tk3y") {
   if ($m = strlen($cleartext) %8) {
      $cleartext .= str_repeat("\0", 8-$m);
   } 
   $encrypted_openssl = openssl_encrypt($cleartext , "DES-EDE3-ECB", $key, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING, null);
   return bin2hex($encrypted_openssl);
}

function _decrypt_openssl($crypttext, $key = "th1s1sav3rys3cr3tk3y") {
   return openssl_decrypt(hex2bin($crypttext), 'DES-EDE3-ECB', $key, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING, null);
}

这篇关于如何在php中删除mcrypt函数的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！