This article mainly introduces the introduction of using openssl to replace mcrypt in PHP7.1. It has a certain reference value. Now I share it with you. Friends in need can refer to it
Use openssl to replace mcrypt in PHP7.1
In PHP development, using mcrypt related functions can easily perform AES encryption and decryption operations, but the mcrypt extension is abandoned in PHP7.1, so you must find another kind of realization. Replacing mcrypt with openssl is already pointed out in the migration manual, but no specific example is given. There are many examples online that can replace most scenarios, but the details are not explained. Similarly, simply using online examples may lead to compatibility issues before and after code replacement in certain code scenarios. Let’s talk about the specific codes and reasons below.
First we give the replacement code directly, and then analyze the problem from the code. (The algorithm analyzed in this article is AES-128-CBC)
Replacement example
The example will show two ways of using mcrypt, mainly in fillingDifferent (filling will be explained below). During the entire encryption and decryption process, a more complete code will automatically implement filling and removal of filling, and a simpler code will directly ignore the filling, but both methods can run normally; in actual development (versions before 7.1), It is recommended to add padding. Please see the following specific example:
mcrypt does not use padding
- ##mcrypt encryption:
$key = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'; $iv = 'aaaaaaaaaaaaaaaa'; $data = 'dataString'; $cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, ''); mcrypt_generic_init($cipher, $key, $iv); $cipherText256 = mcrypt_generic($cipher, $data); mcrypt_generic_deinit($cipher); return bin2hex($cipherText256);
- Openssl encryption code with the same function:
$key = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'; $iv = 'aaaaaaaaaaaaaaaa'; $data = 'dataString'; $data = $data . str_repeat("\x00", 16 - (strlen($data) % 16)); // 双引号可以解析asc-ii码\x00 return bin2hex(openssl_encrypt($data, "AES-256-CBC", $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv));
- mcrypt encryption:
$key = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'; $iv = 'aaaaaaaaaaaaaaaa'; $data = 'dataString'; // 填充(移除填充反着移除即可) $block = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); $pad = $block - (strlen($data) % $block); if ($pad <= $block) { $char = chr($pad); $data .= str_repeat($char, $pad); } $cipher = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, ''); mcrypt_generic_init($cipher, $key, $iv); $cipherText256 = mcrypt_generic($cipher, $data); mcrypt_generic_deinit($cipher); return bin2hex($cipherText256);
- OpenSSL encryption code for the same function:
$key = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'; $iv = 'aaaaaaaaaaaaaaaa'; $data = 'dataString'; return bin2hex(openssl_encrypt($data, 'AES-256-CBC', $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv));
- Why is there filling?
- Why are the names of the algorithms different after replacing them with openssl?
filling and algorithm.
PaddingWhy there is padding starts with the encryption algorithm. Because in the AES-128-CBC algorithm, the string to be encrypted will be segmented into segments every 16 bytes in length and calculated step by step, resulting in segments less than 16 bytes being filled. So there are two types of examples given: one is to use the default filling, and the other is to use independent filling. In the replacement with openssl, how to choose the padding scheme requires understanding of the default and autonomous padding of mcrypt and openssl.- mcrypt default filling In the source code of php, it can be seen that the default filling will be
\x00
, so it must be removed when decrypting Extra. In fact, it is not filled with
\x00is filled. It can be found from the source code that a 16-bit empty string is first applied for, so each byte is
\x00during initialization. In fact, it can be said There is no padding, but it is originally
\x00. The encrypted string obtained by using the default padding will be in the following form:
\x00
. Of course, you can also be lazy and not remove
\x00. Because in php, the string "string\x00" and the string "string" behave the same except for the length, so there seems to be no difference. The following code:
// 尾部包含若干个`\x00` 均可功输出true if ("string\x00" == "string") { // 用双引号可解析\x00 echo true; }
\x00
Example after padding: (Please pay attention to the length of the string, it can be seen that padding with
\x00will affect the length)
- mcrypt Autonomous FillingThe filling algorithm needs to be carried out according to the following algorithm:
- Added padding
/** * 填充算法 * @param string $source * @return string */ function addPKCS7Padding($source) { $source = trim($source); $block = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); $pad = $block - (strlen($source) % $block); if ($pad <= $block) { $char = chr($pad); $source .= str_repeat($char, $pad); } return $source; }
After adding padding, the string is actually as follows Form: - remove padding
/** * 移去填充算法 * @param string $source * @return string */ function stripPKSC7Padding($source) { $source = trim($source); $char = substr($source, -1); $num = ord($char); if ($num == 62) return $source; $source = substr($source, 0, -$num); return $source; }
- openssl default paddingits default The method is consistent with the standard mcrypt's independent filling method, so in the second example, after using the above filling algorithm, it can be directly replaced by openssl_encrypt without causing compatibility issues. The filled encrypted string is in the following form:
It should be noted that it is built-in in openssl_encrypt
and
openssl_decryptFilling and removing filling, so you can use it directly. Unless you need to implement filling independently, there is no need to consider filling
- openssl autonomous filling
openssl_encrypt提供了option参数以支持自主填充,但在查阅php源码中openssl的测试用例代码才找到正确用法:
// if we want to manage our own padding $padded_data = $data . str_repeat(' ', 16 - (strlen($data) % 16)); $encrypted = openssl_encrypt($padded_data, $method, $password, OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING, $iv); $output = openssl_decrypt($encrypted, $method, $password, OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING, $iv); var_dump(rtrim($output));
(备注:如上,
OPENSSL_ZERO_PADDING
并非是为0填充的意思)
由此,我们就可以解释,在第一个示例中openssl_encrypt之前加入了自主点充\x00
的代码原因了
从以上的加、解密针对填充逻辑不同,针对上文中的示例可以很好地解释:
示例1:
mcrypt加密时未使用填充,故以\x00
进行了填充,所以在替换成openssl,需要自主实现\x00
填充。示例2:
mcrypt加密时使用了标准的填充,同时openssl的填充方式也为Introduction to using openssl to replace mcrypt in PHP7.1,故直接使用即可。
分析到这,可以发现,无论是何种填充策略都需注意在加密时加入填充,在解密时则必须要移除填充。至此,上文中示例中的填充相关则分析完成了,接下来我们再看看如何选择替换后的算法。
选择算法
在以上的示例中,有一个问题在于,mcrypt中的AES-128-CBC算法,在openssl中怎么替换成了AES_256?
关于这一点, 我也未找到合理的解释,查看源码一时半会也没找到原因(能力有限~),但通过以下资料,还是完成了功能
openssl 解密 mcrypt AES 数据不兼容问题
Convert mcrypt_generic to openssl_encrypt Ask Question
若是有同学找到原因,欢迎给我留言,谢谢。
总结
对于使用mcrypt AES 进行加密密的部分,若是在替换过程中问题, 可以从算法替换或填充这两方面着手考虑下。同时还是一必须满足的条件是根据不同的填充方式选择, 替换最重要的就要考虑兼容问题,保证替换后不发生任何改变。 虽然只是只是有细微的差别----尾部几个字符串的不同,但若是在多平台中同时进行修改也是一件麻烦事,但变动越少风险越小。
本文只是针对AES算法进行了简单说明,对于其他算法是否适用还有待研究。
以上就是本文的全部内容,希望对大家的学习有所帮助,更多相关内容请关注PHP中文网!
相关推荐:
The above is the detailed content of Introduction to using openssl to replace mcrypt in PHP7.1. For more information, please follow other related articles on the PHP Chinese website!

To protect the application from session-related XSS attacks, the following measures are required: 1. Set the HttpOnly and Secure flags to protect the session cookies. 2. Export codes for all user inputs. 3. Implement content security policy (CSP) to limit script sources. Through these policies, session-related XSS attacks can be effectively protected and user data can be ensured.

Methods to optimize PHP session performance include: 1. Delay session start, 2. Use database to store sessions, 3. Compress session data, 4. Manage session life cycle, and 5. Implement session sharing. These strategies can significantly improve the efficiency of applications in high concurrency environments.

Thesession.gc_maxlifetimesettinginPHPdeterminesthelifespanofsessiondata,setinseconds.1)It'sconfiguredinphp.iniorviaini_set().2)Abalanceisneededtoavoidperformanceissuesandunexpectedlogouts.3)PHP'sgarbagecollectionisprobabilistic,influencedbygc_probabi

In PHP, you can use the session_name() function to configure the session name. The specific steps are as follows: 1. Use the session_name() function to set the session name, such as session_name("my_session"). 2. After setting the session name, call session_start() to start the session. Configuring session names can avoid session data conflicts between multiple applications and enhance security, but pay attention to the uniqueness, security, length and setting timing of session names.

The session ID should be regenerated regularly at login, before sensitive operations, and every 30 minutes. 1. Regenerate the session ID when logging in to prevent session fixed attacks. 2. Regenerate before sensitive operations to improve safety. 3. Regular regeneration reduces long-term utilization risks, but the user experience needs to be weighed.

Setting session cookie parameters in PHP can be achieved through the session_set_cookie_params() function. 1) Use this function to set parameters, such as expiration time, path, domain name, security flag, etc.; 2) Call session_start() to make the parameters take effect; 3) Dynamically adjust parameters according to needs, such as user login status; 4) Pay attention to setting secure and httponly flags to improve security.

The main purpose of using sessions in PHP is to maintain the status of the user between different pages. 1) The session is started through the session_start() function, creating a unique session ID and storing it in the user cookie. 2) Session data is saved on the server, allowing data to be passed between different requests, such as login status and shopping cart content.

How to share a session between subdomains? Implemented by setting session cookies for common domain names. 1. Set the domain of the session cookie to .example.com on the server side. 2. Choose the appropriate session storage method, such as memory, database or distributed cache. 3. Pass the session ID through cookies, and the server retrieves and updates the session data based on the ID.


Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

Hot Tools

MantisBT
Mantis is an easy-to-deploy web-based defect tracking tool designed to aid in product defect tracking. It requires PHP, MySQL and a web server. Check out our demo and hosting services.

SAP NetWeaver Server Adapter for Eclipse
Integrate Eclipse with SAP NetWeaver application server.

ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment

VSCode Windows 64-bit Download
A free and powerful IDE editor launched by Microsoft

SublimeText3 Linux new version
SublimeText3 Linux latest version