If you switch from PHP 5.x to 7.1 you will get the following message:
"Function mcrypt_encrypt() is deprecated"
Now it is the right time to refactor this old function :-)
function encrypt(string $data, string $key, string $method): string
{
$ivSize = openssl_cipher_iv_length($method);
$iv = openssl_random_pseudo_bytes($ivSize);
$encrypted = openssl_encrypt($data, $method, $key, OPENSSL_RAW_DATA, $iv);
// For storage/transmission, we simply concatenate the IV and cipher text
$encrypted = base64_encode($iv . $encrypted);
return $encrypted;
}
function decrypt(string $data, string $key, string $method): string
{
$data = base64_decode($data);
$ivSize = openssl_cipher_iv_length($method);
$iv = substr($data, 0, $ivSize);
$data = openssl_decrypt(substr($data, $ivSize), $method, $key, OPENSSL_RAW_DATA, $iv);
return $data;
}
$data = 'plain text or binary data';
// ECB encrypts each block of data independently and
// the same plaintext block will result in the same ciphertext block.
//$method = 'AES-256-ECB';
// CBC has an IV and thus needs randomness every time a message is encrypted
$method = 'AES-256-CBC';
// simple password hash
$password = 'secret-password-as-string';
$key = hash('sha256', $password);
// Most secure
// You must store this secret random key in a safe place of your system.
//$key = openssl_random_pseudo_bytes(openssl_cipher_iv_length($method));
echo "Method: " . $method . "\n";
$encrypted = encrypt($data, $key, $method);
echo "Encrypted: ". $encrypted . "\n";
$decrypted = decrypt($encrypted, $key, $method);
echo "Decrypted: ". $decrypted . "\n"; // plain text
To get a list of all openssl_encrypt methods use:
print_r(openssl_get_cipher_methods());