-
-
Save srsbiz/8373451ed3450c0548c3 to your computer and use it in GitHub Desktop.
<?php | |
function encrypt_mcrypt($msg, $key, $iv = null) { | |
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); | |
if (!$iv) { | |
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); | |
} | |
$pad = $iv_size - (strlen($msg) % $iv_size); | |
$msg .= str_repeat(chr($pad), $pad); | |
$encryptedMessage = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $msg, MCRYPT_MODE_CBC, $iv); | |
return base64_encode($iv . $encryptedMessage); | |
} | |
function decrypt_mcrypt($payload, $key) { | |
$raw = base64_decode($payload); | |
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); | |
$iv = substr($raw, 0, $iv_size); | |
$data = substr($raw, $iv_size); | |
$result = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, $iv); | |
$ctrlchar = substr($result, -1); | |
$ord = ord($ctrlchar); | |
if ($ord < $iv_size && substr($result, -ord($ctrlchar)) === str_repeat($ctrlchar, $ord)) { | |
$result = substr($result, 0, -ord($ctrlchar)); | |
} | |
return $result; | |
} | |
function encrypt_openssl($msg, $key, $iv = null) { | |
$iv_size = openssl_cipher_iv_length('AES-128-CBC'); | |
if (!$iv) { | |
$iv = openssl_random_pseudo_bytes($iv_size); | |
} | |
$encryptedMessage = openssl_encrypt($msg, 'AES-128-CBC', $key, OPENSSL_RAW_DATA, $iv); | |
return base64_encode($iv . $encryptedMessage); | |
} | |
function decrypt_openssl($payload, $key) { | |
$raw = base64_decode($payload); | |
$iv_size = openssl_cipher_iv_length('AES-128-CBC'); | |
$iv = substr($raw, 0, $iv_size); | |
$data = substr($raw, $iv_size); | |
return openssl_decrypt($data, 'AES-128-CBC', $key, OPENSSL_RAW_DATA, $iv); | |
} |
AES-256 refers to the key size, where the 256 in RIJNDAEL refers to block size
The above code work only if the MCRYPT_RIJNDAEL_128 encryption is made using a 128bit keysize.
Below the code to be able to decrypt MCRYPT_RIJNDAEL_128 encrypted using a 256 bit keylen
// ZERO Padding ISO/IEC 9797-1, ISO/IEC 10118-1
function pad_zero($data) {
$len = mcrypt_get_block_size (MCRYPT_RIJNDAEL_128,MCRYPT_MODE_CBC);
if (strlen($data) % $len) {
$padLength = $len - strlen($data) % $len;
$data .= str_repeat("\0", $padLength);
}
return $data;
}
function encrypt_openssl($msg, $key, $iv) {
$encryptedMessage = openssl_encrypt(pad_zero($msg), 'AES-256-CBC', $key, OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING , $iv);
return $iv . $encryptedMessage;
}
function decrypt_openssl($data, $key) {
$iv_size = openssl_cipher_iv_length('AES-256-CBC');
$iv = substr($data, 0, $iv_size);
$data = substr($data, $iv_size);
$decrypted = openssl_decrypt($data, 'AES-256-CBC', $key,OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING , $iv);
$decrypted = rtrim($decrypted, chr(0));
return $decrypted;
@waltzie thx.
I migrate from php 7.0 to 7.2 and remove mcrypt extension.
For correct encrypting data by openssl AES-128-CBC your example work fine
$json = ''; // your data for encrypt
$key = ''; // your key for encrypt
$cipher = "AES-128-CBC";
$options = OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING;
$ivSize = openssl_cipher_iv_length($cipher);`
$iv = openssl_random_pseudo_bytes($ivSize);
$cipherText = openssl_encrypt(pad_zero($json), $cipher, $this->key, $options, $iv);
$cipherText = $iv . $cipherText;
public function pad_zero($data)
{
$len = 16;
if (strlen($data) % $len) {
$padLength = $len - strlen($data) % $len;
$data .= str_repeat("\0", $padLength);
}
return $data;
}
$pad = $ivSize - (strlen($plainText) % $ivSize); $plainText .= str_repeat(chr($pad), $pad);
Very helpful for me. Thank you!
thanks @pzhuchkov.
Was able to replace the old mcrypt with some small changes!
Using "AES-256-CBC" instad of the 128 to replace the MCRYPT_RIJNDAEL_128.
Thanks for the @srsbiz and @oliverdotbecker! That last clue (AES-256-CBC) was instrumental to help my problem!
It worked for me, thank you so much @srsbiz
thank you