By Scrumplex

2017-03-09 13:27:20 8 Comments

So as time moves on mcrypt will go in PHP 7.2. Of course there is an alternative: openssl.

I find it difficult to switch from mcrypt to openssl, using AES 256 CBC and preserving IVs. I am sort of new to cryptography, so I don't really know everything, but I understand the basics.

Let's say I have the following code

function encrypt($masterPassword, $data) 
    $keySize = mcrypt_get_key_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
    $ivSize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
    $iv = mcrypt_create_iv($ivSize, MCRYPT_DEV_URANDOM);
    $key = mb_substr(hash('SHA256', $masterPassword), 0, $keySize);
    $encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $data, MCRYPT_MODE_CBC, $iv);
    return base64_encode($iv . $encrypted);

function decrypt($masterPassword, $base64) 
    $keySize = mcrypt_get_key_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
    $ivSize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC);
    $key = mb_substr(hash('SHA256', $masterPassword), 0, $keySize);
    $data = base64_decode($base64);
    $iv = substr($data, 0, $ivSize);
    $encrypted = substr($data, $ivSize, strlen($data));
    $decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $encrypted, MCRYPT_MODE_CBC, $iv);
    return trim($decrypted);

How can I "convert" this code to use openssl insted of mcrypt?


@Narf 2017-03-09 13:37:05

You can't convert it, because Rijndael-256 is not AES-256, and the OpenSSL extension doesn't ship with Rijndael-256 support.
AES-256 is Rijndael-128 with a 256-bit (32-byte) key.

Unfortunately, you'll have to re-encrypt all of your data.

Edit: Also, the scheme you're currently using has some problems:

  • It lacks authentication (HMACs are the easiest way to do it in PHP)
  • It lacks proper padding (mcrypt pads with zero bytes; you need something like PKCS#5 padding instead), which is required for block mode encryption to be safe.
  • It's not byte-safe (you're using mb_substr())

The good news is that OpenSSL will do PKCS#5 padding for you automatically, but you should go even further and use a solid encryption library like defuse/php-encryption.

@Scrumplex 2017-03-09 15:04:26

Thanks for the small security advice. I will now port my webapp to defuse/php-encryption

Related Questions

Sponsored Content

20 Answered Questions

[SOLVED] Reference — What does this symbol mean in PHP?

38 Answered Questions

[SOLVED] Deleting an element from an array in PHP

  • 2008-12-15 20:28:55
  • Ben
  • 2658761 View
  • 2535 Score
  • 38 Answer
  • Tags:   php arrays unset

28 Answered Questions

[SOLVED] How can I prevent SQL injection in PHP?

13 Answered Questions

[SOLVED] Why shouldn't I use mysql_* functions in PHP?

  • 2012-10-12 13:18:39
  • Madara's Ghost
  • 222383 View
  • 2508 Score
  • 13 Answer
  • Tags:   php mysql

3 Answered Questions

[SOLVED] Decrypt mcrypt with openssl

7 Answered Questions

[SOLVED] How does PHP 'foreach' actually work?

22 Answered Questions

[SOLVED] Laravel requires the Mcrypt PHP extension

4 Answered Questions

[SOLVED] Replace Mcrypt with OpenSSL

  • 2012-04-03 13:06:30
  • maTu
  • 23606 View
  • 20 Score
  • 4 Answer
  • Tags:   php openssl mcrypt

1 Answered Questions

1 Answered Questions

Encrypto in JavaScript and Decrypto in PHP

Sponsored Content