Introduction to replacing MCrypt with OpenSSL in PHP7.1

Source: Internet
Author: User
Tags mcrypt

This article mainly introduces the introduction of using OpenSSL to replace MCrypt in PHP7.1, has a certain reference value, now share to everyone, the need for friends can refer to

Replace MCrypt with OpenSSL in PHP7.1

In PHP development, the use of MCrypt-related functions can be easily AES encryption, decryption operations, but PHP7.1 mcrypt extension, so it is necessary to find another implementation. Using OpenSSL instead of mcrypt has been pointed out in the migration manual, but no specific examples have been given. There are many examples on the web that can replace most of the scenes, but they are not explained in detail. Similarly, simply using the online sample in a code scenario might lead to compatibility issues before and after code substitution, and here's a discussion of the specific code and why.

First we give the replacement code directly, and then we analyze the problem from the code. (the algorithm analyzed in this article is AES-128-CBC)

Replace Example

The example shows how the two mcrypt are used, mainly in terms of padding (the fill is explained below). Throughout the addition and decryption process, a little bit more complete code will be the self-implementation of the fill, remove the fill, simple code will directly ignore the fill, but both methods can run normally, in the actual development (prior to 7.1 version), it is recommended to add padding. Take a look at the following specific examples:

  1. MCrypt not using padding

      • MCrypt Encryption:

          $key = ' aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa ';   $iv = ' aaaaaaaaaaaaaaaa ';  $data = ' datastring ';  $cipher = Mcrypt_module_open (mcrypt_rijndael_128, ', MCRYPT_MODE_CBC, ');  Mcrypt_generic_init ($cipher, $key, $iv);  $cipherText mcrypt_generic = ($cipher, $data);  Mcrypt_generic_deinit ($cipher);  Return Bin2Hex ($cipherText 256);
      • The same functionality of the OpenSSL encryption code:

          $key = ' aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa ';   $iv = ' aaaaaaaaaaaaaaaa ';  $data = ' datastring ';  $data = $data. Str_repeat ("\x00", 16 (strlen ($data)%)); Double quotes can parse asc-ii code \x00  return Bin2Hex (Openssl_encrypt ($data, "AES-256-CBC", $key, Openssl_raw_data | Openssl_zero_padding, $iv));
  2. MCrypt using padding

      • MCrypt encryption:

         $key = '   Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa ';  $iv = ' aaaaaaaaaaaaaaaa ';  $data = ' datastring ';  Fill (remove fill reverse) $block = Mcrypt_get_block_size (mcrypt_rijndael_128, MCRYPT_MODE_CBC);  $pad = $block-(strlen ($data)% $block);      if ($pad <= $block) {$char = Chr ($pad);  $data. = Str_repeat ($char, $pad);  } $cipher = Mcrypt_module_open (mcrypt_rijndael_128, ' ', MCRYPT_MODE_CBC, ');  Mcrypt_generic_init ($cipher, $key, $IV);  $cipherText mcrypt_generic = ($cipher, $data);  Mcrypt_generic_deinit ($cipher);
         Return Bin2Hex ($cipherText); 
      • The same function of the OpenSSL encryption code:

         $key = ' aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa ';  $iv = ' aaaaaaaaaaaaaaaa ';  $data = ' datastring '; Return Bin2Hex (Openssl_encrypt ($data, ' AES-256-CBC ', $key, Openssl_raw_data |
        Openssl_zero_padding, $iv)); 

All of the examples above can be run successfully, with the first example (not using a fill, but populating in OpenSSL) and the second example (using padding, unused padding in OpenSSL) the same output before and after the substitution, with no compatibility issues. You can choose different alternatives depending on how the code is populated, but there are three details that need to be explained

    1. Why should I have a fill?

    2. Why is the name of the algorithm different after using OpenSSL replacement?

The next step is to specifically analyze the fill , algorithm .


The reason why there is padding is to start with the encryption algorithm. Because in the AES-128-CBC algorithm, the string to be encrypted is segmented by the length of every 16 bytes, which causes the segments with less than 16byte to be populated. So there are two types of examples: one is to use the default padding, and the other is to populate it autonomously. In the replacement with OpenSSL, how to select the Fill scheme requires an understanding of the default and autonomic padding for mcrypt and OpenSSL.

  • MCrypt default Padding

    In the source code of PHP, you can see that the default will be \x00 filled, in fact, not to \x00 fill, from the source can be found, the first application of a 16-bit empty string, so the initialization of each byte is \x00 , in fact, it can be said that there is no padding, but it is \x00, the encrypted string that you get with the default padding is the following form:

    Therefore, the decryption is to remove the superfluous \x00 . Of course, you can also be lazy and not remove \x00 . Because in PHP the string "string\x00" and string "strings" in addition to the length of the other than the same, the other performance is consistent, so there is no difference in appearance, the following code:

       The tail contains a number of ' \x00 ' can be output true   if ("string\x00" = = "string") {//in double quotes to parse \x00       echo true;   }

    \x00Post-populated example: (note the length of the string so that \x00 padding affects the length)

  • MCrypt Self-filling

    The filling algorithm is performed with the following algorithm:

      • Add padding


        is populated after the string actually looks like this:

      • Remove padding

        /** * Remove Fill algorithm * @param      String $source * @return String */function strippksc7padding ($source) {$source = Trim ($source);      $char = substr ($source,-1);      $num = Ord ($char);      if ($num = =) return $source;      $source = substr ($source, 0,-$num);  return $source; }
  • OpenSSL default padding

    The default mode is the same as the standard MCrypt, so in the second example, after using the fill algorithm as above, you can use the openssl_encrypt substitution directly without creating compatibility problems. The following form of the filled encrypted string:

    It is important to note that fill and openssl_encrypt remove fills are built in with, openssl_decrypt so you can use them directly, but you don't need to consider padding unless you need to implement the fill autonomously.

  • OpenSSL self-filling

    Openssl_encrypt provides the option parameter to support autonomic padding, but the test case code for OpenSSL in the lookup php source finds the correct usage:

       If we want to manage our own padding  $padded _data = $data. Str_repeat ("," (strlen ($data)%));  $encrypted = Openssl_encrypt ($padded _data, $method,     $password, openssl_raw_data| Openssl_zero_padding, $IV);  $output = Openssl_decrypt ($encrypted, $method, $password, openssl_raw_data| Openssl_zero_padding, $IV);  Var_dump (RTrim ($output));

    (Note: As above, OPENSSL_ZERO_PADDING is not meant for 0 padding)
    As a result, we can explain that in the first example, Openssl_encrypt was added to the code reason for self-charging. \x00

The above addition and decryption are different for the fill logic, which is well explained in the example above:

    • Example 1:
      The MCrypt is not populated when it is encrypted, \x00 so it is populated so that it is replaced with OpenSSL and requires a self-fulfilling \x00 fill.

    • Example 2:
      MCrypt encryption uses a standard fill, and OpenSSL is filled with a standard fill, so you can use it directly.

In this analysis, it is found that regardless of the fill strategy you need to be aware of the addition of padding when encrypting, you must remove the padding when decrypting . Now that the completion of the fill correlation in the example above is complete, let's look at how to choose the replacement algorithm.

Selection algorithm

In the example above, the question is, how did the AES-128-CBC algorithm in MCrypt replace the aes_256 in OpenSSL?
On this point, I also did not find a reasonable explanation, view source 1:30 will also not find the reason (ability Limited ~), but through the following information, or completed the function

    • OpenSSL decryption MCrypt AES data incompatibility Issues

    • Convert mcrypt_generic to Openssl_encrypt Ask Question

If a classmate find the reason, welcome to my message, thank you.


For the part that uses MCrypt AES for encryption, if the problem is in the substitution process, you can start with the algorithm substitution or padding. At the same time it is necessary to meet the conditions are based on different fill options, replace the most important to consider compatibility issues, to ensure that no change after the replacement . Although there is only a slight difference----the tail of a few strings, but if the simultaneous modification in the multi-platform is also a nuisance, but the less the change of risk smaller.

This paper simply explains the AES algorithm, and the applicability of other algorithms remains to be researched.

The above is the whole content of this article, I hope that everyone's learning has helped, more relevant content please pay attention to!

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.