PHP 7.1 uses OpenSSL instead of mcrypt to decrypt the _php technique

Recently in use PHPThe development of the public number function was found in PHP7.1 MCrypt has been discarded, but can only find the corresponding solution to replace, so this article mainly to you about the PHP7.1 In the use of OpenSSL instead of MCrypt encryption and decryption of relevant information, the need for friends can refer to.

Profile:

The new features of php7.1 have attracted many phper, and everyone is discussing the benefits and conveniences of new features. But upgrading from php7.0 to php7.1 (obsolete) is an extension (mcrypt extension) that has been widely used in the past. The official provided the corresponding solution, but did not provide a more detailed solution. So the pit came:

Today, when connecting to a content management system using an open platform, it has failed to bind the public number.

Reason:

debugging, the direct reason is because the open platform filled with the authorization event (the authorization event every 10 minutes to send an event to update ticket), namely:

This place filled in the URL, debugging found that this URL is correct, there are every 10 minutes pushed to come over, but to the last direct receive ticket, see Code Discovery is because the decrypted data when the error:

<?php 
 
function aes_decode($message, $encodingaeskey = '', $appid = '') { 
 $key = base64_decode($encodingaeskey . '='); 
 
 $ciphertext_dec = base64_decode($message); 
 $iv = substr($key, 0, 16); 
 
 $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, ''); 
 mcrypt_generic_init($module, $key, $iv); 
 $decrypted = mdecrypt_generic($module, $ciphertext_dec); 
 mcrypt_generic_deinit($module); 
 mcrypt_module_close($module); 
 
 $pad = ord(substr($decrypted, -1)); 
 if ($pad < 1 || $pad > 32) { 
 $pad = 0; 
 }

	

This is the place, because my environment is PHP 7.1, find data found PHP 7.1 has abandoned mcrypt, so the code inside the mcrypt_* are not able to run.

Solve:

Find data discovery, you can replace MCrypt with OpenSSL (provided the OpenSSL extension is already installed, but is usually installed by default)

OpenSSL is a powerful toolkit that integrates a wide range of cryptographic algorithms and utilities. We can use the command desk tools it provides to generate keys, certificates to encrypt and decrypt files, or to encrypt the transmitted information in code using the API interfaces it provides.

So the above code can be changed to:

<?php
 
function aes_decode($message, $encodingaeskey ='', $appid ='') {
  $key = base64_decode($encodingaeskey.'=');
 
  $ciphertext_dec = base64_decode($message);
  $iv = substr($key, 0, 16);
 
  /* The mcrypt symmetric decryption code has been abandoned in PHP7.1, so use the following openssl instead
  $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128,'', MCRYPT_MODE_CBC,'');
  mcrypt_generic_init($module, $key, $iv);
  $decrypted = mdecrypt_generic($module, $ciphertext_dec);
  mcrypt_generic_deinit($module);
  mcrypt_module_close($module);
  */
  $decrypted = openssl_decrypt($ciphertext_dec,'AES-256-CBC', $key, OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING, $iv);
 
  $pad = ord(substr($decrypted, -1));
  if ($pad <1 || $pad> 32) {
  $pad = 0;
  }

Add:

The above decryption has been modified, then the corresponding MCrypt encryption needs to be modified, if not changed, will cause not to publish the whole network and can not push messages and other events
The encrypted source code is as follows:

<?php 
function aes_encode($message, $encodingaeskey = '', $appid = '') { 
 $key = base64_decode($encodingaeskey . '='); 
 $text = random(16) . pack("N", strlen($message)) . $message . $appid; 
 $iv = substr($key, 0, 16); 
 
 $block_size = 32; 
 $text_length = strlen($text); 
 $amount_to_pad = $block_size - ($text_length % $block_size); 
 if ($amount_to_pad == 0) { 
 $amount_to_pad = $block_size; 
 } 
 $pad_chr = chr($amount_to_pad); 
 $tmp = ''; 
 for ($index = 0; $index < $amount_to_pad; $index++) { 
 $tmp .= $pad_chr; 
 } 
 $text = $text . $tmp; 
 $size = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); 
 $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, ''); 
 mcrypt_generic_init($module, $key, $iv); 
 $encrypted = mcrypt_generic($module, $text); 
 mcrypt_generic_deinit($module); 
 mcrypt_module_close($module); 
 
 $encrypt_msg = base64_encode($encrypted); 
 return $encrypt_msg; 
}

The modified code is:

<?php
function aes_encode($message, $encodingaeskey ='', $appid ='') {
 $key = base64_decode($encodingaeskey.'=');
 $text = random(16). pack("N", strlen($message)). $message. $appid;
 $iv = substr($key, 0, 16);
 
 $block_size = 32;
 $text_length = strlen($text);
 $amount_to_pad = $block_size-($text_length% $block_size);
 if ($amount_to_pad == 0) {
 $amount_to_pad = $block_size;
 }
 $pad_chr = chr($amount_to_pad);
 $tmp ='';
 for ($index = 0; $index <$amount_to_pad; $index++) {
 $tmp .= $pad_chr;
 }
 $text = $text. $tmp;
 /* The mcrypt symmetric encryption code has been abandoned in PHP7.1, so use the following openssl instead
 $size = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
 $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128,'', MCRYPT_MODE_CBC,'');
 mcrypt_generic_init($module, $key, $iv);
 $encrypted = mcrypt_generic($module, $text);
 mcrypt_generic_deinit($module);
 mcrypt_module_close($module);
 */
 
 $encrypted = openssl_encrypt($text,'AES-256-CBC', $key, OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING, $iv);
 $encrypt_msg = base64_encode($encrypted);
 return $encrypt_msg;
} 

Special Note: all involved in the development process, if it has been upgraded to PHP 7.1, then it is necessary to check whether the use of mcrypt symmetric plus decryption, the development document used in the demo is also using MCrypt encryption, which needs to be noted.

Summarize