Home Backend Development PHP Tutorial Example explanation of PHP 7.1 using OpenSSL instead of Mcrypt encryption and decryption

Example explanation of PHP 7.1 using OpenSSL instead of Mcrypt encryption and decryption

Dec 25, 2017 am 10:19 AM
mcrypt openssl php

Mcrypt Some WeChat developers may often use it, but Mcrypt has been deprecated in PHP 7.1. Are there any other alternatives? This article will introduce to you the relevant information about using OpenSSL instead of Mcrypt encryption and decryption in PHP 7.1. I hope it will be helpful to you.

Summary:

#After the release of php7.1, the new features attracted many PHPers, and everyone is discussing what the new features will bring benefits and conveniences. However, upgrading from php7.0 to php7.1 obsolete (obsolete) an extension that was commonly used in the past (mcrypt extension). The official provided corresponding solution tips, but did not provide more detailed solutions. So here comes the trap:

Today when I used the WeChat open platform to connect to a content management system, it kept failing when binding the official account

Reason:

During debugging, we found that the direct cause is the authorization event filled in the open platform (the authorization event will send an event every ten minutes to update the ticket), that is:

The url filled in here, debugging found that this URL is correct, WeChat also pushes it every 10 minutes, but in the end the ticket cannot be received. Looking at the code, it is found that it is due to decryption When the data came over from WeChat, an error was reported:


<?php 

function aes_decode($message, $encodingaeskey = &#39;&#39;, $appid = &#39;&#39;) { 
 $key = base64_decode($encodingaeskey . &#39;=&#39;); 
 $ciphertext_dec = base64_decode($message); 
 $iv = substr($key, 0, 16); 
 $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, &#39;&#39;, MCRYPT_MODE_CBC, &#39;&#39;); 
 mcrypt_generic_init($module, $key, $iv); 
 $decrypted = mdecrypt_generic($module, $ciphertext_dec); 
 mcrypt_generic_deinit($module); 
 mcrypt_module_close($module); 
 
 $pad = ord(substr($decrypted, -1)); 
 if ($pad < 1 || $pad > 32) { 
 $pad = 0; 
 }
Copy after login


This is the place. Since my environment is PHP 7.1, I searched for information and found PHP Mcrypt has been abandoned in 7.1, so mcrypt_* in this code cannot be run.

Solution:

# Searching for information found that Mcrypt can be replaced by OpenSSL (provided that the OpenSSL extension has been installed, but generally They are all installed by default)

openssl is a powerful toolkit that integrates many cryptographic algorithms and practical tools. We can use the command console tool it provides to generate keys and certificates to encrypt and decrypt files, or we can use the API interface it provides to encrypt the transmitted information in the code.

So the above code can be changed to:


<?php 
function aes_decode($message, $encodingaeskey = &#39;&#39;, $appid = &#39;&#39;) { 
 $key = base64_decode($encodingaeskey . &#39;=&#39;); 
 $ciphertext_dec = base64_decode($message); 
 $iv = substr($key, 0, 16); 
 /* mcrypt对称解密代码在PHP7.1已经被抛弃了,所以使用下面的openssl来代替 
 $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, &#39;&#39;, MCRYPT_MODE_CBC, &#39;&#39;); 
 mcrypt_generic_init($module, $key, $iv); 
 $decrypted = mdecrypt_generic($module, $ciphertext_dec); 
 mcrypt_generic_deinit($module); 
 mcrypt_module_close($module); 
 */ 
 $decrypted = openssl_decrypt($ciphertext_dec, &#39;AES-256-CBC&#39;, $key, OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING, $iv); 
 
 $pad = ord(substr($decrypted, -1)); 
 if ($pad < 1 || $pad > 32) { 
 $pad = 0; 
 }
Copy after login


Supplement:

The above decryption has been modified, so the corresponding Mcrypt encryption also needs to be modified. If it is not changed, it will lead to events such as the inability to publish to the entire network and the inability to push messages.
The encrypted source code is as follows:


<?php 
function aes_encode($message, $encodingaeskey = &#39;&#39;, $appid = &#39;&#39;) { 
 $key = base64_decode($encodingaeskey . &#39;=&#39;); 
 $text = random(16) . pack("N", strlen($message)) . $message . $appid; 
 $iv = substr($key, 0, 16); 
 $block_size = 32; 
 $text_length = strlen($text); 
 $amount_to_pad = $block_size - ($text_length % $block_size); 
 if ($amount_to_pad == 0) { 
 $amount_to_pad = $block_size; 
 } 
 $pad_chr = chr($amount_to_pad); 
 $tmp = &#39;&#39;; 
 for ($index = 0; $index < $amount_to_pad; $index++) { 
 $tmp .= $pad_chr; 
 } 
 $text = $text . $tmp; 
 $size = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); 
 $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, &#39;&#39;, MCRYPT_MODE_CBC, &#39;&#39;); 
 mcrypt_generic_init($module, $key, $iv); 
 $encrypted = mcrypt_generic($module, $text); 
 mcrypt_generic_deinit($module); 
 mcrypt_module_close($module); 
 
 $encrypt_msg = base64_encode($encrypted); 
 return $encrypt_msg; 
}
Copy after login


##The modified code is:


<?php 
function aes_encode($message, $encodingaeskey = &#39;&#39;, $appid = &#39;&#39;) { 
 $key = base64_decode($encodingaeskey . &#39;=&#39;); 
 $text = random(16) . pack("N", strlen($message)) . $message . $appid; 
 $iv = substr($key, 0, 16); 
 
 $block_size = 32; 
 $text_length = strlen($text); 
 $amount_to_pad = $block_size - ($text_length % $block_size); 
 if ($amount_to_pad == 0) { 
 $amount_to_pad = $block_size; 
 } 
 $pad_chr = chr($amount_to_pad); 
 $tmp = &#39;&#39;; 
 for ($index = 0; $index < $amount_to_pad; $index++) { 
 $tmp .= $pad_chr; 
 } 
 $text = $text . $tmp; 
 /* mcrypt对称加密代码在PHP7.1已经被抛弃了,所以使用下面的openssl来代替 
 $size = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); 
 $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, &#39;&#39;, MCRYPT_MODE_CBC, &#39;&#39;); 
 mcrypt_generic_init($module, $key, $iv); 
 $encrypted = mcrypt_generic($module, $text); 
 mcrypt_generic_deinit($module); 
 mcrypt_module_close($module); 
 */ 
 
 $encrypted = openssl_encrypt($text, &#39;AES-256-CBC&#39;, $key, OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING, $iv); 
 $encrypt_msg = base64_encode($encrypted); 
 return $encrypt_msg; 
}
Copy after login


Special note: Any process involving WeChat development, if you have upgraded to PHP 7.1 If so, then it is necessary to check whether Mcrypt is used for symmetric encryption and decryption. The demo used in the WeChat development documentation also uses Mcrypt for encryption and decryption. This needs to be noted.

Related recommendations:

PHP WeChat interface encapsulation class_PHP tutorial

php WeChat development platform development small experiment

PHP WeChat payment class demo_php instance

The above is the detailed content of Example explanation of PHP 7.1 using OpenSSL instead of Mcrypt encryption and decryption. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress AI Tool

Undress images for free

Clothoff.io

Clothoff.io

AI clothes remover

AI Hentai Generator

AI Hentai Generator

Generate AI Hentai for free.

Hot Article

R.E.P.O. Energy Crystals Explained and What They Do (Yellow Crystal)
2 weeks ago By 尊渡假赌尊渡假赌尊渡假赌
Repo: How To Revive Teammates
4 weeks ago By 尊渡假赌尊渡假赌尊渡假赌
Hello Kitty Island Adventure: How To Get Giant Seeds
3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

Hot Tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

CakePHP Project Configuration CakePHP Project Configuration Sep 10, 2024 pm 05:25 PM

In this chapter, we will understand the Environment Variables, General Configuration, Database Configuration and Email Configuration in CakePHP.

PHP 8.4 Installation and Upgrade guide for Ubuntu and Debian PHP 8.4 Installation and Upgrade guide for Ubuntu and Debian Dec 24, 2024 pm 04:42 PM

PHP 8.4 brings several new features, security improvements, and performance improvements with healthy amounts of feature deprecations and removals. This guide explains how to install PHP 8.4 or upgrade to PHP 8.4 on Ubuntu, Debian, or their derivati

CakePHP Date and Time CakePHP Date and Time Sep 10, 2024 pm 05:27 PM

To work with date and time in cakephp4, we are going to make use of the available FrozenTime class.

CakePHP File upload CakePHP File upload Sep 10, 2024 pm 05:27 PM

To work on file upload we are going to use the form helper. Here, is an example for file upload.

CakePHP Routing CakePHP Routing Sep 10, 2024 pm 05:25 PM

In this chapter, we are going to learn the following topics related to routing ?

Discuss CakePHP Discuss CakePHP Sep 10, 2024 pm 05:28 PM

CakePHP is an open-source framework for PHP. It is intended to make developing, deploying and maintaining applications much easier. CakePHP is based on a MVC-like architecture that is both powerful and easy to grasp. Models, Views, and Controllers gu

How To Set Up Visual Studio Code (VS Code) for PHP Development How To Set Up Visual Studio Code (VS Code) for PHP Development Dec 20, 2024 am 11:31 AM

Visual Studio Code, also known as VS Code, is a free source code editor — or integrated development environment (IDE) — available for all major operating systems. With a large collection of extensions for many programming languages, VS Code can be c

CakePHP Creating Validators CakePHP Creating Validators Sep 10, 2024 pm 05:26 PM

Validator can be created by adding the following two lines in the controller.

See all articles