好好爱自己!

php5.6 的mcrypt_encrypt 函数可以和5.5.9的行为一样

 

php5.5.9

-----------------------
$output = "test  php !!"

$key = "abcd123456789";

$output = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $output, MCRYPT_MODE_CBC);

$output = bin2hex($output);

echo $output;

 
---------------------------------------------------
php5.6 之后,mcrypt_encrypt 必须要 带 第五个参数 $iv,  但是加密出来的结果也可以和5.5的行为一样
1. php5.6 中 key 必须要8,16,32个字符;(之前的只有15个字符,php5.5其实是自动填 \0 )
2. php5.6 中 iv 必须要 ; (之前的版本, php5.5应该是默认填 16个\0 (至于是8个, 还是16个,32个,这个是和前面的key的长度有关的!));
所有,基于以上的原因,便有了下面php5.6对应的代码:
--------------------------------------------------------
 

$output = "test  php !!"

$key = "abcd123456789"."\0\0\0";
$iv = str_repeat("\0", 16);
$output = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $output, MCRYPT_MODE_CBC, $iv);

$output = bin2hex($output);

echo $output;

-------------------------------------------

Found the answer in case anyone need

$ivSize = 8; 
$iv = str_repeat("\0", $ivSize);

$encrypted = base64_encode(mcrypt_encrypt(MCRYPT_3DES, $key, $padded, MCRYPT_MODE_CBC, $iv));

Pass a 5th parameter manually which the earlier version was doing on its own!

 

 

--------------------------------------------------------------

参考:https://stackoverflow.com/questions/30475946/mcrypt-encrypt-not-working-properly-on-php-5-6-9/30477958#30477958

Asked 4 years, 5 months ago
Active 4 years, 3 months ago
Viewed 6k times
5

I have the following code which worked fine on PHP 5.5.9.

function index()
{
    echo $this->encryptText_3des('TEST','JHHKJH9879');
}

function encryptText_3des($plainText, $key) {
    $key = hash("md5", $key, TRUE); 
    for ($x=0;$x<8;$x++) {
        $key = $key.substr($key, $x, 1);
    }
    $padded = $this->pkcs5_pad($plainText,
    mcrypt_get_block_size(MCRYPT_3DES, MCRYPT_MODE_CBC));
    $encrypted = base64_encode(mcrypt_encrypt(MCRYPT_3DES, $key, $padded, MCRYPT_MODE_CBC));
    return $encrypted;
}

function pkcs5_pad ($text, $blocksize)  
{
    $pad = $blocksize - (strlen($text) % $blocksize);
    return $text . str_repeat(chr($pad), $pad);
}

The encryption was happening fine.But in 5.6.9, the in the PHP doc of mcrypt_encrypt, they mention that

Invalid key and iv sizes are no longer accepted. mcrypt_encrypt() will now throw a warning and return FALSE if the inputs are invalid. Previously keys and IVs were padded with '\0' bytes to the next valid size.

How will I modify my current code with the fifth parameter without altering the encryption algorithm?

I tried

$iv_size = mcrypt_get_iv_size(MCRYPT_3DES, MCRYPT_MODE_CBC);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);

and given $iv as fifth parameter.

But it didn't work out. The encryption was different from the earlier one.

php encryption mcrypt php-5.6
shareedit
 

3 Answers

4

Don't emulate old PHP versions weak behaviour for initializing IV.

Use mcrypt_create_iv().

They removed the auto zero-byte iv for a reason.

shareedit
 
2

Found the answer in case anyone need

$ivSize = 8; 
$iv = str_repeat("\0", $ivSize);

$encrypted = base64_encode(mcrypt_encrypt(MCRYPT_3DES, $key, $padded, MCRYPT_MODE_CBC, $iv));

Pass a 5th parameter manually which the earlier version was doing on its own!

shareedit
posted @   立志做一个好的程序员  阅读(529)  评论(0编辑  收藏  举报
编辑推荐:
· AI与.NET技术实操系列:基于图像分类模型对图像进行分类
· go语言实现终端里的倒计时
· 如何编写易于单元测试的代码
· 10年+ .NET Coder 心语,封装的思维:从隐藏、稳定开始理解其本质意义
· .NET Core 中如何实现缓存的预热?
阅读排行:
· 分享一个免费、快速、无限量使用的满血 DeepSeek R1 模型,支持深度思考和联网搜索!
· 基于 Docker 搭建 FRP 内网穿透开源项目(很简单哒)
· 25岁的心里话
· ollama系列01:轻松3步本地部署deepseek,普通电脑可用
· 按钮权限的设计及实现
历史上的今天:
2017-11-14 这篇讲angular 的$q的讲得不错
2017-11-14 event loop js事件循环 microtask macrotask
2017-11-14 【转】看别人面试的感想
2016-11-14 Changing a remote's URL
2016-11-14 Wix打包系列(一)如何使用wix制作安装程序
2016-11-14 服务器修改 ssh 22端口
2016-11-14 服务器遭受 ssh 攻击

不断学习创作,与自己快乐相处

点击右上角即可分享
微信分享提示
SQL AI 助手