Search code examples
phpphp-openssl

How to convert mcrypt_generic to openssl_encrypt?

this is my php code in PHP7.0.30

    $key = strtoupper(md5('799ae002c7e940ef8a890b3a428f8f458e3f7c39d1cc2bf24390f0c46cf932c8'));
    $text ='name=王星星&mobile=15212345678&idNumber=620402198709215456&bankName=招商银行&bankNum=6214830100799652';
    $plaintext = $text;
    $size = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
    //PKCS5Padding
    $padding = $size - strlen($plaintext) % $size;
    $plaintext .= str_repeat(chr($padding), $padding);
    $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
    $iv = str_repeat("\0", $size);
    /* Intialize encryption */
    mcrypt_generic_init($module, base64_decode($key), $iv);
    /* Encrypt data */
    $encrypted = mcrypt_generic($module, $plaintext);
    /* Terminate encryption handler */
    mcrypt_generic_deinit($module);
    mcrypt_module_close($module);
    var_dump(base64_encode($encrypted));

    /* openssl_encrypt */
    $encrypted = openssl_encrypt($plaintext, 'AES-256-CBC',base64_decode($key), OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING,$iv);
    var_dump(base64_encode($encrypted));

mcrypt_generic output: 8LZZEXRhAfeeQOxF1iI9GpBcA2hSCelrUq2OimhSgZly6RfRonzGiE32vHh/JkdK+X5N5hFBMKz+iOmWAbgL9BIu2GIAxBIXCOusxFU4eDJ/5uy7F9vR9EE5NqOAiHBZhTP3pzMtEc0fLAzg8Tsngg==

but openssl_encrypt output: g/YBzu+SGy9jfR+DIVY2S0iGM2O0QEs+J3IEv7bNAoz7+3iX9FboJZT0h+OH6uUeQBoSsD+eAga69U5C86Ibcp5Q2ay1FzfDFG/eGBtUaAJxRBwhxiNeBxPw2jBar2fR42wZUZOGTjlT5Ujgz+s/Iw==

I don't know how to convert mcrypt_generic to openssl_encrypt , thanks!

Solution

  • You need a 256 bit key. Your current "key" is 32 bytes which is 256 bits.

    You problem is that your are decoding the key. When you decode the key you are reducing the key's size to 24 bytes or 192 bits.

    So you have two options.

    Increase the key size by another 8 bytes before you base64_encode() it.

    OR

    Just remove the base64_decode() functions.

    Secondly, I hope you are using the md5 for testing purposes and not for your application. The md5 hash is not suited to give you a hash that is designed for modern cryptography.

    You should use something like $key = openssl_random_pseudo_bytes($size); to generate a key with.

    I would also like to point you in the direction of the Libsodium library. It is now native on the latest version of PHP.

    UPDATED

    If your goal is to have AES encryption with a 256 bit key like your code suggest, then you will have to do what I stated above. If that is not one of your requirements then the only thing you have to do is change the AES-256-CBC to AES-192-CBC in the openssl_encrypt() function like so.

    $encrypted = openssl_encrypt($plaintext, 'AES-192-CBC', base64_decode($key), OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv);

    One thing to point out is that the "128" in the name MCRYPT_RIJNDAEL_128 refers to the block size not the key size, where as the "256" in AES-256-CBC actually refers to the key size. Which is why the AES-192-CBC will work for your current key size of 192 bits. AES encryption uses a standard of a 128 bit block size, so that is compatible the MCRYPT_RIJNDAEL_128 block size.

    Cheers