How to use openssl instead of mcrypt for AES encryption and decryption in php7+

This article will introduce to you how to use openssl instead of mcrypt for AES encryption and decryption in php7. It has certain reference value. Friends in need can refer to it. I hope it will be helpful to everyone.

Ten years have passed and mcrypt has begun to be phased out in php7. The official tip is:

mcrypt_get_block_size — 获得加密算法的分组大小 Warning This function has been DEPRECATED as of PHP 7.1.0. Relying on this function is highly discouraged.

requires openssl replacement in php7. What needs to be noted here is:
There is no limit on the length of the encryption key in mcrypt. Any length passed in will be included in the encryption, but in openssl_encrypt. The key length can only be 16 lengths. After >16 lengths, the signature result remains unchanged. This is a pitfall. It is easy to make mistakes when testing alternatives. For details, directly compare the codes:

is lower than the php7 version code

class AES { public static function encrypt($input,$key) { $blockSize = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB); $paddedData = static::pkcs5_pad($input, $blockSize); $ivSize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB); $iv = mcrypt_create_iv($ivSize, MCRYPT_RAND); $encrypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $paddedData, MCRYPT_MODE_ECB, $iv); return bin2hex($encrypted); } private static function pkcs5_pad ($text, $blocksize) { $pad = $blocksize - (strlen($text) % $blocksize); return $text . str_repeat(chr($pad), $pad); } public static function decrypt($sStr,$key) { $decrypted= mcrypt_decrypt( MCRYPT_RIJNDAEL_128, $key, hex2bin($sStr), MCRYPT_MODE_ECB ); $dec_s = strlen($decrypted); $padding = ord($decrypted[$dec_s-1]); $decrypted = substr($decrypted, 0, -$padding); return $decrypted; } /** *url 安全的base64编码 sunlonglong */ function base64url_encode($data) { return rtrim(strtr(base64_encode($data), '+/', '-_'), '='); } /** *url 安全的base64解码 sunlonglong */ function base64url_decode($data) { return base64_decode(str_pad(strtr($data, '-_', '+/'), strlen($data) % 4, '=', STR_PAD_RIGHT)); } } $key = 'g87y65ki6e8p93av8zjdrtfdrtgdwetd'; $encrypt = AES::encrypt('123abc',$key); $decrypt = AES::decrypt($encrypt,$key); var_dump($encrypt,$decrypt); 加密结果： da07f6363eb0024b4bdd264e5fd4a2f5

The following is for php7 and above. Use openssl encryption:

class AES { /** * * @param string $string 需要加密的字符串 * @param string $key 密钥 * @return string */ public static function encrypt($string, $key) { // openssl_encrypt 加密不同Mcrypt，对秘钥长度要求，超出16加密结果不变 $data = openssl_encrypt($string, 'AES-128-ECB', $key, OPENSSL_RAW_DATA); $data = strtolower(bin2hex($data)); return $data; } /** * @param string $string 需要解密的字符串 * @param string $key 密钥 * @return string */ public static function decrypt($string, $key) { $decrypted = openssl_decrypt(hex2bin($string), 'AES-128-ECB', $key, OPENSSL_RAW_DATA); return $decrypted; } } $encrypt = AES::encrypt('123abc', 'g87y65ki6e8p93av8zjdrtfdrtgdwetd'); $decrypt = AES::decrypt($encrypt, 'g87y65ki6e8p93av8zjdrtfdrtgdwetd'); var_dump($encrypt,$decrypt);die; 加密结果： 8c927c42f93a83c5de763aa18e4e6c7d

Although the key length is 32 bits, when openssl_encrypt is encrypted, the key length is only 16 bits, and no signature is included later, while mcrypt_encrypt will participate in the encryption of the entire key, so that encryption will occur. The results are inconsistent. Causing confusion, the results of key=g87y65ki6e8p93av8zjdrtfdrtgdwetd and key=g87y65ki6e8p93av are consistent;

Recommended learning:php video tutorial

The above is the detailed content of How to use openssl instead of mcrypt for AES encryption and decryption in php7+. For more information, please follow other related articles on the PHP Chinese website!