1

As php has stopped support for Mcrypt from 7.2 and onwards. I do not know enough to convert Mcrypt to Openssl. I was wondering if someone could provide the OpenSSL equivalent for this? For the record, I am not looking to support Mcrypt so I have to decrypt my mcrypt encrypted strings(passwords) via openSSL.

To Encode via mcrypt->

static function encode($value= NULL, $key= NULL){
    if(!$value){
        return false;
    }
    $text = $value;
    $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
    $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
    $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv);
    return trim(self::safe_b64encode($crypttext));
}
private function safe_b64encode($string= NULL) {
    $data = base64_encode($string);
    $data = str_replace(array('+','/','='),array('-','_',''),$data);
    return $data;
}
Improve this question
1
  • Please post what you have tried for your decrypt function. Commented May 31, 2018 at 7:25

2 Answers 2

Reset to default
1

Updated

Unfortunately it looks like there is not a way your going to be able to do what you want. Had you used the MCRYPT_RIJNDAEL_128 mode with a 256 byte key there may have been hope.

AES-256 and MCRYPT_RIJNDAEL_256 encryption are not the same thing, even though AES is basically Rijndael. It all has to do with the block size. What you want to do just is not compatible.

Your options are this:

  • Use a version of PHP that still has the MCRYPT libraries available and decrypt the passwords to a file and then encrypt them with your new encryption method.
  • A PECL option looks available that would allow you to install a pseudo version of MCRYPT with your latest version of PHP.

For just encrypting and decrypting your passwords OpenSSL should be fine, but OpenSSL has limitation especially when you want to encrypt large amounts of data. It requires you to write additional code to break apart your data into smaller chunks before you encrypt and then put it back together after you decrypt.

I highly recommend that you skip OpenSSL and learn the LibSodium library which is now supported on the latest PHP versions.

http://php.net/manual/en/book.sodium.php

Here is a good page to read to get you started.

https://paragonie.com/blog/2015/05/using-encryption-and-authentication-correctly

Some more Libsodium resources.

https://github.com/paragonie/pecl-libsodium-doc/blob/v1/chapters/01-quick-start.md

Good Luck~

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Well its not the login process.I can't ask user to change all of the strings..I have encrypted them with mcrypt and I can''t decrypt them using mcrypt as I am giving support for php 7.2 for which I have to use OpenSSL for now
Just to clarify, they are string passwords that have been encrypted not hashed. If they are hashes they CAN NOT be decrypted. Is the code you have above the code you used to encrypt the passwords?
Yes above is the mcrypt algo code I have used to encrypt. Can I decrypt that anyway?
Were you encrypting the text of the password ie "myPassword" or the hashes of the passwords?
I am encrypting text as "myPassword" not any hash value.
0

You have so many choices when it comes to encrypting data, so that's why you should implement it yourself. I recommend you the library diffuse/php-encryption, see this link for a detailed tutorial.

Improve this answer

2 Comments

Firstly, I have to decrypt the mcrypt encrypted data and I have to use OpenSSL for now. Even If I use library diffuse/php-encryption,Will I be able to decrypt my encrypted data?
unfortunately no, there are two different encrypting algorithms involved, cf. stackoverflow.com/questions/42696657/…

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.