Preparing for removal of Mcrypt in PHP 7.2

by

You can’t convert it, because Rijndael-256 is not AES-256, and the OpenSSL extension doesn’t ship with Rijndael-256 support.
AES-256 is Rijndael-128 with a 256-bit (32-byte) key.

Unfortunately, you’ll have to re-encrypt all of your data.

Edit: Also, the scheme you’re currently using has some problems:

  • It lacks authentication (HMACs are the easiest way to do it in PHP)
  • It lacks proper padding (mcrypt pads with zero bytes; you need something like PKCS#5 padding instead), which is required for block mode encryption to be safe.
  • It’s not byte-safe (you’re using mb_substr())

The good news is that OpenSSL will do PKCS#5 padding for you automatically, but you should go even further and use a solid encryption library like defuse/php-encryption.

More Related Contents:

  1. Upgrading my encryption library from Mcrypt to OpenSSL
  2. Replace Mcrypt with OpenSSL
  3. mcrypt_encrypt to openssl_encrypt, and OPENSSL_ZERO_PADDING problems
  4. PHP7.1 mcrypt alternative
  5. Best way to use PHP to encrypt and decrypt passwords? [duplicate]
  6. HTTPS and SSL3_GET_SERVER_CERTIFICATE:certificate verify failed, CA is OK
  7. Encrypting / Decrypting file with Mcrypt
  8. Unable to find the wrapper “https” – did you forget to enable it when you configured PHP?
  9. Generating cryptographically secure tokens
  10. Laravel certificate verification errors when sending TLS email
  11. Switch php versions on commandline ubuntu 16.04
  12. OPENSSL file_get_contents(): Failed to enable crypto
  13. PHP7.1 json_encode() Float Issue
  14. SSL operation failed with code 1: dh key too small
  15. You must enable the openssl extension to download files via https
  16. TLS 1.2 not working in cURL
  17. SSL error SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
  18. MCrypt rijndael-128 to OpenSSL aes-128-ecb conversion
  19. Issue in installing php7.2-mcrypt
  20. How to do AES256 decryption in PHP?
  21. Decrypting strings in Python that were encrypted with MCRYPT_RIJNDAEL_256 in PHP
  22. PHPMailer generates PHP Warning: stream_socket_enable_crypto(): Peer certificate did not match expected
  23. Use of Initialization Vector in openssl_encrypt
  24. OpenSSL not working on Windows, errors 0x02001003 0x2006D080 0x0E064002
  25. How can I install mcrypt under PHP7? Laravel needs it
  26. Installing mcrypt extension for PHP on OSX Mountain Lion
  27. removing password from rsa private key
  28. Apple Sign In “invalid_client”, signing JWT for authentication using PHP and openSSL
  29. Mcrypt js encryption value is different than that produced by PHP mcrypt / Mcrypt JS decrypt doesn’t work for UTF-8 chars
  30. Fatal error: Call to undefined function openssl_random_pseudo_bytes()

Leave a Comment