PHP switch from MCRYPT_MODE_ECB to AES-256-ECB
Question
I am rewriting code to be compatible with PHP 7.2. Old code is
public function encryptPasswordOld($password, $salt)
{
$key = md5($salt);
$result = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $password, MCRYPT_MODE_ECB);
return base64_encode($result);
}
New code should be according to my research something like this
public function encryptPasswordNew($password, $salt)
{
$method = 'AES-256-ECB';
$ivSize = openssl_cipher_iv_length($method);
$iv = openssl_random_pseudo_bytes($ivSize);
$key = md5($salt);
$result = openssl_encrypt($password, $method, $key, OPENSSL_RAW_DATA, $iv);
return base64_encode($result);
}
but I tried every combination of openssl_encrypt options: OPENSSL_RAW_DATA , OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING , OPENSSL_ZERO_PADDING , 0 and still ended up with different result as the old method returns
1 answers
solution1
0 2020-11-02 08:51:39
try to use pkcs5padding on value before encrypt. ie
remember the blocksize should be 8-byte based, ie 8/16/24 etc.
function pkcs5_pad($text, $blocksize)
{
$pad = $blocksize - (strlen($text) % $blocksize);
return $text . str_repeat(chr(0), $pad);
}
and encrypt option should be OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, ie
openssl_encrypt(pkcs5_pad($value, 16), 'aes-256-ecb', $aes_key, 3, '')
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.