php PHP7.1 mcrypt 替代方案
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/41740600/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
PHP7.1 mcrypt alternative
提问by Tibi
Mcrypt function has been deprecated as of PHP 7.1.0.
自 PHP 7.1.0 起,Mcrypt 函数已被弃用。
My deprecated string encode / decode functions:
我已弃用的字符串编码/解码功能:
$key: secret key
$str: string
$encoded = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $str, MCRYPT_MODE_CBC, md5(md5($key))));
$decoded = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($str), MCRYPT_MODE_CBC, md5(md5($key))), "$rijndael = new \phpseclib\Crypt\Rijndael(\phpseclib\Crypt\Rijndael::MODE_ECB);
$rijndael->setKey(ENCRYPT_KEY);
$rijndael->setKeyLength(256);
$rijndael->disablePadding();
$rijndael->setBlockLength(256);
$decoded = $rijndael->decrypt($term);
");
Can you suggest some alternatives?
你能提出一些替代方案吗?
回答by Aleksa Arsi?
You should use openssl_encryptinstead.
您应该改用openssl_encrypt。
回答by zaph
回答by Pentium10
For MCRYPT_RIJNDAEL_256I posted a full answer for PHP7.3 here: https://stackoverflow.com/a/53937314/243782
因为MCRYPT_RIJNDAEL_256我在这里发布了 PHP7.3 的完整答案:https://stackoverflow.com/a/53937314/243782
snippet:
片段:
works like this with the phpsecliblibrary
使用phpseclib库像这样工作
echo encrypt_openssl($str, $key);
function encrypt_openssl($msg, $key, $iv = null) {
$iv_size = openssl_cipher_iv_length('AES-256-CBC');
if (!$iv) {
$iv = openssl_random_pseudo_bytes($iv_size);
}
$encryptedMessage = openssl_encrypt($msg, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv);
return base64_encode($iv . $encryptedMessage);
}
回答by Musab ibnu Siraj
mcryptmay be removed in PHP 7.1 alternative openssl
mcrypt可能会在 PHP 7.1 替代openssl 中删除
回答by Peter Muller
As mentioned above, open_ssl is a good alternative for mcrypt. The only problem I had with open_ssl, is that it cannot be used for large strings.
如上所述,open_ssl 是 mcrypt 的一个很好的替代品。我对 open_ssl 的唯一问题是它不能用于大字符串。
I wrote a script (static class), which overcomes this problem (large strings are split up in chunks and encrypted/decrypted separately in the background).
我写了一个脚本(静态类),它克服了这个问题(大字符串被分成块并在后台单独加密/解密)。
See public gist: https://gist.github.com/petermuller71/33616d55174d9725fc00a663d30194ba
查看公共要点:https: //gist.github.com/petermuller71/33616d55174d9725fc00a663d30194ba
