Since Mcrypt is deprecated, I want to use OpenSSL instead in my code, since we already use php 7.0.17 on our server and they donβt tell when they update it.
Some third-party APIs (hosted on PHP 5.x , possibly using mcrypt as well ) accept encrypted data. They provided the methods that they use to encrypt / decrypt strings.
Here they are
$secret = 'a0a7e7997b6d5fcd55f4b5c32611b87c' ; public function encrypt128($str) { $block = mcrypt_get_block_size("rijndael_128", "ecb"); $pad = $block - (strlen($str) % $block); $str .= str_repeat(chr($pad), $pad); return base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $secret, $str, MCRYPT_MODE_ECB)); } public function decrypt128($str) { $str = base64_decode($str); $str = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $secret, $str, MCRYPT_MODE_ECB); $len = strlen($str); $pad = ord($str[$len - 1]); return substr($str, 0, strlen($str) - $pad); }
using these methods string small1 if encrypted becomes v7IXp5vVaFVXXlt/MN8BVw==
We want to use openssl_encrypt on our side so that if we encrypt the same string with OpenSSL, it should give the same results as Mcrypt. I researched that mcrypt using rijndael-128 Mode ecb should be compatible with OpenSSL aes-128-ecb .
Over the past few hours, I have been trying to make my own method for encrypting strings serving the same result using OpenSSL. So far i have come to this
public function sslEncrypt128($str) { $secret = 'a0a7e7997b6d5fcd55f4b5c32611b87c'; return base64_encode(openssl_encrypt($str, 'aes-128-ecb', $secret, OPENSSL_RAW_DATA)); }
But it creates a different line SxJ3+EdaeItZx3/EwGTUbw== for the same as for input. I do not know if the problem is with a flag or a padding, any pointers would be welcome.
I added the code here to check online https://3v4l.org/v2J2N
Thanks in advance.