将 Mcrypt Encrypted 替换为 OpenCart CMS 的 OpenSSL 加密
Replace Mcrypt Encription with OpenSSL Encription for OpenCart CMS
我在 system library folder 中有 OpenCart 1.5.6.4 和 encryption.php 文件。
encryption.php 中的代码是:
<?php
final class Encryption {
private $key;
private $iv;
public function __construct($key) {
$this->key = hash('sha256', $key, true);
$this->iv = mcrypt_create_iv(32, MCRYPT_RAND);
}
public function encrypt($value) {
return strtr(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $this->key, $value, MCRYPT_MODE_ECB, $this->iv)), '+/=', '-_,');
}
public function decrypt($value) {
return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $this->key, base64_decode(strtr($value, '-_,', '+/=')), MCRYPT_MODE_ECB, $this->iv));
}
}
?>
为了从 php 5.6 迁移到 php 7.2 ,我需要将 Mcrypt Encription 替换为 OpenSSL Encription.
我已经用 openssl_random_pseudo_bytes(32, true) 替换了 mcrypt_create_iv(32, MCRYPT_RAND) ,但是对于 encrypt function 和 decrypt function ,我不知道这些函数要使用什么 parameters。
encription.php 代码需要哪些更改?
我原来是wrote this to address the empty iv warning that comes up with the current encryption class for OC3:
Warning: openssl_encrypt(): Using an empty Initialization Vector (iv) is potentially insecure and not recommended
并且最近出于您发布此问题的确切原因将其反向移植到 OC1.5。这是 system/library/encryption.php 的完全替代品,适用于 OC1.5.6.4 和 PHP7.2:
final class Encryption {
private $cipher = 'aes-256-ctr';
private $digest = 'sha256';
private $key;
public function __construct($key) {
$this->key = $key;
}
public function encrypt($value) {
$key = openssl_digest($this->key, $this->digest, true);
$iv_length = openssl_cipher_iv_length($this->cipher);
$iv = openssl_random_pseudo_bytes($iv_length);
return base64_encode($iv . openssl_encrypt($value, $this->cipher, $key, OPENSSL_RAW_DATA, $iv));
}
public function decrypt($value) {
$result = NULL;
$key = openssl_digest($this->key, $this->digest, true);
$iv_length = openssl_cipher_iv_length($this->cipher);
$value = base64_decode($value);
$iv = substr($value, 0, $iv_length);
$value = substr($value, $iv_length);
if (strlen($iv) == $iv_length) {
$result = openssl_decrypt($value, $this->cipher, $key, OPENSSL_RAW_DATA, $iv);
}
return $result;
}
}
我在 system library folder 中有 OpenCart 1.5.6.4 和 encryption.php 文件。
encryption.php 中的代码是:
<?php
final class Encryption {
private $key;
private $iv;
public function __construct($key) {
$this->key = hash('sha256', $key, true);
$this->iv = mcrypt_create_iv(32, MCRYPT_RAND);
}
public function encrypt($value) {
return strtr(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $this->key, $value, MCRYPT_MODE_ECB, $this->iv)), '+/=', '-_,');
}
public function decrypt($value) {
return trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $this->key, base64_decode(strtr($value, '-_,', '+/=')), MCRYPT_MODE_ECB, $this->iv));
}
}
?>
为了从 php 5.6 迁移到 php 7.2 ,我需要将 Mcrypt Encription 替换为 OpenSSL Encription.
我已经用 openssl_random_pseudo_bytes(32, true) 替换了 mcrypt_create_iv(32, MCRYPT_RAND) ,但是对于 encrypt function 和 decrypt function ,我不知道这些函数要使用什么 parameters。
encription.php 代码需要哪些更改?
我原来是wrote this to address the empty iv warning that comes up with the current encryption class for OC3:
Warning: openssl_encrypt(): Using an empty Initialization Vector (iv) is potentially insecure and not recommended
并且最近出于您发布此问题的确切原因将其反向移植到 OC1.5。这是 system/library/encryption.php 的完全替代品,适用于 OC1.5.6.4 和 PHP7.2:
final class Encryption {
private $cipher = 'aes-256-ctr';
private $digest = 'sha256';
private $key;
public function __construct($key) {
$this->key = $key;
}
public function encrypt($value) {
$key = openssl_digest($this->key, $this->digest, true);
$iv_length = openssl_cipher_iv_length($this->cipher);
$iv = openssl_random_pseudo_bytes($iv_length);
return base64_encode($iv . openssl_encrypt($value, $this->cipher, $key, OPENSSL_RAW_DATA, $iv));
}
public function decrypt($value) {
$result = NULL;
$key = openssl_digest($this->key, $this->digest, true);
$iv_length = openssl_cipher_iv_length($this->cipher);
$value = base64_decode($value);
$iv = substr($value, 0, $iv_length);
$value = substr($value, $iv_length);
if (strlen($iv) == $iv_length) {
$result = openssl_decrypt($value, $this->cipher, $key, OPENSSL_RAW_DATA, $iv);
}
return $result;
}
}