PHP 7.4 direct replacement for mcrypt decryption
Solution 1
While mcrypt is not part of PHP anymore (for good reasons), it still exists as module you can install for PHP 7.4
https://pecl.php.net/package/mcrypt
Install it, make sure to re-encrypt all data, once all old data is updated, change your code to not use it anymore and remove the extension.
Solution 2
For those who use cPanel, you can simply do it in PHP 7.3
Go to PHP Selector, choose 7.3 PHP version if not current, then select 'mcrypt' and 'sodium' extension.
Then you can use both encryptions on the same PHP file in order to decrypt your data with 'mcrypt' and encrypt with 'sodium' on a single operation.
Related videos on Youtube
03 : 04
02 : 57
03 : 21
![how to solve Mcrypt extension error in Xamp | PHP Mcrypt Error [Fixed]](https://i.ytimg.com/vi/LJnSklu51fA/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLCMnlCVM9gpcVHwOW6QG_T8DmmkIw)
03 : 51
01 : 05
01 : 49
02 : 54
Peter Ford
Updated on June 04, 2022Comments
-
Peter Ford almost 2 years
I have a legacy database with content that was encrypted with mcrypt using DES (yes, I know, it was a long time ago) The encryption method is like this:
/** * General encryption routine for generating a reversible ciphertext * @param String $string the plain text to encrypt * @param String $key the encryption key to use * @return String the cypher text result */ function encrypt($string, $key) { srand((double) microtime() * 1000000); /* Open module, and create IV */ $td = mcrypt_module_open('des', '', 'cfb', ''); $ksub = substr(md5($key), 0, mcrypt_enc_get_key_size($td)); $iv_size = mcrypt_enc_get_iv_size($td); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); /* Initialize encryption handle */ if (mcrypt_generic_init($td, $ksub, $iv) != -1) { /* Encrypt data */ $ctxt = mcrypt_generic($td, $string); mcrypt_generic_deinit($td); mcrypt_module_close($td); $ctxt = $iv . $ctxt; return base64_encode($ctxt); } //end if }and the decryption method is like this:
/** * General decryption routine for recovering a plaintext * @param String $string the cypher text to decrypt * @param String $key the encryption key to use * @return String the plain text result */ function decrypt($string, $key) { $ptxt = base64_decode($string); /* Open module, and create IV */ $td = mcrypt_module_open('des', '', 'cfb', ''); $ksub = substr(md5($key), 0, mcrypt_enc_get_key_size($td)); $iv_size = mcrypt_enc_get_iv_size($td); $iv = substr($ptxt, 0, $iv_size); $ptxtsub = substr($ptxt, $iv_size); /* Initialize encryption handle */ if (mcrypt_generic_init($td, $ksub, $iv) != -1) { /* Encrypt data */ $ctxt = mdecrypt_generic($td, $ptxtsub); mcrypt_generic_deinit($td); mcrypt_module_close($td); return $ctxt; } //end if }I need to extract this data in a PHP7.4 environment, even if only to re-encrypt it with something better, but I'm not sure how to reproduce the mcrypt operations with stuff that exists in PHP7.4 like sodium. I suppose one method would be to spin up some sort of legacy PHP installation that still has mcrypt and do it offline, but is there a more direct way of coding a decryption method?
-
John Conde over 3 yearsCan you add a sample encrypted data, it's unencrypted value, and key to your question?
-
Peter Ford over 3 yearsAs it turns out, the data that I was told was encoded with mcrypt in this was not. Looks like the entries are all MD5 hashes, so that's not going to decrypt very easily even if I can get mcrypt working!
-
-
Peter Ford over 3 yearsI had problems getting that to work, although I've just tried again today and realised I was missing the libmcrypt-dev package: that now installs properly so perhaps I'm OK.
