Hi, I had an hard time converting my code from mcrypt 2.2.x to 2.4.x. There is a big lack of info about the difference between the two and I could not find anything to help me make the move.
My problem was not getting things to work with either version of mcrypt, there are plenty of examples available for both versions. My problem was getting libmcrypt 2.4.x decrypting the data previously encrypted by 2.2.x. Here's some general info for anyone interested. I would have been very pleased to find this will searching the archive and I didn't, so I am doing it for anybody else facing the same problem. 1) PHP linked with libmcrypt 2.2.x is not too picky about Initialization Vectors, but with 2.4.x, it will give a warning message if you don't specify one with some of the functions or simply wont work with others. Check my example code below to see what I did. 2) PHP will segfault if you use a key size with the wrong lenght with 2.4.x and it won't with 2.2.x. Be very careful about the lenght of your key in 2.4.x, what worked previously might not work now. Decryption under libmcrypt 2.2.x: ----- $clear_text = mcrypt_cbc ($cipher, $key, hex2bin($crypted_text), MCRYPT_DECRYPT); ----- Encryption under libmcrypt 2.2.x: ----- $crypted_text = bin2hex(mcrypt_cbc ($cipher, $key, $clear_text, MCRYPT_ENCRYPT)); ----- The following code is what I had to do to get a similar (compatible) behaviour under libmcrypt 2.4.x. Note that I create an initialization vector filled with "\0" characters, which is, I believe, the default behavior with libmcrypt 2.2.x. The PHP manual somewhere recommends to use "0" if you do not want to use an initialization vector. This did not work for me, as this is not the default 2.2.x behavior. I think the manual should be modified as it greatly confiused me. Encryption under libmcrypt 2.4.x: ----- $td = mcrypt_module_open ($cipher, "", MCRYPT_MODE_CBC, ""); $i = 0; while ($i < mcrypt_enc_get_iv_size ($td)) { $iv .= "\0"; $i++; } mcrypt_generic_init ($td, $key, $iv); $crypted_text = bin2hex(mcrypt_generic($td, $plain_text)); mcrypt_generic_end ($td); ----- Decryption under libmcrypt 2.4.x: ----- $td = mcrypt_module_open ($cipher, "", MCRYPT_MODE_CBC, ""); $i = 0; while ($i < mcrypt_enc_get_iv_size ($td)) { $iv .= "\0"; $i++; } mcrypt_generic_init ($td, $key, $iv); $plain_text = mdecrypt_generic($td, hex2bin($crypted_text)); mcrypt_generic_end ($td); ----- In these snippets, $crypted_text is the encrypted data in hexadecimal format. This allows data to be stored (in DB's for example) or displayed without problems. You need the following function: function hex2bin($data) { $len = strlen($data); return pack("H" . $len, $data); } Hope this can help someone.. Thank you, Cedric -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php