PHP 7.2.0 Release Candidate 4 Released

Filtrele de criptare

mcrypt.* și mdecrypt.* oferă criptare și decriptare simetrică, utilizând libmcrypt. Ambele seturi de filtre susțin aceiași algoritmi disponibili extensiei mcrypt sub forma mcrypt.ciphername, unde ciphername este denumirea algoritmului de criptare, care ar fi putut fi transmis funcției mcrypt_module_open(). De asemenea sunt disponibili și următorii cinci parametri:

Parametrii filtrului mcrypt
Parametrul Necesar? Implicit Valori-exemple
mode Opțional cbc cbc, cfb, ecb, nofb, ofb, stream
algorithms_dir Opțional ini_get('mcrypt.algorithms_dir') Localizarea modulelor algoritmilor
modes_dir Opțional ini_get('mcrypt.modes_dir') Localizarea modulelor modurilor
iv Necesar nu este De obicei 8, 16, sau 32 baiți de date binare. Depinde de cifru
key Necesar nu este De obicei 8, 16, sau 32 baiți de date binare. Depinde de cifru

Example #1 Criptarea conținutului unui fișier utilizând 3DES

<?php
$passphrase 
'My secret';

/* Transformă parola în text deschis
 * într-o pereche iv/key reproductibilă
 */
$iv substr(md5('iv'.$passphrasetrue), 08);
$key substr(md5('pass1'.$passphrasetrue) .
               
md5('pass2'.$passphrasetrue), 024);
$opts = array('iv'=>$iv'key'=>$key);

$fp fopen('secret-file.enc''wb');
stream_filter_append($fp'mcrypt.tripledes'STREAM_FILTER_WRITE$opts);
fwrite($fp'Secret secret secret data');
fclose($fp);
?>

Example #2 Citirea unui fișier criptat

<?php
$passphrase 
'My secret';

/* Transformă parola în text deschis
 * într-o pereche iv/key reproductibilă
 */
$iv substr(md5('iv'.$passphrasetrue), 08);
$key substr(md5('pass1'.$passphrasetrue) .
               
md5('pass2'.$passphrasetrue), 024);
$opts = array('iv'=>$iv'key'=>$key);

$fp fopen('secret-file.enc''rb');
stream_filter_append($fp'mdecrypt.tripledes'STREAM_FILTER_READ$opts);
$data rtrim(stream_get_contents($fp));
fclose($fp);

echo 
$data;
?>
add a note add a note

User Contributed Notes 2 notes

up
5
Uwe Ohse
7 months ago
1) The mcrypt module has been deprecated with PHP 7.1.
What does that mean for the encryption filters?

2) deriving the IV from the secret passphrase seems wrong. This leaks information about the passphrase without need.

3) using md5() for this? Really? hash() has been available since PHP 5.1.2.

4) hashing the passphrase twice does not add any security.

5) using substr() on binary data (why, oh why, is true passed to md5()?) might lead to headaches if mbstring.func_overload is used.
up
0
Maarten Bodewes
2 months ago
The examples on this page should be destroyed with utmost urgency.

Strangely most people will fall over the use of generating the IV and 3DES key using MD5, a weak hash function, e.g. the previous note and CryptoFails blog.

http://www.cryptofails.com/post/70059608390/php-documentation-woes

A password based key derivation function should be used (bcrypt, PBKDF2).

However the use of MD-5 for key derivation however isn't that bad and if the password is strong enough (it usually isn't) then the generated DES ABC key is strong enough even now.

Using an identical IV for each password means that this function directly leaks information about the encrypted file. If the start of two encrypted files is identical then this function will directly leak information. For instance, if the routine encrypts multiple images then the JPEG header would be easily distinguished.

All in all these examples use deprecated routines (mcrypt), deprecated cryptographic functions (MD5 / DES) and then incorrectly perform the actual encryption. Enough reason to destroy them in the first place.
To Top