What is mcrypt php extension?

← ServerPilot Docs

Nội dung chính Show

Installing mcrypt on PHP 5, PHP 7.0, and PHP 7.1
Installing mcrypt on PHP 7.2, 7.3, or 7.4
Verifying mcrypt Is Installed
Uninstalling the Mcrypt Extension
What is mcrypt PHP extension required?
How do I enable PHP mcrypt extension?
How do I install mcrypt extension?
How do I know if mcrypt is installed?

In the examples shown, replace "X.Y" with your app's PHP version (for example, "7.2").

The mcrypt extension is an interface to the mcrypt cryptography library. This extension is useful for allowing PHP code using mcrypt to run on PHP 7.2+.

The mcrypt extension is included in PHP 5.4 through PHP 7.1. It was removed from PHP 7.2 and moved to an unofficial PECL extension because the mcrypt library is no longer maintained.

For PHP 7.2+, PHP instead uses libsodium as a cryptography library. ServerPilot builds PHP 7.2+ with the official libsodium extension. New PHP code should be written to use libsodium rather than mcrypt.

Installing mcrypt on PHP 5, PHP 7.0, and PHP 7.1

You do not need to install the mcrypt extension on PHP 5, 7.0, or 7.1. ServerPilot builds these PHP versions with the mcrypt extension so it is always available.

Installing mcrypt on PHP 7.2, 7.3, or 7.4

To install this extension on PHP 7.2 through 7.4, run the following commands as your server's root user:

sudo apt-get -y install gcc make autoconf libc-dev pkg-config
sudo apt-get -y install libmcrypt-dev
sudo pecl7.2-sp install --nodeps mcrypt-snapshot

When you are shown the prompt

libmcrypt prefix? [autodetect] :

Press Enter to autodetect.

Once installed, create a configuration file for the extension and restart PHP by running the following commands as root:

sudo bash -c "echo extension=mcrypt.so > /etc/php7.2-sp/conf.d/mcrypt.ini"
sudo service php7.2-fpm-sp restart

Verifying mcrypt Is Installed

You can check that the extension was installed with this command:

php7.2-sp -i | grep mcrypt

The output will look like this:

$ php7.2-sp -i | grep mcrypt
/etc/php7.2-sp/conf.d/mcrypt.ini,
Registered Stream Filters => zlib.*, convert.iconv.*, bzip2.*, string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*, consumed, dechunk, mcrypt.*, mdecrypt.*
mcrypt
mcrypt support => enabled
mcrypt_filter support => enabled
mcrypt.algorithms_dir => no value => no value
mcrypt.modes_dir => no value => no value

Uninstalling the Mcrypt Extension

To uninstall this extension, as root run the commands:

sudo rm /etc/phpX.Y-sp/conf.d/mcrypt.ini
sudo peclX.Y-sp uninstall mcrypt

Next, restart PHP-FPM with the command:

sudo service phpX.Y-fpm-sp restart

Last updated: October 8, 2018

Introduction
Installing/Configuring
- Requirements
- Installation
- Runtime Configuration
- Resource Types
Predefined Constants
Mcrypt ciphers
Mcrypt Functions
- mcrypt_create_iv — Creates an initialization vector (IV) from a random source
- mcrypt_decrypt — Decrypts crypttext with given parameters
- mcrypt_enc_get_algorithms_name — Returns the name of the opened algorithm
- mcrypt_enc_get_block_size — Returns the blocksize of the opened algorithm
- mcrypt_enc_get_iv_size — Returns the size of the IV of the opened algorithm
- mcrypt_enc_get_key_size — Returns the maximum supported keysize of the opened mode
- mcrypt_enc_get_modes_name — Returns the name of the opened mode
- mcrypt_enc_get_supported_key_sizes — Returns an array with the supported keysizes of the opened algorithm
- mcrypt_enc_is_block_algorithm_mode — Checks whether the encryption of the opened mode works on blocks
- mcrypt_enc_is_block_algorithm — Checks whether the algorithm of the opened mode is a block algorithm
- mcrypt_enc_is_block_mode — Checks whether the opened mode outputs blocks
- mcrypt_enc_self_test — Runs a self test on the opened module
- mcrypt_encrypt — Encrypts plaintext with given parameters
- mcrypt_generic_deinit — This function deinitializes an encryption module
- mcrypt_generic_init — This function initializes all buffers needed for encryption
- mcrypt_generic — This function encrypts data
- mcrypt_get_block_size — Gets the block size of the specified cipher
- mcrypt_get_cipher_name — Gets the name of the specified cipher
- mcrypt_get_iv_size — Returns the size of the IV belonging to a specific cipher/mode combination
- mcrypt_get_key_size — Gets the key size of the specified cipher
- mcrypt_list_algorithms — Gets an array of all supported ciphers
- mcrypt_list_modes — Gets an array of all supported modes
- mcrypt_module_close — Closes the mcrypt module
- mcrypt_module_get_algo_block_size — Returns the blocksize of the specified algorithm
- mcrypt_module_get_algo_key_size — Returns the maximum supported keysize of the opened mode
- mcrypt_module_get_supported_key_sizes — Returns an array with the supported keysizes of the opened algorithm
- mcrypt_module_is_block_algorithm_mode — Returns if the specified module is a block algorithm or not
- mcrypt_module_is_block_algorithm — This function checks whether the specified algorithm is a block algorithm
- mcrypt_module_is_block_mode — Returns if the specified mode outputs blocks or not
- mcrypt_module_open — Opens the module of the algorithm and the mode to be used
- mcrypt_module_self_test — This function runs a self test on the specified module
- mdecrypt_generic — Decrypts data

Kyle T ¶

4 years ago

This was posted before by another user but has been downvoted. I just wanted to confirm that we suffered massive performance issues related to mcrypt on CentOS (PHP 5.6.32) that are not present in other flavors of Linux.

A sampling of 25,000 encrypts/decrypts takes 4-5x longer when running mcrypt on Centos 7 as compared to Ubuntu. Switching out mcrypt for OpenSSL on Centos will result in a massive increase in performance.

For lower traffic website it can be negligible, but when you start seeing significant traffic/load it will quickly bring down a server.

Maarten Malaise ¶

12 years ago

people using phpmyadmin are redirected to this manual if they don't have mcrypt installed. If you want to install mcrypt on debian, first check your php version:

yourserver# php --version

Then install the appropriate version of mcrypt (php5-mcrypt if your php version is 5.x)

yourserver# apt-get install php4-mcrypt ...or... yourserver# apt-get install php5-mcrypt

Anonymous ¶

10 years ago

These are two simple functions I built for 256-bit encryption/decryption with mcrypt. I've decided to use MCRYPT_RIJNDAEL_128 because it's AES-compliant, and MCRYPT_MODE_CBC. (ECB mode is inadequate for many purposes because it does not use an IV.)

This function stores a hash of the data to verify that the data was decrypted successfully, but this could be easily removed if necessary.

function encrypt($decrypted, $password, $salt='!kQm*fF3pXe1Kbm%9') { // Build a 256-bit $key which is a SHA256 hash of $salt and $password. $key = hash('SHA256', $salt . $password, true); // Build $iv and $iv_base64. We use a block size of 128 bits (AES compliant) and CBC mode. (Note: ECB mode is inadequate as IV is not used.) srand(); $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC), MCRYPT_RAND); if (strlen($iv_base64 = rtrim(base64_encode($iv), '=')) != 22) return false; // Encrypt $decrypted and an MD5 of $decrypted using $key. MD5 is fine to use here because it's just to verify successful decryption. $encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $decrypted . md5($decrypted), MCRYPT_MODE_CBC, $iv)); // We're done! return $iv_base64 . $encrypted; }

function

decrypt($encrypted, $password, $salt='!kQm*fF3pXe1Kbm%9') {
 // Build a 256-bit $key which is a SHA256 hash of $salt and $password.
 $key = hash('SHA256', $salt . $password, true);
 // Retrieve $iv which is the first 22 characters plus ==, base64_decoded.
 $iv = base64_decode(substr($encrypted, 0, 22) . '==');
 // Remove $iv from $encrypted.
 $encrypted = substr($encrypted, 22);
 // Decrypt the data.  rtrim won't corrupt the data because the last 32 characters are the md5 hash; thus any \0 character has to be padding.
 $decrypted = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($encrypted), MCRYPT_MODE_CBC, $iv), "\0\4");
 // Retrieve $hash which is the last 32 characters of $decrypted.
 $hash = substr($decrypted, -32);
 // Remove the last 32 characters from $decrypted.
 $decrypted = substr($decrypted, 0, -32);
 // Integrity check.  If this fails, either the data is corrupted, or the password/salt was incorrect.
 if (md5($decrypted) != $hash) return false;
 // Yay!
 return $decrypted;
 }
?>

ghoffman at salientdigital dot com ¶

11 years ago

If you want a quick way to see what ciphers, modes, key, block and iv sizes are supported on your server, try something like the following.

Note: I used this simple bash: `locate libmcrypt` from terminal on Mac OS X to determine the install paths to the algorithms and modes directories. Lots of function calls generate warnings for certain ciphers, hence the use of error suppression.

$modes

= mcrypt_list_modes();
$algorithms = mcrypt_list_algorithms();
foreach($algorithms as $cipher)
{
    echo "".$cipher."
\n";
    foreach($modes as $mode)
    {
        echo "".$mode."
\n";
        @$td = mcrypt_module_open(
            $cipher,
            '/usr/local/libmcrypt-2.5.8/modules/algorithms/',
            $mode,
            '/usr/local/libmcrypt-2.5.8/modules/modes/');
        @$key_size = mcrypt_enc_get_key_size($td);
        @$block_size = mcrypt_get_block_size($cipher,$mode);
        @$iv_size = mcrypt_get_iv_size($cipher, $mode);
        @mcrypt_module_close($td);
        echo "
          
            key_size: ". ($key_size?$key_size:'n/a') 
      ."    block_size: ". ($block_size?$block_size:'n/a') 
      ."    iv_size: ". ($iv_size?$iv_size:'n/a') 
      ."  
\n";
        $td=NULL;
        $key_size=NULL;
        $block_size=NULL;
        $iv_size=NULL;
    }
}?>

Daniel Esteve ¶

5 years ago

The Mcrypt library has been declared DEPRECATED since PHP 7.1, to use in its OpenSSL

What is mcrypt PHP extension required?

The mcrypt extension is an interface to the mcrypt cryptography library. This extension is useful for allowing PHP code using mcrypt to run on PHP 7.2+. The mcrypt extension is included in PHP 5.4 through PHP 7.1.

How do I enable PHP mcrypt extension?

You can install Mcrypt from the PHP Source Tree as a module if you choose. Enable the module by adding: 'extension=mcrypt.so' to PHP. ini. Done!

How do I install mcrypt extension?

We've put together instruction on how to enable php-mcrypt for both Unix and Windows servers..

Find php. ini (main php configuration file).

Open and search for;extension=php_mcrypt. dll ).

Uncomment/remove “;” and save the php. ini..

How do I know if mcrypt is installed?

You can also achieve this same screen by viewing a php file that has: phpinfo(); somewhere in the code. In this screen, simply search for the string "mcrypt support". If installed, you will see a box that says "enabled".

What is mcrypt php extension?

Installing mcrypt on PHP 5, PHP 7.0, and PHP 7.1

Installing mcrypt on PHP 7.2, 7.3, or 7.4

Verifying mcrypt Is Installed

Uninstalling the Mcrypt Extension

".$cipher."

".$mode."

What is mcrypt PHP extension required?

How do I enable PHP mcrypt extension?

How do I install mcrypt extension?

How do I know if mcrypt is installed?

Bài Viết Liên Quan

Quảng Cáo

Có thể bạn quan tâm

Toplist được quan tâm

Quảng cáo

Xem Nhiều

Quảng cáo

Chúng tôi

Điều khoản

Trợ giúp

Mạng xã hội