mcryptがPHP 7.1以降で非推奨になった。
PHP 7.1.x で推奨されなくなる機能
mcrypt 拡張モジュールは十年近くにわたって放置されており、極めて使いづらいものです。 そこで、この拡張モジュールを非推奨にしました。かわりに OpenSSL を使いましょう。 mcryptは PHP 7.2 でコアから削除されて、PECL に移る予定です。
openssl_関数では暗号化アルゴリズムを選択して暗号できる。
AESで暗号化・複合する例
$algo = 'AES-128-CBC'; // AES 128bit CBCモード
$key = '*****'; // 暗号キー
$data = 'plain text'; // 暗号化するデータ
$encrypted = encrypt($algo, $key, $data);
var_dump($encrypted);
$decrypted = decrypt($algo, $key, $encrypted);
var_dump($decrypted);
/*
* @param int $length 文字数
*/
function getRandomString($length){
$chars = implode('', array_merge(range('a', 'z'), range('A', 'Z'), range('0', '9')));
$str = '';
for ($i = 0; $i < $length; ++$i) {
$str .= $chars[mt_rand(0, 61)];
}
return $str;
}
/**
* アルゴリズムと暗号化キーを指定して暗号化
* @param string $algo アルゴリズム
* @param string $key 暗号化キー
* @param string $data 暗号化対象データ
* @return string 暗号化済みデータ
*/
function encrypt($algo, $key, $data){
$iv_size = openssl_cipher_iv_length($algo); // 初期化ベクトルの長さを取得
$iv = getRandomString($iv_size); // ランダムな文字列で初期化ベクトルを作成
// 暗号化
$encrypted = openssl_encrypt($data, $algo, $key, OPENSSL_RAW_DATA, $iv);
return $iv . $encrypted; // 復号のために初期化ベクトルを付与しておく
}
/**
* アルゴリズムと暗号化キーを指定して復号
* @param string $algo アルゴリズム
* @param string $key 暗号化キー
* @param string $data 復号対象データ
* @return string 復号済みデータ
*/
function decrypt($algo, $key, $encrypted){
$iv_size = openssl_cipher_iv_length($algo); // 初期化ベクトルの長さを取得
// 暗号データと初期化ベクトルを分ける
$iv = substr($encrypted, 0,$iv_size);
$encrypted_data = substr($encrypted, $iv_size);
// 復号
$desrpted = openssl_decrypt($encrypted_data, $algo, $key, OPENSSL_RAW_DATA, $iv);
return $desrpted;
}
利用可能な暗号メソッドの確認
利用可能な暗号メソッドは環境によって異なる。
利用可能な暗号メソッドを取得するには openssl_get_cipher_methods() を使う。
var_dump(openssl_get_cipher_methods());
array(190) {
[0]=>
string(11) "AES-128-CBC"
[1]=>
string(21) "AES-128-CBC-HMAC-SHA1"
[2]=>
string(23) "AES-128-CBC-HMAC-SHA256"
[3]=>
string(11) "AES-128-CFB"
[4]=>
string(12) "AES-128-CFB1"
[5]=>
string(12) "AES-128-CFB8"
[6]=>
string(11) "AES-128-CTR"
[7]=>
string(11) "AES-128-ECB"
[8]=>
string(11) "AES-128-OFB"
[9]=>
string(11) "AES-128-XTS"
[10]=>
string(11) "AES-192-CBC"
[11]=>
string(11) "AES-192-CFB"
[12]=>
string(12) "AES-192-CFB1"
[13]=>
string(12) "AES-192-CFB8"
[14]=>
string(11) "AES-192-CTR"
[15]=>
string(11) "AES-192-ECB"
[16]=>
string(11) "AES-192-OFB"
[17]=>
string(11) "AES-256-CBC"
[18]=>
string(21) "AES-256-CBC-HMAC-SHA1"
[19]=>
string(23) "AES-256-CBC-HMAC-SHA256"
[20]=>
string(11) "AES-256-CFB"
[21]=>
string(12) "AES-256-CFB1"
[22]=>
string(12) "AES-256-CFB8"
[23]=>
string(11) "AES-256-CTR"
[24]=>
string(11) "AES-256-ECB"
[25]=>
string(11) "AES-256-OFB"
[26]=>
string(11) "AES-256-XTS"
[27]=>
string(6) "BF-CBC"
[28]=>
string(6) "BF-CFB"
[29]=>
string(6) "BF-ECB"
[30]=>
string(6) "BF-OFB"
[31]=>
string(16) "CAMELLIA-128-CBC"
[32]=>
string(16) "CAMELLIA-128-CFB"
[33]=>
string(17) "CAMELLIA-128-CFB1"
[34]=>
string(17) "CAMELLIA-128-CFB8"
[35]=>
string(16) "CAMELLIA-128-ECB"
[36]=>
string(16) "CAMELLIA-128-OFB"
[37]=>
string(16) "CAMELLIA-192-CBC"
[38]=>
string(16) "CAMELLIA-192-CFB"
[39]=>
string(17) "CAMELLIA-192-CFB1"
[40]=>
string(17) "CAMELLIA-192-CFB8"
[41]=>
string(16) "CAMELLIA-192-ECB"
[42]=>
string(16) "CAMELLIA-192-OFB"
[43]=>
string(16) "CAMELLIA-256-CBC"
[44]=>
string(16) "CAMELLIA-256-CFB"
[45]=>
string(17) "CAMELLIA-256-CFB1"
[46]=>
string(17) "CAMELLIA-256-CFB8"
[47]=>
string(16) "CAMELLIA-256-ECB"
[48]=>
string(16) "CAMELLIA-256-OFB"
[49]=>
string(9) "CAST5-CBC"
[50]=>
string(9) "CAST5-CFB"
[51]=>
string(9) "CAST5-ECB"
[52]=>
string(9) "CAST5-OFB"
[53]=>
string(7) "DES-CBC"
[54]=>
string(7) "DES-CFB"
[55]=>
string(8) "DES-CFB1"
[56]=>
string(8) "DES-CFB8"
[57]=>
string(7) "DES-ECB"
[58]=>
string(7) "DES-EDE"
[59]=>
string(11) "DES-EDE-CBC"
[60]=>
string(11) "DES-EDE-CFB"
[61]=>
string(11) "DES-EDE-OFB"
[62]=>
string(8) "DES-EDE3"
[63]=>
string(12) "DES-EDE3-CBC"
[64]=>
string(12) "DES-EDE3-CFB"
[65]=>
string(13) "DES-EDE3-CFB1"
[66]=>
string(13) "DES-EDE3-CFB8"
[67]=>
string(12) "DES-EDE3-OFB"
[68]=>
string(7) "DES-OFB"
[69]=>
string(8) "DESX-CBC"
[70]=>
string(8) "IDEA-CBC"
[71]=>
string(8) "IDEA-CFB"
[72]=>
string(8) "IDEA-ECB"
[73]=>
string(8) "IDEA-OFB"
[74]=>
string(10) "RC2-40-CBC"
[75]=>
string(10) "RC2-64-CBC"
[76]=>
string(7) "RC2-CBC"
[77]=>
string(7) "RC2-CFB"
[78]=>
string(7) "RC2-ECB"
[79]=>
string(7) "RC2-OFB"
[80]=>
string(3) "RC4"
[81]=>
string(6) "RC4-40"
[82]=>
string(12) "RC4-HMAC-MD5"
[83]=>
string(8) "SEED-CBC"
[84]=>
string(8) "SEED-CFB"
[85]=>
string(8) "SEED-ECB"
[86]=>
string(8) "SEED-OFB"
[87]=>
string(11) "aes-128-cbc"
[88]=>
string(21) "aes-128-cbc-hmac-sha1"
[89]=>
string(23) "aes-128-cbc-hmac-sha256"
[90]=>
string(11) "aes-128-ccm"
[91]=>
string(11) "aes-128-cfb"
[92]=>
string(12) "aes-128-cfb1"
[93]=>
string(12) "aes-128-cfb8"
[94]=>
string(11) "aes-128-ctr"
[95]=>
string(11) "aes-128-ecb"
[96]=>
string(11) "aes-128-gcm"
[97]=>
string(11) "aes-128-ofb"
[98]=>
string(11) "aes-128-xts"
[99]=>
string(11) "aes-192-cbc"
[100]=>
string(11) "aes-192-ccm"
[101]=>
string(11) "aes-192-cfb"
[102]=>
string(12) "aes-192-cfb1"
[103]=>
string(12) "aes-192-cfb8"
[104]=>
string(11) "aes-192-ctr"
[105]=>
string(11) "aes-192-ecb"
[106]=>
string(11) "aes-192-gcm"
[107]=>
string(11) "aes-192-ofb"
[108]=>
string(11) "aes-256-cbc"
[109]=>
string(21) "aes-256-cbc-hmac-sha1"
[110]=>
string(23) "aes-256-cbc-hmac-sha256"
[111]=>
string(11) "aes-256-ccm"
[112]=>
string(11) "aes-256-cfb"
[113]=>
string(12) "aes-256-cfb1"
[114]=>
string(12) "aes-256-cfb8"
[115]=>
string(11) "aes-256-ctr"
[116]=>
string(11) "aes-256-ecb"
[117]=>
string(11) "aes-256-gcm"
[118]=>
string(11) "aes-256-ofb"
[119]=>
string(11) "aes-256-xts"
[120]=>
string(6) "bf-cbc"
[121]=>
string(6) "bf-cfb"
[122]=>
string(6) "bf-ecb"
[123]=>
string(6) "bf-ofb"
[124]=>
string(16) "camellia-128-cbc"
[125]=>
string(16) "camellia-128-cfb"
[126]=>
string(17) "camellia-128-cfb1"
[127]=>
string(17) "camellia-128-cfb8"
[128]=>
string(16) "camellia-128-ecb"
[129]=>
string(16) "camellia-128-ofb"
[130]=>
string(16) "camellia-192-cbc"
[131]=>
string(16) "camellia-192-cfb"
[132]=>
string(17) "camellia-192-cfb1"
[133]=>
string(17) "camellia-192-cfb8"
[134]=>
string(16) "camellia-192-ecb"
[135]=>
string(16) "camellia-192-ofb"
[136]=>
string(16) "camellia-256-cbc"
[137]=>
string(16) "camellia-256-cfb"
[138]=>
string(17) "camellia-256-cfb1"
[139]=>
string(17) "camellia-256-cfb8"
[140]=>
string(16) "camellia-256-ecb"
[141]=>
string(16) "camellia-256-ofb"
[142]=>
string(9) "cast5-cbc"
[143]=>
string(9) "cast5-cfb"
[144]=>
string(9) "cast5-ecb"
[145]=>
string(9) "cast5-ofb"
[146]=>
string(7) "des-cbc"
[147]=>
string(7) "des-cfb"
[148]=>
string(8) "des-cfb1"
[149]=>
string(8) "des-cfb8"
[150]=>
string(7) "des-ecb"
[151]=>
string(7) "des-ede"
[152]=>
string(11) "des-ede-cbc"
[153]=>
string(11) "des-ede-cfb"
[154]=>
string(11) "des-ede-ofb"
[155]=>
string(8) "des-ede3"
[156]=>
string(12) "des-ede3-cbc"
[157]=>
string(12) "des-ede3-cfb"
[158]=>
string(13) "des-ede3-cfb1"
[159]=>
string(13) "des-ede3-cfb8"
[160]=>
string(12) "des-ede3-ofb"
[161]=>
string(7) "des-ofb"
[162]=>
string(8) "desx-cbc"
[163]=>
string(13) "id-aes128-CCM"
[164]=>
string(13) "id-aes128-GCM"
[165]=>
string(14) "id-aes128-wrap"
[166]=>
string(13) "id-aes192-CCM"
[167]=>
string(13) "id-aes192-GCM"
[168]=>
string(14) "id-aes192-wrap"
[169]=>
string(13) "id-aes256-CCM"
[170]=>
string(13) "id-aes256-GCM"
[171]=>
string(14) "id-aes256-wrap"
[172]=>
string(24) "id-smime-alg-CMS3DESwrap"
[173]=>
string(8) "idea-cbc"
[174]=>
string(8) "idea-cfb"
[175]=>
string(8) "idea-ecb"
[176]=>
string(8) "idea-ofb"
[177]=>
string(10) "rc2-40-cbc"
[178]=>
string(10) "rc2-64-cbc"
[179]=>
string(7) "rc2-cbc"
[180]=>
string(7) "rc2-cfb"
[181]=>
string(7) "rc2-ecb"
[182]=>
string(7) "rc2-ofb"
[183]=>
string(3) "rc4"
[184]=>
string(6) "rc4-40"
[185]=>
string(12) "rc4-hmac-md5"
[186]=>
string(8) "seed-cbc"
[187]=>
string(8) "seed-cfb"
[188]=>
string(8) "seed-ecb"
[189]=>
string(8) "seed-ofb"
}
