标签归档:mcrypt

Linux 下安装mcrypt,mhash扩展

发表评论

MCrypt
MCrypt is a replacement for the old crypt() package and crypt(1) command, with extensions. It allows developers to use a wide range of encryption functions, without making drastic changes to their code. It allows users to encrypt files or data streams without having to be cryptographers. Above all, it allows you to have some really neat code on your machine. 🙂

The companion to MCrypt is Libmcrypt, which contains the actual encryption functions themselves, and provides a standardized mechanism for accessing them.
Mhash:

Mhash is a free (under GNU Lesser GPL) library which provides a uniform interface to a large number of hash algorithms. These algorithms can be used to compute checksums, message digests, and other signatures.
The HMAC support implements the basics for message authentication, following RFC 2104. In the later versions some key generation algorithms, which use hash algorithms, have been added. The manpage for mhash is mhash.3.html.

At the time of writing this, the library supports the algorithms:

SHA1, SHA160, SHA192, SHA224, SHA384, SHA512, HAVAL128, HAVAL160, HAVAL192, HAVAL224, HAVAL256, RIPEMD128, RIPEMD256, RIPEMD320, MD4, MD5, TIGER, TIGER128, TIGER160, ALDER32, CRC32, CRC32b, WHIRLPOOL, GOST, SNEFRU128, SNEFRU256

1. 软件下载:

http://www.sourceforge.net下载Libmcrypt,mhash,mcrypt安装包:

Libmcrypt(libmcrypt-2.5.8.tar.gz):http://sourceforge.net/project/showfiles.php?group_id=87941&package_id=91774&release_id=487459
mcrypt(mcrypt-2.6.8.tar.gz):http://sourceforge.net/project/showfiles.php?group_id=87941&package_id=91948&release_id=642101
mhash(mhash-0.9.9.9.tar.gz):http://sourceforge.net/project/showfiles.php?group_id=4286&package_id=4300&release_id=645636

2. 先安装Libmcrypt
# tar -zxvf libmcrypt-2.5.8.tar.gz
# cd libmcrypt-2.5.8
# ./configure
# make
# make install

说明:libmcript默认安装在/usr/local

3. 安装mhash
# tar -zxvf mhash-0.9.9.9.tar.gz
# cd mhash-0.9.9.9
# ./configure
# make
# make install

4. 安装mcrypt
# tar -zxvf mcrypt-2.6.8.tar.gz
# cd mcrypt-2.6.8
# LD_LIBRARY_PATH=/usr/local
# ./configure
# make
# make install

说明:由于在配置Mcrypt时,会找不到libmcrypt的链接库,导致无法编译,因为Libmcrypt的链接库在/usr/local/文件夹下。因些在配置mcrypt时要加入LD_LIBRARY_PATH=/usr/local导入键接库(请仔细查看configure后的提示,注意LD_LIBRARY_PATH设置与实际路径相符)

5. 安装PHP

没有提示错误就说明安装完成了,接着就要为PHP添加mcrypt模块了,在任意PHP文件中加入函数 phpinfo(),即可取得目前PHP的配置,在这些配置后面新增需要加入的配置:
'--with-mcrypt=/usr/local/include' ''--with-mhash''

然后进入php源代码目录,执行这条完整的configure命令,以下是我的configure选项:
'./configure'
'--prefix=/usr/local/php'
'--with-mysql=/usr/local/mysql'
'--with-mysqli=/usr/local/mysql/bin/mysql_config'
'--with-apxs2=/usr/local/apache/bin/apxs'
'--with-jpeg-dir=/usr/local/modules/jpeg6'
'--with-gd=/usr/local/modules/gd'
'--enable-gd-native-ttf'
'--with-iconv'
'--with-png-dir=/usr/local/modules/libpng'
'--with-ttf'
'--with-openssl'
'--with-zlib-dir=/usr/local/modules/zlib/'
'--with-freetype-dir=/usr/local/modules/freetype'
'--enable-magic-quotes'
'--enable-mbstring'
'--enable-force-cgi-redirect'
'--enable-wddx'
'--with-curl=/usr/local/curl'
'--enable-soap'
'--enable-sockets'
'--with-mcrypt=/usr/local/include'
'--with-mhash'

配置完成,下面进行源码包的制作和安装
make clean (一定需要)
make
make install

最后重启APACHE服务,万事OK。

现在可以试一下使用加密算法了

$password = mcrypt_cbc(MCRYPT_DES, $key, $message, MCRYPT_ENCRYPT);  
$password = bin2hex($password );

目前这条加密语句可以运行,但是会出现notice,因为在最新的版本中提倡使用initialization vector — 即IV。
参考一段Manual中的代码

<?php      
$key = "this is a secret key";      
$input = "Let us meet at 9 o'clock at the secret place.";      
$td = mcrypt_module_open('tripledes', '', 'ecb', '');    $iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND);      
mcrypt_generic_init($td, $key, $iv);      
$encrypted_data = mcrypt_generic($td, $input);    mcrypt_generic_deinit($td);      
mcrypt_module_close($td);  
?> 
<?php  
$key = "this is a secret key";  
$input = "Let us meet at 9 o'clock at the secret place.";  
 
$encrypted_data = mcrypt_ecb (MCRYPT_3DES, $key, $input, MCRYPT_ENCRYPT);  
?>

mhash:

<?php  
$hash_alg = MHASH_TIGER;   
print "This data has been hashed with the".mhash_get_hash_name($hashed_message)."hashing algorithm.";   
?> 
<?php  
$input = "what do ya want for nothing?";  
$hash = mhash(MHASH_MD5, $input);  
echo "The hash is " . bin2hex($hash) . "<br />\n";  
$hash = mhash(MHASH_MD5, $input, "Jefe");  
echo "The hmac is " . bin2hex($hash) . "<br />\n";  
?>

******************************************************

Get and Install mhash

wget http://internap.dl.sourceforge.net/sourceforge/mhash/mhash-0.9.9.9.tar.gz
or go to sourceforge and find the latest.

tar -xvzf mhash-0.9.9.tar.gz
cd mhash-0.9.9
./configure --prefix=/usr/local/mhash
make
make install

Get and install libmcrypt

wget http://easynews.dl.sourceforge.net/sourceforge/mcrypt/libmcrypt-2.5.8.tar.gz
tar -xvzf libmcrypt-2.5.8.tar.gz
cd libmcrypt-2.5.8
./configure --prefix=/usr/local/libmcrypt --disable-posix-threads
make
make install

Get and install mcrypt.

wget http://superb-west.dl.sourceforge.net/sourceforge/mcrypt/mcrypt-2.6.8.tar.gz
or go to source forge and get the latest.

tar -zxvf mcrypt-2.6.8.tar.gz
cd mcrypt-2.6.8
./configure
make
make install

Create the mcrypt php5 module to load.

Find you source code for your php version.

use: find / -name “php”

mine was found here /usr/src/redhat/SOURCES/php-5.1.6/

cd to php-5.2.6/ext/mcrypt
phpize
aclocal
./configure
make clean
make
make install

If you are using a 64 bit computer, create a symbolic link.
cd /usr/lib64/modules
ln -s /usr/local/lib/php/extensions/no-debug-non-zts-20050922/mcrypt.so ./mcrypt.so

Create a new file named mcrypt.so in /etc/php.d directory and enter the following.

;Enable mcrypt extension module
extension=mcrypt.so

Create the mhash extension:

cd to php-5.2.6/ext/mhash
phpize
aclocal
./configure
make clean
make
make install

cd /usr/lib64/modules
[root modules]# ln -s /usr/local/lib/php/extensions/no-debug-non-zts-20050922/mhash.so ./mhash.so

Create a new file named mcrypt.so in /etc/php.d directory and enter the following.

;Enable mhash extension module
extension=mhash.so

Bounce Apache
[root /]#service httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd:                                            [  OK  ]

Check Apache for mcrypt loaded.
Move to your website loaction and create a file named phpinfo.php and enter.

<?=phpinfo();?>

Now open a brower and point it to your site /phpinfo.php

Look for a section named mcrypt and mhash, they should show the version, supported ciphers, enabled, etc.

phpinfo mcrypt mhash picture
Note: If you do not see the section, then the module did not load.