php - openssl_encrypt VS mcrypt_encrypt -

i have aes 128 encryption in cbc mode , match same aes encyption in coldfusion.

here code in php:

function pkcs5_pad($text, $blocksize) {     $pad = $blocksize - (strlen($text) % $blocksize);     return $text . str_repeat(chr($pad), $pad); }  $key = "vrj6xsui7ogebuk+n1vkka=="; $iv = "af9iptpjc+zea2auuxuloq=="; $data = $this->pkcs5_pad("message encrypt", 16); echo openssl_encrypt($data, 'aes-128-cbc', $key, 0, base64_decode($iv)); echo "<br>"; echo base64_encode(mcrypt_encrypt(mcrypt_rijndael_128, $key, $data, mcrypt_mode_cbc, base64_decode($iv))); 

mcrypt_encrypt depreciated gives me same compatible result in coldfusion: qlz13+xk19lzjsbfs92ze5akudbwosnf2ryzn7aaehc= openssl_encrypt gives me diffrent value: dnecuy2tmvlzhzclnewrpyhebhajzmkpwbporfnw5en4d37madeipglpvnazmw4q

how can make openssl_encrypt give same value mcrypt_encrypt does? isn't supposed replacement it?

two problems:

1. you aren't base64 decoding key, you're passing 24-byte (= 192-bit) key both openssl_encrypt , mcrypt_encrypt. apparently, these functions interpret such key in different ways! base64_decode key first consistent results.

   alternatively, if want use base64-encoded string 192-bit key, pass 'aes-192-cbc' method openssl_encrypt(). mcrypt doing here. (which not same happen if passed mcrypt_rijndael_192 cipher -- changes block size, not key size!)

2. openssl_encrypt uses pkcs5 padding automatically. padding data before passing function ends making data padded twice, leaving 1 block longer intended.

with these problems fixed, both functions give same result.