Convert Mcrypt RC4 to PHP-OpenSSL

Question

I updated a serve from php 5 to php 7 and mcrypt function now is deprecated.

I have the following code:

$encryptedUserInfo = @mcrypt_encrypt(MCRYPT_ARCFOUR, $sessionKey, $json, MCRYPT_MODE_STREAM);

Reading some post in stackoverflow i found this code:

$message_padded = $message;
if (strlen($message_padded) % 8) {
    $message_padded = str_pad($message_padded,
        strlen($message_padded) + 8 - strlen($message_padded) % 8, "\0");
}

$encrypted_mcrypt = @mcrypt_encrypt(MCRYPT_ARCFOUR, $key, $message, MCRYPT_MODE_STREAM);
$encrypted_openssl = openssl_encrypt($message_padded, "RC4", $key, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING);

printf("%s => %s\n", bin2hex($message), bin2hex($encrypted_mcrypt));
printf("%s => %s\n", bin2hex($message_padded), bin2hex($encrypted_openssl));

But i still recived differents answers:

For mcrypt:

7b22757365724e616d65223a6e756c6c2c2261747472696275746573223a7b227573657250726f6772616d73223a2250726f6772616d4e616d65227d7d => f373453d449b731f75d9a35dee7486d8c904465bfdf6e912eceb272f5dd8ee85fabde5ad06e3d87192e0fa90182c8bc4b096ad89866b643305b3f15eb0 

For openssl:

7b22757365724e616d65223a6e756c6c2c2261747472696275746573223a7b227573657250726f6772616d73223a2250726f6772616d4e616d65227d7d000000 => 272b1b4c0a19e79e7234e8fb494cb162c6c551ec35352fc04bff3885ce34c211080d0cfaf70635cec929236b5f444a6916c529bb3a62db01fef8d0cb8dd2f3a1

So, i think that the different is in MCRYPT_MODE_STREAM that i dont know how to do that in openssl.

Can someone help me? Thanks!

Answer 1

I found the solution... the method to use is not RC4, is RC4-40

 $encryptedUserInfo = openssl_encrypt($json, "RC4-40", $sessionKey, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING);

No need to the padding message.