search

oroinc / platform

Main OroPlatform package with core functionality.
MIT License
629 stars 351 forks source link

Remove and replace ext_mcrypt #782

Closed gplanchat closed 5 years ago

gplanchat commented 6 years ago

ext_mcrypt has been removed from PHP 7.2 and therefore Oro(CRM|Commerce|Platform) can't work on PHP 7.2.

https://wiki.php.net/rfc/mcrypt-viking-funeral

Alternatives includes OpenSSL or Libsodium.

Here's the grep of the vendors:

vendor/ass/xmlsecurity/composer.json:        "ext-mcrypt": "*"
vendor/ass/xmlsecurity/src/ass/XmlSecurity/Key/Block.php:            // for PHP 5.3 fall back to mcrypt if available
vendor/ass/xmlsecurity/src/ass/XmlSecurity/Key/Block.php:            } elseif (function_exists('mcrypt_decrypt')) {
vendor/ass/xmlsecurity/src/ass/XmlSecurity/Key/Block.php:                    $mcryptCipherMethod = MCRYPT_TRIPLEDES;
vendor/ass/xmlsecurity/src/ass/XmlSecurity/Key/Block.php:                    $mcryptCipherMethod = MCRYPT_RIJNDAEL_128;
vendor/ass/xmlsecurity/src/ass/XmlSecurity/Key/Block.php:                $decryptedData = mcrypt_decrypt($mcryptCipherMethod, $this->key, $data, MCRYPT_MODE_CBC, $iv);
vendor/ass/xmlsecurity/src/ass/XmlSecurity/Key/Block.php:     * http://us3.php.net/manual/en/function.mcrypt-encrypt.php#102428
vendor/besimple/soap-common/BeSimple/SoapCommon/composer.json:        "ext-mcrypt": "*",
vendor/composer/composer/tests/Composer/Test/Json/JsonManipulatorTest.php:        "ext-2mcrypt": "*",
vendor/composer/composer/tests/Composer/Test/Json/JsonManipulatorTest.php:        "ext-2mcrypt": "*",
vendor/composer/installed.json:            "ext-mcrypt": "*"
vendor/composer/installed.json:            "ext-mcrypt": "*",
vendor/composer/installed.json:            "ext-mcrypt": "Required for most features of Zend\\Crypt"
vendor/composer/installed.json:            "ext-mcrypt": "*",
vendor/ircmaxell/password-compat/lib/password.php:                if (function_exists('mcrypt_create_iv') && !defined('PHALANGER')) {
vendor/ircmaxell/password-compat/lib/password.php:                    $buffer = mcrypt_create_iv($raw_salt_len, MCRYPT_DEV_URANDOM);
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/DBAL/Types/SecureArrayType.php:    private $mcrypt;
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/DBAL/Types/SecureArrayType.php:     * @param Mcrypt $mcrypt
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/DBAL/Types/SecureArrayType.php:    public function setMcrypt(Mcrypt $mcrypt)
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/DBAL/Types/SecureArrayType.php:        $this->mcrypt = $mcrypt;
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/DBAL/Types/SecureArrayType.php:        if (!$this->mcrypt) {
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/DBAL/Types/SecureArrayType.php:        return $this->mcrypt;
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/OroPaymentBundle.php:            $mcrypt = $this->container->get('oro_security.encoder.mcrypt');
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/OroPaymentBundle.php:            $secureArrayType->setMcrypt($mcrypt);
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/Tests/Unit/DBAL/Types/SecureArrayTypeTest.php:    protected $mcrypt;
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/Tests/Unit/DBAL/Types/SecureArrayTypeTest.php:        $this->mcrypt = new Mcrypt('key');
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/Tests/Unit/DBAL/Types/SecureArrayTypeTest.php:        $secureArrayType->setMcrypt($this->mcrypt);
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/Tests/Unit/DBAL/Types/SecureArrayTypeTest.php:        $encrypted = $this->mcrypt->encryptData(json_encode($value));
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/Tests/Unit/DBAL/Types/SecureArrayTypeTest.php:        $secureArrayType->setMcrypt($this->mcrypt);
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/Tests/Unit/DBAL/Types/SecureArrayTypeTest.php:        $secureArrayType->setMcrypt($this->mcrypt);
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/Tests/Unit/DBAL/Types/SecureArrayTypeTest.php:        $encrypted = $this->mcrypt->encryptData('{"value":"value}');
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/Tests/Unit/DBAL/Types/SecureArrayTypeTest.php:        $secureArrayType->setMcrypt($this->mcrypt);
vendor/oro/commerce/src/Oro/Bundle/PaymentBundle/Tests/Unit/DBAL/Types/SecureArrayTypeTest.php:        $secureArrayType->setMcrypt($this->mcrypt);
vendor/oro/commerce/src/Oro/Bundle/PayPalBundle/Resources/config/form_types.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/commerce/src/Oro/Bundle/PayPalBundle/Resources/config/method.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/commerce/src/Oro/Bundle/PayPalBundle/Resources/config/method.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/commerce/src/Oro/Bundle/PayPalBundle/Resources/config/method.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/commerce/src/Oro/Bundle/PayPalBundle/Resources/config/method.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/commerce/src/Oro/Bundle/UPSBundle/Migrations/Schema/v1_2/UpdatePasswordMigrationQuery.php:        $encryptor = $this->container->get('oro_security.encoder.mcrypt');
vendor/oro/commerce/src/Oro/Bundle/UPSBundle/Resources/config/connection.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/commerce/src/Oro/Bundle/UPSBundle/Resources/config/services.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/commerce/src/Oro/Bundle/UPSBundle/Resources/config/time_in_transit.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Provider/RestTokenProvider.php:    protected $mcrypt;
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Provider/RestTokenProvider.php:     * @param Mcrypt            $mcrypt
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Provider/RestTokenProvider.php:    public function __construct(RegistryInterface $doctrine, Mcrypt $mcrypt)
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Provider/RestTokenProvider.php:        $this->mcrypt   = $mcrypt;
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Provider/RestTokenProvider.php:        return $this->mcrypt->decryptData($encryptedToken);
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Provider/RestTokenProvider.php:        $password = $this->mcrypt->decryptData($encryptedPassword);
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Provider/RestTokenProvider.php:            $this->mcrypt->encryptData($token)
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Resources/config/services.yml:            - "@oro_security.encoder.mcrypt"
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Resources/config/services.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Resources/config/services.yml:            - "@oro_security.encoder.mcrypt"
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Tests/Functional/Provider/Transport/RestTransportTest.php:    protected $mcrypt;
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Tests/Functional/Provider/Transport/RestTransportTest.php:        $this->mcrypt = $this->client->getContainer()->get('oro_security.encoder.mcrypt');
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Tests/Functional/Provider/Transport/RestTransportTest.php:            $this->mcrypt->decryptData($transportEntity->getApiToken())
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Tests/Unit/Form/EventListener/SettingsFormSubscriberTest.php:    protected $mcrypt;
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Tests/Unit/Form/EventListener/SettingsFormSubscriberTest.php:        $this->mcrypt = $this->createMock(Mcrypt::class);
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Tests/Unit/Form/EventListener/SettingsFormSubscriberTest.php:        $this->subscriber = new SettingsFormSubscriber($this->mcrypt);
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Tests/Unit/Form/EventListener/SettingsFormSubscriberTest.php:            $this->mcrypt
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Tests/Unit/Form/EventListener/SettingsFormSubscriberTest.php:            $this->mcrypt
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Tests/Unit/Provider/RestTokenProviderTest.php:    protected $mcrypt;
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Tests/Unit/Provider/RestTokenProviderTest.php:        $this->mcrypt = $this->createMock(Mcrypt::class);
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Tests/Unit/Provider/RestTokenProviderTest.php:        $this->tokenProvider = new RestTokenProvider($doctrine, $this->mcrypt);
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Tests/Unit/Provider/RestTokenProviderTest.php:        $this->mcrypt
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Tests/Unit/Provider/RestTokenProviderTest.php:        $this->mcrypt
vendor/oro/crm/src/Oro/Bundle/MagentoBundle/Tests/Unit/Provider/RestTokenProviderTest.php:        $this->mcrypt
vendor/oro/crm-dotmailer/Resources/config/services.yml:            - "@oro_security.encoder.mcrypt"
vendor/oro/crm-dotmailer/Resources/config/services.yml:            - "@oro_security.encoder.mcrypt"
vendor/oro/crm-dotmailer/Resources/config/services.yml:            - "@oro_security.encoder.mcrypt"
vendor/oro/crm-dotmailer/Tests/Functional/Fixtures/LoadTransportData.php:        $this->encoder = $container->get('oro_security.encoder.mcrypt');
vendor/oro/platform/composer.json:        "ext-mcrypt": "*",
vendor/oro/platform/src/Oro/Bundle/EmailBundle/Resources/config/form.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/platform/src/Oro/Bundle/EmailBundle/Resources/config/form.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/platform/src/Oro/Bundle/EmailBundle/Resources/config/services.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/platform/src/Oro/Bundle/EmailBundle/Resources/config/services.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/platform/src/Oro/Bundle/EmailBundle/Tests/Unit/Provider/SmtpSettingsProviderTest.php:    protected $mcrypt;
vendor/oro/platform/src/Oro/Bundle/EmailBundle/Tests/Unit/Provider/SmtpSettingsProviderTest.php:        $this->mcrypt = new Mcrypt();
vendor/oro/platform/src/Oro/Bundle/EmailBundle/Tests/Unit/Provider/SmtpSettingsProviderTest.php:        $this->settings['oro_email']['smtp_settings_password']['value'] = $this->mcrypt->encryptData(
vendor/oro/platform/src/Oro/Bundle/EmailBundle/Tests/Unit/Provider/SmtpSettingsProviderTest.php:        $this->provider = new SmtpSettingsProvider($this->manager, $this->globalScopeManager, $this->mcrypt);
vendor/oro/platform/src/Oro/Bundle/EmailBundle/Tests/Unit/Provider/SmtpSettingsProviderTest.php:            $this->mcrypt->decryptData($this->getSettingValue('oro_email.smtp_settings_password'))
vendor/oro/platform/src/Oro/Bundle/FormBundle/Resources/config/form_type.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/platform/src/Oro/Bundle/FormBundle/Resources/config/form_type.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/platform/src/Oro/Bundle/ImapBundle/Controller/ConnectionController.php:            $password = $this->get('oro_security.encoder.mcrypt')->decryptData($origin->getPassword());
vendor/oro/platform/src/Oro/Bundle/ImapBundle/EventListener/SendEmailTransportListener.php:    protected $mcrypt;
vendor/oro/platform/src/Oro/Bundle/ImapBundle/EventListener/SendEmailTransportListener.php:     * @param Mcrypt $mcrypt
vendor/oro/platform/src/Oro/Bundle/ImapBundle/EventListener/SendEmailTransportListener.php:        Mcrypt $mcrypt,
vendor/oro/platform/src/Oro/Bundle/ImapBundle/EventListener/SendEmailTransportListener.php:        $this->mcrypt = $mcrypt;
vendor/oro/platform/src/Oro/Bundle/ImapBundle/EventListener/SendEmailTransportListener.php:            $password = $this->mcrypt->decryptData($emailOrigin->getPassword());
vendor/oro/platform/src/Oro/Bundle/ImapBundle/EventListener/UserEmailOriginListener.php:    protected $mcrypt;
vendor/oro/platform/src/Oro/Bundle/ImapBundle/EventListener/UserEmailOriginListener.php:     * @param Mcrypt $mcrypt
vendor/oro/platform/src/Oro/Bundle/ImapBundle/EventListener/UserEmailOriginListener.php:        Mcrypt $mcrypt,
vendor/oro/platform/src/Oro/Bundle/ImapBundle/EventListener/UserEmailOriginListener.php:        $this->mcrypt = $mcrypt;
vendor/oro/platform/src/Oro/Bundle/ImapBundle/EventListener/UserEmailOriginListener.php:            $this->mcrypt->decryptData($origin->getPassword()),
vendor/oro/platform/src/Oro/Bundle/ImapBundle/Manager/ConnectionControllerManager.php:    protected $mcrypt;
vendor/oro/platform/src/Oro/Bundle/ImapBundle/Manager/ConnectionControllerManager.php:     * @param Mcrypt $mcrypt
vendor/oro/platform/src/Oro/Bundle/ImapBundle/Manager/ConnectionControllerManager.php:        Mcrypt $mcrypt,
vendor/oro/platform/src/Oro/Bundle/ImapBundle/Manager/ConnectionControllerManager.php:        $this->mcrypt = $mcrypt;
vendor/oro/platform/src/Oro/Bundle/ImapBundle/Manager/ConnectionControllerManager.php:        $password = $this->mcrypt->decryptData($origin->getPassword());
vendor/oro/platform/src/Oro/Bundle/ImapBundle/Resources/config/services.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/platform/src/Oro/Bundle/ImapBundle/Resources/config/services.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/platform/src/Oro/Bundle/ImapBundle/Resources/config/services.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/platform/src/Oro/Bundle/ImapBundle/Resources/config/services.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/platform/src/Oro/Bundle/ImapBundle/Resources/config/services.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/platform/src/Oro/Bundle/ImapBundle/Resources/config/services.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/platform/src/Oro/Bundle/ImapBundle/Resources/config/services.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/platform/src/Oro/Bundle/SecurityBundle/Resources/config/services.yml:    oro_security.encoder.mcrypt.class:                         Oro\Bundle\SecurityBundle\Encoder\Mcrypt
vendor/oro/platform/src/Oro/Bundle/SecurityBundle/Resources/config/services.yml:    oro_security.encoder.mcrypt:
vendor/oro/platform/src/Oro/Bundle/SecurityBundle/Resources/config/services.yml:        class: %oro_security.encoder.mcrypt.class%
vendor/oro/platform/src/Oro/Bundle/SecurityBundle/Resources/config/services.yml:            - '@oro_security.encoder.mcrypt'
vendor/oro/platform/src/Oro/Bundle/SecurityBundle/Resources/config/services.yml:            - '@oro_security.encoder.mcrypt'
vendor/paragonie/random_compat/lib/random.php:     *   3. mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM)
vendor/paragonie/random_compat/lib/random.php:     * mcrypt_create_iv()
vendor/paragonie/random_compat/lib/random.php:     * - the mcrypt extensions is loaded
vendor/paragonie/random_compat/lib/random.php:     *     5.6.10 and 5.6.12, we don't want to use mcrypt. It will
vendor/paragonie/random_compat/lib/random.php:        extension_loaded('mcrypt')
vendor/paragonie/random_compat/lib/random.php:        // See random_bytes_mcrypt.php
vendor/paragonie/random_compat/lib/random.php:        require_once $RandomCompatDIR . '/random_bytes_mcrypt.php';
vendor/paragonie/random_compat/lib/random.php:     * This is a Windows-specific fallback, for when the mcrypt extension
vendor/paragonie/random_compat/lib/random_bytes_mcrypt.php:     * Powered by ext/mcrypt (and thankfully NOT libmcrypt)
vendor/paragonie/random_compat/lib/random_bytes_mcrypt.php:     * @ref https://github.com/php/php-src/blob/c568ffe5171d942161fc8dda066bce844bdef676/ext/mcrypt/mcrypt.c#L1321-L1386
vendor/paragonie/random_compat/lib/random_bytes_mcrypt.php:        $buf = @mcrypt_create_iv($bytes, MCRYPT_DEV_URANDOM);
vendor/sebastian/resource-operations/src/ResourceOperations.php:            'mcrypt_module_open',
vendor/swiftmailer/swiftmailer/CHANGES: * removed the need to have mcrypt installed
vendor/zendframework/zend-crypt/composer.json:        "ext-mcrypt": "Required for most features of Zend\\Crypt"
vendor/zendframework/zend-crypt/src/Symmetric/Mcrypt.php:        if (!extension_loaded('mcrypt')) {
vendor/zendframework/zend-crypt/src/Symmetric/Mcrypt.php:        return mcrypt_get_key_size($this->supportedAlgos[$this->algo], $this->supportedModes[$this->mode]);
vendor/zendframework/zend-crypt/src/Symmetric/Mcrypt.php:        $keySizes = mcrypt_module_get_supported_key_sizes($this->supportedAlgos[$this->algo]);
vendor/zendframework/zend-crypt/src/Symmetric/Mcrypt.php:        $result = mcrypt_encrypt(
vendor/zendframework/zend-crypt/src/Symmetric/Mcrypt.php:        $result     = mcrypt_decrypt(
vendor/zendframework/zend-crypt/src/Symmetric/Mcrypt.php:        return mcrypt_get_iv_size($this->supportedAlgos[$this->algo], $this->supportedModes[$this->mode]);
vendor/zendframework/zend-crypt/src/Symmetric/Mcrypt.php:        return mcrypt_get_block_size($this->supportedAlgos[$this->algo], $this->supportedModes[$this->mode]);
vendor/zendframework/zend-crypt/src/SymmetricPluginManager.php:        'mcrypt' => 'Zend\Crypt\Symmetric\Mcrypt',
vendor/zendframework/zend-math/src/Rand.php:        if (function_exists('mcrypt_create_iv')) {
vendor/zendframework/zend-math/src/Rand.php:            $bytes = mcrypt_create_iv($length, MCRYPT_DEV_URANDOM);
aivus commented 6 years ago

Hi @gplanchat It was already discussed in #777

Oro products don't use mcrypt features, but we still have ext-mcrypt requirement in composer.json for OroPlatform. It will be fixed soon.

gplanchat commented 6 years ago

Thanks @aivus I should have searched the closed issues.

aivus commented 6 years ago

We've created ticket to remove ext-mcrypt dependency.

Internal ticket: BAP-16251

@gplanchat I looked on your grep. All mentions of mcrypt in oro code is not an mcrypt actually.

aivus commented 6 years ago

Let's leave it open to avoid duplicates until mcrypt requirement removed from composer.json.

mbessolov commented 5 years ago

Removed in 32cc6246705dfa7c59677f3f3a01d717e9007b78