Menu

Michael Gracie

Plugging mcrypt into PHP on macOS High Sierra 10.13: A Requiem

Since Apple’s desktop operating system was called OS X Leopard, I’ve been concocting little ditties on how to plug mcrypt functionality into PHP without complete recompilation and/or using a black box MAMP offering. The previous stop on that [eight year?] journey was with macOS Sierra. And it was/is the end of the line.

Queue list of excuses …

  • I don’t use PHPMyAdmin or Magento eCommerce (both major targets as PHP + mcrypt needs go)
  • I’ve been leaning on Linux VMs for relevant development work (trashing environments and starting over less often than ever)
  • I’ve taken a liking to Python, as it covers everything from number tumbling and data crunching to stupid little utilities for replacing website photos (dropping Anaconda in is a breeze)
  • And not really last but certainly not least, Apple’s latest release, High Sierra 10.13, came complete with a security-related flaw so ludicrous that I probably won’t upgrade until at least iteration two or three. It’s a trust thing.

For those who have already gained elevation in the States’ westernmost major range, all is not lost. If you run through the last set of instructions and replace any code that says “10.12” with “10.13” – along with identifying the proper XCode and PHP versions at the start – you should be ok.

Meanwhile, thanks for the good times.

MG signing off (because that’s all folks)

UPDATE 11/28/17: Like I said, lack of trust.

Plugging mcrypt into PHP on macOS Sierra 10.12

We climbed up then down El Capitan, yet little changed. We’re still in the Sierras, and there’s still work to do.

The following instructions are for peeps a) developing on macOS Sierra 10.12, b) need mcrypt for their PHP development i.e. PHPMyAdmin and/or encrypting personally identifiable data before storage (unlike your health insurer, Yahoo! and/or pretty much every other knucklehead out there), and c) do not want to recompile PHP or run MAMP. Mcrypt will load dynamically with PHP after completing this tutorial.

We begin by acquiring the following stuffs …

1) libmcrypt-2.5.8, which you can find here; download by clicking the one of the two file links (author used “libmcrypt-2.5.8.tar.gz”);

2) PHP 5.6.24 source code, which is available here; [NOTE: you may someday update OS X beyond 10.12, and PHP may get updated along with it; the author used 10.12, and PHP 5.6.24 was included with that OS version. If necessary use php -v to check your version of PHP and then download the PHP source for that version.];

3) Xcode 8.0, which you can get from the App Store. You will also need the Command Line Tools (macOS 10.12) for Xcode, which you get by selecting “Xcode/Open Developer Tool/More Developer Tools…” from the Xcode menu, then logging into your Apple Developer account (yea you need one of those too); and

4) Homebrew (http://brew.sh) which can be installed by typing ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/ install/master/install)" at the command line.

But before we really wind up, let’s turn off System Integrity Protection (SIP):

  1. Click the Apple menu (upper left hand corner of your screen)
  2. Select Restart, then hold down the Command-R keys to boot into Recovery Mode
  3. Select the Utilities menu and then Terminal
  4. In Terminal, type csrutil disable and then hit return; then close Terminal
  5. Click the Apple menu and select Restart

NOTE: When you are done installing mcrypt, you can restart SIP by following the above steps while substituting csrutil enable in step 4.

Proceed.

(more…)

Plugging mcrypt into PHP, on Mac OS X El Capitan 10.11

We made our way into the park. Now we do some climbing.

The following instructions are for those a) developing on OS X El Capitan 10.11.X, b) need mcrypt for their PHP development (think PHPMyAdmin, Magento eCommerce or just twisting _RIJNDAEL_256 for shits and giggles), and c) are unwilling to recompile PHP from scratch or run an alternative development package set such as MAMP. Mcrypt will load dynamically with PHP by venturing forth.

Before beginning acquire the following stuff …

1) libmcrypt-2.5.8, which you can find here; download by clicking the one of the two file links (author used “libmcrypt-2.5.8.tar.gz”);

2) PHP 5.5.27 source code, which is available here; [NOTE: you may someday update OS X beyond 10.11, and PHP may get updated along with it; the author used 10.11, and PHP 5.5.27 was included with that OS version. If necessary use php -v to check your version of PHP and then download the PHP source for that version.];

3) Xcode 7.0.1, which you can get from the App Store. You will also need the Command Line Tools (OS X 10.11) for XCode, which you get by selecting “Xcode/Open Developer Tool/More Developer Tools…” from the Xcode menu, then logging into your Apple Developer account (and if you don’t have one of those, get one); and

4) Homebrew (http://brew.sh) which can be installed by typing ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/ install/master/install)" at the command line.

Now we get down to business …

(more…)

Plugging mcrypt into PHP, on Mac OS X Yosemite 10.10

Mavericks rode in on Mountain Lions, but the park ranger at Yosemite wouldn’t let them in. “We need mcrypt” they said, “And we don’t want to recompile PHP!” The ranger handed them a map, and it led them here.

The following instructions are for those a) developing on OS X Yosemite 10.10.X, b) need the capabilities provided by mcrypt during their PHP development (like using PHPMyAdmin or Magento eCommerce), and c) do not want to recompile PHP from scratch or run MAMP. Mcrypt will get loaded dynamically with PHP by following these instructions.

Before you begin, grab the following bits …

1) libmcrypt-2.5.8, which you can find here; download libmcrypt (not mcrypt!), by clicking the link labeled “libmcrypt-2.5.8.tar.gz” on the SourceForge page;

2) PHP 5.5.14 source code, which is available here; NOTE – you may update OS X at some point and PHP may get updated along with it – for the author OS X 10.10 was being run, and PHP 5.5.14 is what’s included with that particular OS version; if necessary use phpinfo() to check your version of PHP and then download the PHP source for that version;

3) Xcode 6.1, which you can get from the App Store. You will also need the Command Line Tools (OS X 10.10) for XCode, which you get by selecting “Xcode/Open Developer Tool/More Developer Tools..” from the Xcode menu, then logging into your Apple Developer account (yes, you need one of those too);

and

4) Homebrew (http://mxcl.github.com/homebrew/) which can be installed by typing ruby -e "$(curl -fsSL https://raw.githubusercontent
.com/Homebrew/install/master/install)" at the command line.

Now for the down and dirty…

(more…)

Plugging mcrypt into PHP, on Mac OS X Mavericks 10.9

The big cats are gone; the Mavericks are now in charge. But that doesn’t mean the need for mcrypt with your PHP applications requires marching perpetually to the beat of a different drum.

The following instructions are for those a) developing on OS X Mavericks 10.9.X, b) need the capabilities provided by mcrypt during their PHP development (Magento eCommerce comes to mind), and c) do not want to recompile PHP from scratch or run MAMP. Mcrypt will get loaded dynamically with PHP by following these instructions.

(more…)

Plugging mcrypt into PHP, on Mac OS X Lion 10.7

Perfected for the winter cat, now on to the king of the jungle. Once again, thanks goes out to a previous commenter, this time it’s rachanta, for the first test. Now let’s get moving…

The following instructions cater to those who a) are developing on OS X Lion 10.7.X, b) need the capabilities provided by mcrypt during their PHP development, and c) do not want to completely recompile PHP to get there. You’ll get mcrypt loading dynamically for use in PHP with this method.

(more…)

Plugging mcrypt into PHP, on Mac OS X Snow Leopard 10.6.1

First mcrypt on Leopard, and now we ready for the winter cat. Additionally, special thanks goes out in advance to commenter Yvan Barthelemy (a.k.a. ybart) for cluing me in here. The procedure is almost exactly like the previous…almost. So pay attention.

The following instructions cater to those who a) are developing on OS X Snow Leopard 10.6.1, b) need the capabilities provided by mcrypt during their PHP development, and c) do not want to completely recompile PHP to get there. You’ll get mcrypt loading dynamically for use in PHP with this method.

(more…)

Winding up the month of July

The next couple of weeks are going to be fun…

  • Alex Landeen hits Colorado today. We’re going to be fishing like madmen, and probably drinking with similar fury. Scouts were sent out to check conditions, and the report back was good-to-go. Some of the Primal Fly gang are going to be in on the mayhem.
  • Going to hack together an internal RSS parser, as subcontractor to a real engineer. It’ll be a novel use of RSS, and I can’t believe that knowing a little PHP actually led to doing some coding on the side for real compensation. I find coding fun, but don’t think I’d want to do it full time – the entire internet would crash and burn if I did.
  • I’m hitting the carp water the first of next week with someone who needs convincing that they should compete in the Carp Slam. I consider it a done deal already.
  • Over the next few weeks I’ll be reviewing the buy-sell agreement for small business client. They’re concerned that either the agreement is weak or that the amount of insurance they have doesn’t fit the bill for the business size. Valuation may be in order, and since the entity itself is light on hard assets, I’ll probably be playing the discounted cash flow game.
  • By month’s end I hope to have the operating plan done for a direct sales plus lead generation concept. It’s in the green energy space, and the crew we’re assembling is A #1 top notch. Creating a sales and marketing organization from the ground up – entity, people, technology – means my hands get very dirty. I like that a lot.
  • And it may leak into August, but I’ll be tearing to pieces reviewing two pieces of fly fishing gear, an overlooked pair of rubber soled wading boots and a waist pack by someone with big name recognition. This means I’ll have to do some fishing, and while it is beginning to feel like work that in and of itself may be the best excuse ever.
  • Adieu.

    Plugging GD into PHP, on Leopard 10.5.7

    Every Mac web developer will at some time in their lives have to deal with images. Unfortunately, the PHP installation on the Leopard OS (5.2.8 as of OS X 10.5.7) doesn’t have GD compiled in by default. If you’ve tried testing web components like CAPTCHA on your Mac, and can’t render the images, that’s the reason.

    First and foremost, I try to make things easy around here. Before you begin the somewhat arduous task of compiling GD (and the pre-reqs) for your Leopard-powered Mac, there is a simpler solution: the Entropy PHP Apache module from Mark Liyanage. I used Mark’s work extensively when on Tiger, and both his compilations and instructions are what I consider the gold standard in simplicity and efficiency. Unless you have XCode tools handy and are really comfortable with the terminal window, I highly recommend going that route instead. When I compiled mcrypt for dynamic loading the Entropy package wasn’t available yet, but it is now and includes mcrypt too.

    For those who don’t want an additional PHP install floating around on their machine and/or like everything updated when Apple says so, here’s how you get GD running with PHP on Leopard 10.5.7…

    (more…)

    I like my cookies with encryption on top

    Quick and dirty mcrypt usage

    I don’t know where I discovered the original idea, but in messing around with a PHP app I found the need to encrypt session cookies. Here’s how it was done, with the mcrypt library:

    //encrypt session cookie
    function encryptUserCookie($value)
    {
    if(!$value) {
    return false;
    }
    $key = SESSION_SALT;
    $text = $value;
    $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
    $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
    $crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $key, $text, MCRYPT_MODE_ECB, $iv);
    return trim(base64_encode($crypttext)); //encode for cookie
    }

    Decoding the cookie was much the same…

    //decrypt session cookie
    function decryptUserCookie($value)
    {
    if(!$value) {
    return false;
    }
    $key = SESSION_SALT;
    $crypttext = base64_decode($value); //decode cookie
    $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
    $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
    $decrypttext = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $crypttext, MCRYPT_MODE_ECB, $iv);
    return trim($decrypttext);
    }

    SESSION_SALT was of course something I called from a variables file.

    These snippets were used in an online directory system, where I didn’t want attendees inspecting the cookies for the purpose of setting up multiple listings under the same login.

    Simple stuff, but hope it is useful to someone.