Friday, February 20, 2009

mcrypt tool - part 1 - the installation

I was searching on the Internet for an encryption/decryption tool that will work with PHP and ran into mcrypt tool (http://mcrypt.sourceforge.net/). Being that this tool can be run from command line interface (CLI), I can call it from PHP, Java, PERL, shell or any languages that will allow me to do a system call. And because of that I'm really excited and started doing more reading on mcrypt. But reading alone is no fun. I have to try this tool out myself and see how good it really is. I downloaded the source code and build the executable on my development workstation, which has Linux OE (OpenSuSE). Below is the configuration/installation note I wrote down while doing mcrypt installation.

Installation Note:
1. Download mcrypt and libmcrypt from http://sourceforge.net/projects/mcrypt. The mcrypt requires libmcrypt, so get both source.

2. Build the libmcrypt (which comes in a source code format) using the standard build tool: configure, make, make test, make install, make clean. I didn't get any error during this build. Next step is to check the path link to libmcrypt. A simple whereis shows me that libmcrypt is in /usr/local/lib directory.

3. Next build the mcrypt tool (which also comes in a source code format). This part is a bit tricky, since you need to tell configure in mcrypt where to look for libmcrypt. Below is the entire processes I went through to install mcrypt. Which took me from midnight to about 1AM in the morning.

Installing mcrypt function for later encryption decryption project.

Run the following command in mcrypt directory.

./configure --with-libmcrypt-prefix=/usr/local

First attempt, fail.

The 1st issue was linking the LD_LIBRARY_PATH to libmcrypt (which was installed right before mcrypt), so that the configure in mcrypt can find it. To fixed the problem, simply add /usr/local/lib to /etc/ld.so.conf file, since the default lib directory for libmcrypt is /usr/local/lib.

The second attempt at installing the mcrypt resulted in ...

Again... failure. Another error appears: "You need at least libmhash 0.8.15 to compile this program. http://mhash.sf.net/"
So I went to http://mhash.sourceforge.net/ and download the source code and compile them on my Linux box using the standard procedure configure, make, make check, make install, and make clean. Then I do a whereis for libmhash to ensure it's successfully installed, which shows it's successfully installed at /usr/local/lib. One great feature about the libmhash is the large cryptography algorithm supported, which shows during the make check portion (see snippet):

testing CRC32 .
testing CRC32B .
testing MD5 .......
testing SHA1 ...
testing HAVAL256 ..
testing HAVAL224 .
testing HAVAL192 .
testing HAVAL160 .
testing HAVAL128 .
testing RIPEMD128 .........
testing RIPEMD160 .........
testing RIPEMD256 .........
testing RIPEMD320 .........
testing TIGER ........
testing TIGER160 .....
testing TIGER128 ...
testing GOST ..
testing MD4 .......
testing SHA256 ....
testing SHA224 ...
testing SHA512 ...
testing SHA384 ...
testing WHIRLPOOL .........
testing SNEFRU128 ......
testing SNEFRU256 ...
testing MD2 .......

PASS: hash_test.sh
MD5 HMAC-Test: Ok
PASS: hmac_test
KEYGEN-Test: Succeed
PASS: keygen_test

Testing save/restore for algorithm CRC32: Ok
Testing save/restore for algorithm MD5: Ok
Testing save/restore for algorithm SHA1: Ok
Testing save/restore for algorithm HAVAL256: Ok
Testing save/restore for algorithm RIPEMD160: Ok
Testing save/restore for algorithm TIGER: Ok
Testing save/restore for algorithm GOST: Ok
Testing save/restore for algorithm CRC32B: Ok
Testing save/restore for algorithm HAVAL224: Ok
Testing save/restore for algorithm HAVAL192: Ok
Testing save/restore for algorithm HAVAL160: Ok
Testing save/restore for algorithm HAVAL128: Ok
Testing save/restore for algorithm TIGER128: Ok
Testing save/restore for algorithm TIGER160: Ok
Testing save/restore for algorithm MD4: Ok
Testing save/restore for algorithm SHA256: Ok
Testing save/restore for algorithm ADLER32: Ok
Testing save/restore for algorithm SHA224: Ok
Testing save/restore for algorithm SHA512: Ok
Testing save/restore for algorithm SHA384: Ok
Testing save/restore for algorithm WHIRLPOOL: Ok
Testing save/restore for algorithm RIPEMD128: Ok
Testing save/restore for algorithm RIPEMD256: Ok
Testing save/restore for algorithm RIPEMD320: Ok
Testing save/restore for algorithm SNEFRU128: Ok
Testing save/restore for algorithm SNEFRU256: Ok
Testing save/restore for algorithm MD2: Ok
PASS: rest_test

Checking fragmentation capabilities of MD5: OK
Checking fragmentation capabilities of SHA1: OK
Checking fragmentation capabilities of HAVAL256: OK
Checking fragmentation capabilities of RIPEMD160: OK
Checking fragmentation capabilities of TIGER: OK
Checking fragmentation capabilities of HAVAL224: OK
Checking fragmentation capabilities of HAVAL192: OK
Checking fragmentation capabilities of HAVAL160: OK
Checking fragmentation capabilities of HAVAL128: OK
Checking fragmentation capabilities of TIGER128: OK
Checking fragmentation capabilities of TIGER160: OK
Checking fragmentation capabilities of MD4: OK
Checking fragmentation capabilities of SHA256: OK
Checking fragmentation capabilities of SHA224: OK
Checking fragmentation capabilities of SHA512: OK
Checking fragmentation capabilities of SHA384: OK
Checking fragmentation capabilities of WHIRLPOOL: OK
Checking fragmentation capabilities of RIPEMD128: OK
Checking fragmentation capabilities of RIPEMD256: OK
Checking fragmentation capabilities of RIPEMD320: OK
Checking fragmentation capabilities of SNEFRU128: OK
Checking fragmentation capabilities of SNEFRU256: OK
Checking fragmentation capabilities of MD2: OK

The third attempt at installing mcrypt resulted in ... SUCCESS!!!
This time everything works well. Continue with executing the following command in order: make, make check, make install, and finally make clean.

Output snippet of the make install

Making install in doc
make[1]: Entering directory `/home/jay/Download/PHP_Crypto/mcrypt-2.6.8/doc'
make[2]: Entering directory `/home/jay/Download/PHP_Crypto/mcrypt-2.6.8/doc'
make[2]: Nothing to be done for `install-exec-am'.
test -z "/usr/local/share/man/man1" || /bin/mkdir -p "/usr/local/share/man/man1"
/usr/bin/install -c -m 644 './mcrypt.1' '/usr/local/share/man/man1/mcrypt.1'
make[2]: Leaving directory `/home/jay/Download/PHP_Crypto/mcrypt-2.6.8/doc'
make[1]: Leaving directory `/home/jay/Download/PHP_Crypto/mcrypt-2.6.8/doc'
Making install in src
make[1]: Entering directory `/home/jay/Download/PHP_Crypto/mcrypt-2.6.8/src'
make[2]: Entering directory `/home/jay/Download/PHP_Crypto/mcrypt-2.6.8/src'
test -z "/usr/local/bin" || /bin/mkdir -p "/usr/local/bin"
/bin/sh ../libtool --mode=install /usr/bin/install -c 'mcrypt' '/usr/local/bin/mcrypt'
libtool: install: /usr/bin/install -c mcrypt /usr/local/bin/mcrypt
make[2]: Nothing to be done for `install-data-am'.
make[2]: Leaving directory `/home/jay/Download/PHP_Crypto/mcrypt-2.6.8/src'
make[1]: Leaving directory `/home/jay/Download/PHP_Crypto/mcrypt-2.6.8/src'
Making install in po
make[1]: Entering directory `/home/jay/Download/PHP_Crypto/mcrypt-2.6.8/po'
/bin/mkdir -p /usr/local/share
installing el.gmo as /usr/local/share/locale/el/LC_MESSAGES/mcrypt.mo
installing cs.gmo as /usr/local/share/locale/cs/LC_MESSAGES/mcrypt.mo
installing pl.gmo as /usr/local/share/locale/pl/LC_MESSAGES/mcrypt.mo
installing de.gmo as /usr/local/share/locale/de/LC_MESSAGES/mcrypt.mo
installing es_AR.gmo as /usr/local/share/locale/es_AR/LC_MESSAGES/mcrypt.mo
if test "mcrypt" = "gettext-tools"; then \
/bin/mkdir -p /usr/local/share/gettext/po; \
for file in Makefile.in.in remove-potcdate.sin quot.sed boldquot.sed en@quot.header en@boldquot.header insert-header.sin Rules-quot Makevars.template; do \
/usr/bin/install -c -m 644 ./$file \
/usr/local/share/gettext/po/$file; \
done; \
for file in Makevars; do \
rm -f /usr/local/share/gettext/po/$file; \
done; \
else \
: ; \
fi
make[1]: Leaving directory `/home/jay/Download/PHP_Crypto/mcrypt-2.6.8/po'
make[1]: Entering directory `/home/jay/Download/PHP_Crypto/mcrypt-2.6.8'
make[2]: Entering directory `/home/jay/Download/PHP_Crypto/mcrypt-2.6.8'
make install-exec-hook
make[3]: Entering directory `/home/jay/Download/PHP_Crypto/mcrypt-2.6.8'
/bin/rm -f /usr/local/bin/mdecrypt
ln -s mcrypt /usr/local/bin/mdecrypt
make[3]: Leaving directory `/home/jay/Download/PHP_Crypto/mcrypt-2.6.8'
make[2]: Nothing to be done for `install-data-am'.
make[2]: Leaving directory `/home/jay/Download/PHP_Crypto/mcrypt-2.6.8'
make[1]: Leaving directory `/home/jay/Download/PHP_Crypto/mcrypt-2.6.8'

Now to make they all come together and work with PHP, locate the PHP.ini file. One way to do this is using the following command

% php -r "phpinfo();" | grep Configuration

Output:
Configuration File (php.ini) Path => /etc/php5/cli
Loaded Configuration File => /etc/php5/cli/php.ini
Configuration

Add the path to libmcrypt to PHP.ini.

Done!

No comments:

Post a Comment