Function mcrypt_create_iv() is deprecated
Closed this issue · 1 comments
The following function needs to be updated: BitcoinLib::get_random()
In PHP 7.2 mcrypt was deprecated, as a result we need to substitute mcrytp functions, with openssl.
The original code:
mcrypt_create_iv(32, \MCRYPT_DEV_URANDOM);
The requested change:
return openssl_random_pseudo_bytes(32);
As a safe guard it might be worthwhile to add an exception:
$crypto_strong = \OPENSSL_DEV_URANDOM;
$value = openssl_random_pseudo_bytes(32,$crypto_strong);
if(!$crypto_strong) throw new \Exception('"Algorithm used to generate random value is NOT cryptographically strong");
return $value;
In addition to this class, mcrypt functions are used throughout this repo, that would need replacing.
This whole library is deprecated.. The warning at the top recommends using bitwasp/bitcoin which comes from https://github.com/bit-wasp/bitcoin-php