Magento2: Magento 2.1 php7.1 will not be supported due to mcrypt deprecation

php 7.1 is in beta stage now .In future release of magento 2.1.0 it needs to be taken care anyway

You can hide the deprecated warnings! The main problem is padding differences between mcrypt and openssl - so the question is - will a quickie switch to openssl_encrypt cause inability to decrypt the mcrypted data! This would not be serious if you weren't going online and will have 20K Customers who will have to re-key their passwords once PHP drops mcrypt completely and we need to choose between security (PHP) or not.

I would recommend trying openssl_encrypt instead of mcrypt_encrypt and see if we're going to run into problems in 6 months from now. When hopefully we have many stores with many users online with magento 2.x!

Duplicate: https://github.com/magento/magento2/issues/5701

Thanks for the information @acidreian666 . We have removal of mcrypt and other encryption changes in our backlog under MAGETWO-39838 and it's related to #5701 as well but not duplicate.

@piotrekkaminski in which release can we expect this switch? We are currently running into performance issues in which \Magento\Framework\Encryption\Crypt.php:__construct is the bottleneck. It's adding several seconds to the response time.

Any progress on this? PHP 7.1.0 is no longer a pre-release and is really preferrable to 7.0...

PHP 7.1 tag 🎉 https://github.com/php/php-src/commit/85b9055a86c946a99e2fc0923c3c7ae509691d80

I am on PHP 7.1 and
www-data@22a4f759a4d3:/data$ php --version
PHP 7.1.0RC6 (cli) ( NTS )
Copyright (c) 1997-2016 The PHP Group
Zend Engine v3.1.0-dev, Copyright (c) 1998-2016 Zend Technologies
with Zend OPcache v7.1.0RC6, Copyright (c) 1999-2016, by Zend Technologies

www-data@22a4f759a4d3:/data$ ./bin/magento --version
Magento CLI version 2.1.2
the setup:upgrade works fine.

I run 7.1 in production no problem. If you want to get around the error so you can run the install.
add this line

error_reporting(E_ALL ^ E_DEPRECATED);
to the top of
sudo vim lib/internal/Magento/Framework/Encryption/Crypt.php

@joshspivey,

I run 7.1 in production no problem

Only if you don't need to void invoice/credit memo :)

PHP 7.1 has had already 4 stable releases. When can we expect PHP 7.1.x to be supported? Thanks

Just go app/etc/env.php and delete below code from there .
This is working for me . in PHP 7.1
'crypt' =>
array (
'key' => 'bbf59cf9183348767c1b23d8fede4383',
),

That sounds like a bad idea! what happens with no crypt key?

Any ETA on PHP 7.1 with Magento 2?

mcrypt_* calls are suppressed the right way in develop already: https://github.com/magento/magento2/blob/develop/lib/internal/Magento/Framework/Encryption/Crypt.php#L59
(unlike the https://github.com/magento/magento2/issues/5880#issuecomment-268316245 approach).

@rsecor, it seems to be there ;)

@orlangur, Thanks for the heads up...
It looks like it was changed about a week ago.
I will start taking another look to see how things go.

Any ETA on PHP 7.1 with Magento 2?

PHP 7.1 would be supported in Magento since Magento 2.2
And there wouldn't be support of PHP 7.1 in Magento 2.0 or 2.1

Hello!

Any idea how can i bypass the mcrypt prereq on 2.2 installation?

@gustavovo, GitHub is intended for bug reports, please use Magento Stack Exchange for questions. Once you posted a question just add a link here.