在PHP中对ColdFusion加密的字符串进行解密/重新加密 [英] Un-encrypting / re-encrypting a ColdFusion encrypted string in PHP

问题描述

我处在一个不可取的地位，我必须保持现有的ColdFusion应用程序的功能。作为它的登录过程的一部分，Coldfusion应用程序存储一个带有加密字符串的cookie。

I'm in the unenviable position where I have to maintain functionality with an existing ColdFusion application. As part of it's login process the Coldfusion app stores a cookie with an encrypted string.

encrypt(strToEncrypt, theKey, "AES", "Base64")

我可以使用MCrypt和下面的代码在PHP中成功解密这个字符串

I can successfully decrypt this string in PHP using MCrypt and the following code

mcrypt_decrypt(
    MCRYPT_RIJNDAEL_128,
    base64_decode($theKey),
    base64_decode($encrypted_string),
    MCRYPT_MODE_ECB, "0000000000000000")

我现在需要执行相同的加密PHP，以便ColdFusion应用程序可以访问cookie中的数据。

I now have the need to perform the same encryption within PHP so that the ColdFusion app can access the data in the cookie.

现在我是

mcrypt_encrypt( MCRYPT_RIJNDAEL_128, base64_decode($theKey), $strToEncrypt, MCRYPT_MODE_ECB, "0000000000000000");

但是，与等效的ColdFusion加密算法不兼容

This, however, is incompatible with the equivalent ColdFusion encryption algorithm

decrypt(strToDecrypt, theKey, "AES", "Base64")

抛出一个给定最后一个块没有正确填充

Throwing a Given final block not properly padded error.

。

James

推荐答案

不知道多少帮助会是但我已经有以下工作。

Don't know how much help this will be but I have had the following working. I think to make CF happy you have to pad your encryption to a certain length

在CF中加密

Encrypt(data, encKey, 'AES/CBC/PKCS5Padding', encoding, encIv)

在PHP中解密

function Decode($data, $encKey, $encIv, $format = 'uu') {
    if ($format === 'uu') {
        $data = Convert_uudecode($data);
    } else if ($format === 'hex') {
        $data = Pack('H*', $data);
    } else if ($format === 'base64') {
        $data = Base64_Decode($data);
    } else if ($format === 'url') {
        $data = UrlDecode($data);
    }
    $data = MCrypt_decrypt(MCRYPT_RIJNDAEL_128, $encKey, $data, 'cbc', $encIv);
    $pad = Ord($data{strlen($data)-1});
    if ($pad > strlen($data)) return $data;
    if (strspn($data, chr($pad), strlen($data) - $pad) != $pad) return $data;
    return substr($data, 0, -1 * $pad); 
}

在PHP中加密

function Encode($data, $encKey, $encIv, $format = 'uu') {
    $pad = 16 - (StrLen($data) % 16);
    if ($pad > 0) {
        $data .= Str_repeat(Chr($pad), $pad);
    }
    $data = MCrypt_encrypt(MCRYPT_RIJNDAEL_128, $encKey, $data, 'cbc', $encIv);
    if ($format === 'uu') {
        return Convert_uuencode($data);
    } else if ($format === 'hex') {
        return Bin2Hex($data);
    } else if ($format === 'base64') {
        return Base64_Encode($data);
    } else if ($format === 'url') {
        return UrlEncode($data);
    }
}

解密CF

Decrypt(data, encKey, 'AES/CBC/PKCS5Padding', encoding, encIv)

由于某些原因，我不记得，我喜欢'uu'的编码。

For some reason that I can't remember, I favoured 'uu' for the encoding.

这篇关于在PHP中对ColdFusion加密的字符串进行解密/重新加密的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！