解密CakePHP 1.2数据
[英]Decrypting CakePHP 1.2 data
问题描述
I have an application that was build on CakePHP 1.2, and stored some encrypted data. 
我有一个基于CakePHP 1.2构建的应用程序,并存储了一些加密数据。 I am rebuilding the application and need to decrypt the data in the new app to update the encryption on it. 我正在重建应用程序,需要解密新应用程序中的数据以更新其上的加密。 The ciphers and methods used to encrypt the data in CakePHP 1.2 are not available in PHP 7.1+. Cake7.1 1.2中用于加密数据的密码和方法在PHP 7.1+中不可用。 Does anyone know of a way that I can decrypt the data in a PHP 7.1+ environment so that it can be encrypted with newer technologies? 有谁知道我可以在PHP 7.1+环境中解密数据以便可以使用较新技术加密的方式吗?
Current method that encrypts/decrypts data 当前加密/解密数据的方法
function _cryptData(&$data, $direction) {
$ivSize = mcrypt_get_iv_size(MCRYPT_TRIPLEDES, MCRYPT_MODE_CBC);
switch ($direction) {
case 'encrypt':
$iv = mcrypt_create_iv($ivSize, MCRYPT_RAND);
$data = base64_encode($iv) . '|' . base64_encode(mcrypt_encrypt(MCRYPT_TRIPLEDES, Configure::read('CakeMix.cryptKey'), $data, MCRYPT_MODE_CBC, $iv));
break;
case 'decrypt':
list($iv, $encoded) = explode('|', $data);
$data = mcrypt_decrypt(MCRYPT_TRIPLEDES, Configure::read('CakeMix.cryptKey'), base64_decode($encoded), MCRYPT_MODE_CBC, base64_decode($iv));
break;
}
}
1 个解决方案
解决方案1
1 已采纳 2018-10-17 17:05:48
The shown code in your question seems to be custom, ie non-CakePHP core code, so this seem more just PHP related. 您问题中显示的代码似乎是自定义的,即非CakePHP核心代码,因此,这似乎与PHP有关。
Mcrypt is deprecated, but still available in PHP 7.1, it has only been removed as of PHP 7.2. Mcrypt已弃用,但在PHP 7.1中仍然可用,仅从PHP 7.2起才将其删除。 Mcrypt can also still be used with PHP 7.2+, you'd just have to install it manually, as it's been moved to PECL , see for example Issue in installing php7.2-mcrypt . Mcrypt仍然可以与PHP 7.2+一起使用,您只需手动安装它,因为它已被移至PECL ,例如参见安装php7.2-mcrypt中的Issue 。 You could also use a polyfill like phpseclib/mcrypt_compat . 您也可以使用phpseclib / mcrypt_compat之类的polyfill 。 So you should be able to continue using Mcrypt for decryption, and port the data to whatever encryption you like. 因此,您应该能够继续使用Mcrypt进行解密,并将数据移植到所需的任何加密方式。
Furthermore it should generally also be possible to decrypt the data using OpenSSL, though there seem to be pitfalls around null padding, see for example Decrypt mcrypt with openssl . 此外,尽管似乎在空填充方面存在陷阱,但通常也可以使用OpenSSL解密数据,例如,参见使用openssl解密mcrypt 。 Here's a basic example: 这是一个基本示例:
$data = openssl_decrypt(
base64_decode($encoded),
'des-ede3-cbc',
Configure::read('CakeMix.cryptKey'),
OPENSSL_RAW_DATA | OPENSSL_NO_PADDING,
base64_decode($iv)
);
There's quite a lot of topics on replacing Mcrypt with OpenSSL, which you may want to have a look at for further options. 关于用OpenSSL替换Mcrypt的话题很多,您可能需要看一下其他选项。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.