Login

skunkbad · 06-18-2017, 08:17 AM

I'd like to be able to use the CI3 Encryption class to decrypt values that were "encoded" with the CI2 (deprecated) Encrypt class. So I set up a test controller and have been playing around, but no success. Method:

PHP Code:
/**
 * Attempt to encode via Encrypt class
 * and decrypt via Encryption class.
 */
public function encryption_test()
{
    $this->load->library('encrypt');
    $this->load->library('encryption');

    // Old encryption_key from CI2
    $key = 'o23tngn2o2o3ngngnno22gon2oFdEzX2';

    // Encrypt with CI2's Encrypt library (blowfish/cbc)
    $this->encrypt->set_cipher(MCRYPT_BLOWFISH);
    $this->encrypt->set_mode(MCRYPT_MODE_CBC);
    $this->encrypt->set_key($key);

    /**
     * CI3 Encryption class will need to use mycrypt, I think.
     * I'm just guessing that it does because the encoding
     * will be done through mcrypt. It would be great if I
     * was wrong.
     */
    $this->encryption->initialize(['driver' => 'mcrypt']);

    $string = 'ABC123';
    $encrypted_string = $this->encrypt->encode($string);

    //echo $encrypted_string . '<br />';

    // Decrypt using CI3's Encryption library
    $decrypted_string = $this->encryption->decrypt( 
        $encrypted_string, 
        [
            'cipher'   => 'blowfish',
            'mode'     => 'cbc',
            'key'      => $key,
            'hmac'     => FALSE,
            'raw_data' => FALSE
        ]);

    if( $string === $decrypted_string ){
        echo 'Encrypt encode/Encrpytion decrypt success';
    }else{
        echo 'Encrypt encode/Encrpytion decrypt failure';
    }
}

// ----------------------------------------------------------------------- 

I need help though, because no matter what I try for the custom parameters, I can never get it right.

I even tried to extend the Encryption class:

PHP Code:
public function legacy_decrypt( $base64_encoded, $key )
{

    $pre_noise_removal =  base64_decode( $base64_encoded );

    $dec = $this->_remove_cipher_noise( $pre_noise_removal, $key );

    $init_size = 8;

    $iv = substr($dec, 0, $init_size);
    $data = substr($dec, $init_size);

    /*$CI =& get_instance();
    $CI->console->log($base64_encoded);
    $CI->console->log($pre_noise_removal);
    $CI->console->log($dec);
    $CI->console->log($iv);
    $CI->console->log($data);*/

    $str = openssl_decrypt($data, 'BF-CBC', $key, 0, $iv);

    return rtrim($str, "\0");
}

function _remove_cipher_noise($data, $key)
{
    $keyhash = sha1($key);
    $keylen = strlen($keyhash);
    $str = '';

    for ($i = 0, $j = 0, $len = strlen($data); $i < $len; ++$i, ++$j)
    {
        if ($j >= $keylen)
        {
            $j = 0;
        }

        $temp = ord($data[$i]) - ord($keyhash[$j]);

        if ($temp < 0)
        {
            $temp = $temp + 256;
        }

        $str .= chr($temp);
    }

    return $str;
} 

If I try to use the legacy_decrypt method, my debugging shows that the string is exactly what it should be compared to what it was before encoding with the Encrypt class. The data is the same, the key, the IV, and everything I can see is the same.

The problem for me is that we have a lot of stored records that have been "encoded" using the Encrypt class, and it may be impossible (due to physical access issues) for me to get those records and work on them, yet there may be a time when we need to "decode" them and mcrypt is no longer on the server.

If anyone can help I'd appreciate it.

Expert Website Development - Temecula, CA
Community Auth For CodeIgniter 3