Encode with Encrypt class, Decrypt with Encryption class |
I'd like to be able to use the CI3 Encryption class to decrypt values that were "encoded" with the CI2 (deprecated) Encrypt class. So I set up a test controller and have been playing around, but no success. Method:
PHP Code: /** I need help though, because no matter what I try for the custom parameters, I can never get it right. I even tried to extend the Encryption class: PHP Code: public function legacy_decrypt( $base64_encoded, $key ) If I try to use the legacy_decrypt method, my debugging shows that the string is exactly what it should be compared to what it was before encoding with the Encrypt class. The data is the same, the key, the IV, and everything I can see is the same. The problem for me is that we have a lot of stored records that have been "encoded" using the Encrypt class, and it may be impossible (due to physical access issues) for me to get those records and work on them, yet there may be a time when we need to "decode" them and mcrypt is no longer on the server. If anyone can help I'd appreciate it.
Can't happen, but that's why the old Encrypt library wasn't immediately dropped - old data needs to be decrypted.
To make your life easier in the future, just re-encrypt all of your data (decrypt via CI_Encrypt; encrypt via CI_Encryption) right now. And use AES this time, it's the default for a reason. (06-18-2017, 10:12 PM)Narf Wrote: Can't happen, but that's why the old Encrypt library wasn't immediately dropped - old data needs to be decrypted. I see your comments all over Stack Overflow, and see you are definitely an expert in this field. While your advice is what I will end up doing, I did see that by setting the options on openssl_decrypt to: OPENSSL_RAW_DATA | OPENSSL_NO_PADDING It does decrypt properly. Which is awesome! I got the solution here: https://3v4l.org/kYAXn This would only be for emergency purposes in the future. Like if my boss comes to me and says they have some decrypting to do on stored data that is currently inaccessible to me. I realize this is only for blowfish, but here are the revised methods extending Encryption class for legacy decrypt: PHP Code: public function legacy_decrypt( $base64_encoded, $key )
Yes, you can do it using raw primitives ... that's not the same thing as using CI_Encryption to do it.
Would you consider a legacy_decrypt method in the Encryption class?
(06-19-2017, 08:45 AM)Narf Wrote: No ... why would I want to duplicate what CI_Encrypt already does? If mcrypt is no longer available for whatever reason. I see it is or will be in PECL, but thinking that some won't have the ability to install it. It could be problematic, with lots of forum posts and people freaking out. I figured it out, so I guess anybody can ...
You figured out how to use Blowfish via OpenSSL, but for a lot of the ciphers supported by mcrypt, there's no OpenSSL support.
|
Welcome Guest, Not a member yet? Register Sign In |