CODEWITHSUNDEEP
phpencryption
Peter Ford
Peter Ford

Reputation: 153

PHP 7.4 direct replacement for mcrypt decryption

I have a legacy database with content that was encrypted with mcrypt using DES (yes, I know, it was a long time ago) The encryption method is like this:

/**
 * General encryption routine for generating a reversible ciphertext
 * @param String $string the plain text to encrypt
 * @param String $key the encryption key to use
 * @return String the cypher text result
 */
function encrypt($string, $key)
{
    srand((double) microtime() * 1000000);
    /* Open module, and create IV */
    $td = mcrypt_module_open('des', '', 'cfb', '');
    $ksub = substr(md5($key), 0, mcrypt_enc_get_key_size($td));
    $iv_size = mcrypt_enc_get_iv_size($td);
    $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
    /* Initialize encryption handle */
    if (mcrypt_generic_init($td, $ksub, $iv) != -1)
    {
        /* Encrypt data */
        $ctxt = mcrypt_generic($td, $string);
        mcrypt_generic_deinit($td);
        mcrypt_module_close($td);
        $ctxt = $iv . $ctxt;
        return base64_encode($ctxt);
    } //end if
}

and the decryption method is like this:

/**
 * General decryption routine for recovering a plaintext
 * @param String $string the cypher text to decrypt
 * @param String $key the encryption key to use
 * @return String the plain text result
 */
function decrypt($string, $key)
{
    $ptxt = base64_decode($string);
    /* Open module, and create IV */
    $td = mcrypt_module_open('des', '', 'cfb', '');
    $ksub = substr(md5($key), 0, mcrypt_enc_get_key_size($td));
    $iv_size = mcrypt_enc_get_iv_size($td);
    $iv = substr($ptxt, 0, $iv_size);
    $ptxtsub = substr($ptxt, $iv_size);
    /* Initialize encryption handle */
    if (mcrypt_generic_init($td, $ksub, $iv) != -1)
    {
        /* Encrypt data */
        $ctxt = mdecrypt_generic($td, $ptxtsub);
        mcrypt_generic_deinit($td);
        mcrypt_module_close($td);
        return $ctxt;
    } //end if
}

I need to extract this data in a PHP7.4 environment, even if only to re-encrypt it with something better, but I'm not sure how to reproduce the mcrypt operations with stuff that exists in PHP7.4 like sodium. I suppose one method would be to spin up some sort of legacy PHP installation that still has mcrypt and do it offline, but is there a more direct way of coding a decryption method?

Upvotes: 2

Views: 23511

Answers (2)

CamilleFF
CamilleFF

Reputation: 90

For those who use cPanel, you can simply do it in PHP 7.3
Go to PHP Selector, choose 7.3 PHP version if not current, then select 'mcrypt' and 'sodium' extension.

Then you can use both encryptions on the same PHP file in order to decrypt your data with 'mcrypt' and encrypt with 'sodium' on a single operation.

Upvotes: 3

Josef
Josef

Reputation: 1532

While mcrypt is not part of PHP anymore (for good reasons), it still exists as module you can install for PHP 7.4

https://pecl.php.net/package/mcrypt

Install it, make sure to re-encrypt all data, once all old data is updated, change your code to not use it anymore and remove the extension.

Upvotes: 6

Related Questions