問題描述

我處于一種令人羨慕的境地，我必須使用現(xiàn)有的 ColdFusion 應(yīng)用程序來維護功能.作為登錄過程的一部分，Coldfusion 應(yīng)用程序會存儲一個帶有加密字符串的 cookie.

I'm in the unenviable position where I have to maintain functionality with an existing ColdFusion application. As part of it's login process the Coldfusion app stores a cookie with an encrypted string.

encrypt(strToEncrypt, theKey, "AES", "Base64")

我可以使用 MCrypt 和以下代碼在 PHP 中成功解密此字符串

I can successfully decrypt this string in PHP using MCrypt and the following code

mcrypt_decrypt(
    MCRYPT_RIJNDAEL_128,
    base64_decode($theKey),
    base64_decode($encrypted_string),
    MCRYPT_MODE_ECB, "0000000000000000")

我現(xiàn)在需要在 PHP 中執(zhí)行相同的加密，以便 ColdFusion 應(yīng)用程序可以訪問 cookie 中的數(shù)據(jù).

I now have the need to perform the same encryption within PHP so that the ColdFusion app can access the data in the cookie.

目前我擁有的是

mcrypt_encrypt( MCRYPT_RIJNDAEL_128, base64_decode($theKey), $strToEncrypt, MCRYPT_MODE_ECB, "0000000000000000");

然而，這與等效的 ColdFusion 加密算法不兼容

This, however, is incompatible with the equivalent ColdFusion encryption algorithm

decrypt(strToDecrypt, theKey, "AES", "Base64")

拋出一個給定的最終塊沒有正確填充錯誤.

非常感謝任何幫助.

詹姆斯

推薦答案

不知道這會有多大幫助，但我已經(jīng)完成了以下工作.我認為為了讓 CF 開心，你必須將你的加密填充到一定的長度

Don't know how much help this will be but I have had the following working. I think to make CF happy you have to pad your encryption to a certain length

在 CF 中加密

Encrypt(data, encKey, 'AES/CBC/PKCS5Padding', encoding, encIv)

PHP 中的解密

function Decode($data, $encKey, $encIv, $format = 'uu') {
    if ($format === 'uu') {
        $data = Convert_uudecode($data);
    } else if ($format === 'hex') {
        $data = Pack('H*', $data);
    } else if ($format === 'base64') {
        $data = Base64_Decode($data);
    } else if ($format === 'url') {
        $data = UrlDecode($data);
    }
    $data = MCrypt_decrypt(MCRYPT_RIJNDAEL_128, $encKey, $data, 'cbc', $encIv);
    $pad = Ord($data{strlen($data)-1});
    if ($pad > strlen($data)) return $data;
    if (strspn($data, chr($pad), strlen($data) - $pad) != $pad) return $data;
    return substr($data, 0, -1 * $pad); 
}

PHP 加密

function Encode($data, $encKey, $encIv, $format = 'uu') {
    $pad = 16 - (StrLen($data) % 16);
    if ($pad > 0) {
        $data .= Str_repeat(Chr($pad), $pad);
    }
    $data = MCrypt_encrypt(MCRYPT_RIJNDAEL_128, $encKey, $data, 'cbc', $encIv);
    if ($format === 'uu') {
        return Convert_uuencode($data);
    } else if ($format === 'hex') {
        return Bin2Hex($data);
    } else if ($format === 'base64') {
        return Base64_Encode($data);
    } else if ($format === 'url') {
        return UrlEncode($data);
    }
}

在 CF 中解密

Decrypt(data, encKey, 'AES/CBC/PKCS5Padding', encoding, encIv)

由于某種我不記得的原因，我傾向于使用uu"作為編碼.

For some reason that I can't remember, I favoured 'uu' for the encoding.

這篇關(guān)于在 PHP 中取消加密/重新加密 ColdFusion 加密字符串的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網(wǎng)！