1

I am in a situation where I have to decrypt a string coming from a cookie which is already encrypted using mcrypt_encrypt method on an old system using php 5.6 (which I cannot change for now) while I am using php 7.3 which does not support this, is there any alternate or workaround to solve this

old system uses this method to encrypt which for some reason I cannot change mcrypt_encrypt(MCRYPT_DES, $this->salt, serialize($arrayData), 'ecb');

I have tried openssl_decrypt but it returns false with following openssl_decrypt($encryptedString, 'DES-ECB', $this->salt) OR openssl_decrypt($encryptedString, 'des-ecb', $this->salt)

smkhan
  • 133
  • 7
  • 1
    PHP 7.3 does support mcrypt but as [a separate pecl package](https://pecl.php.net/package/mcrypt) for use if you have a legacy need such as yours. Ideally you'd only use this to deprecate and remove legacy encryption support and not as a way to keep using mcrypt forever – apokryfos Jul 24 '19 at 13:15
  • This is already answered here: https://stackoverflow.com/questions/41272257/mcrypt-is-deprecated-what-is-the-alternative/41272680 – AndyNope Jul 24 '19 at 13:15
  • Possible duplicate of [mcrypt is deprecated, what is the alternative?](https://stackoverflow.com/questions/41272257/mcrypt-is-deprecated-what-is-the-alternative) – Dave Jul 24 '19 at 13:58
  • thanks @apokryfos I will try that out and yes you right I will be using it to deprecate this. – smkhan Jul 24 '19 at 19:07
  • the other answers does not cater this specific need as those recommend alternate methods for both encryption and decryption while my specific need is to convert already encrypted keys with above mentioned code – smkhan Jul 24 '19 at 19:11
  • @apokryfos I have installed the pecl package and it is enabled too but when I use the function mcrypt_decrypt it throws following exception `Function mcrypt_decrypt() is deprecated` I am using it in laravel 5.8 – smkhan Jul 26 '19 at 10:37
  • 1
    You can do `$errorReporting = error_reporting(); error_reporting($errorReporting & ~E_DEPRECATED);` to stop treating deprecation warnings are reportable errors and then restore the old setting using `error_reporting($errorReporting);` when you're done using mcrypt functions. – apokryfos Jul 26 '19 at 12:41
  • thanks, it worked when muted warning, I have used @ symbol with method name to mute the warning – smkhan Jul 29 '19 at 10:42

0 Answers0