Un-encrypting / re-encrypting a ColdFusion encrypted string in PHP

Question

I\'m in the unenviable position where I have to maintain functionality with an existing ColdFusion application. As part of it\'s login process the Coldfusion app stores a

Answer 1

Don't know how much help this will be but I have had the following working. I think to make CF happy you have to pad your encryption to a certain length

Encrypt in CF

Encrypt(data, encKey, 'AES/CBC/PKCS5Padding', encoding, encIv)

Decrypt in PHP

function Decode($data, $encKey, $encIv, $format = 'uu') {
    if ($format === 'uu') {
        $data = Convert_uudecode($data);
    } else if ($format === 'hex') {
        $data = Pack('H*', $data);
    } else if ($format === 'base64') {
        $data = Base64_Decode($data);
    } else if ($format === 'url') {
        $data = UrlDecode($data);
    }
    $data = MCrypt_decrypt(MCRYPT_RIJNDAEL_128, $encKey, $data, 'cbc', $encIv);
    $pad = Ord($data{strlen($data)-1});
    if ($pad > strlen($data)) return $data;
    if (strspn($data, chr($pad), strlen($data) - $pad) != $pad) return $data;
    return substr($data, 0, -1 * $pad); 
}

Encrypt in PHP

function Encode($data, $encKey, $encIv, $format = 'uu') {
    $pad = 16 - (StrLen($data) % 16);
    if ($pad > 0) {
        $data .= Str_repeat(Chr($pad), $pad);
    }
    $data = MCrypt_encrypt(MCRYPT_RIJNDAEL_128, $encKey, $data, 'cbc', $encIv);
    if ($format === 'uu') {
        return Convert_uuencode($data);
    } else if ($format === 'hex') {
        return Bin2Hex($data);
    } else if ($format === 'base64') {
        return Base64_Encode($data);
    } else if ($format === 'url') {
        return UrlEncode($data);
    }
}

Decrypt in CF

Decrypt(data, encKey, 'AES/CBC/PKCS5Padding', encoding, encIv)

For some reason that I can't remember, I favoured 'uu' for the encoding.