Decrypt a ColdFusion encrypted string in PHP?
July 8, 2010 11:20 AM   Subscribe

Can I decrypt a string in PHP if it was encrypted using ColdFusion's Encrypt()?

I'm a PHP developer, who knows very little about ColdFusion, porting a CF application to php. Some of the data I'm importing was encrypted using the following CF code (I've only changed some variable names):
<!--- encrypt the string --->
<CFSET Encoded = Encrypt(Form.RawInput, Application.Sym_Key)>
<CFSET Base64_Encoded = ToBase64(Encoded)>
<!--- /encrypt the string --->
I need to decrypt it so I can re-encrypt it to the standards of the new php application. Extra difficulty: this is old ColdFusionMX (aka 5) code. I thought this task would be somewhat simple, figuring CF just used some standard reversible-encryption method that would be available in php as well. But looking at the CF documentation for encrypt, I see it says "Uses an XOR-based algorithm that uses a pseudo-random 32-bit key, based on a seed passed by the user as a function parameter." That sounds kind of ominously proprietary to me.

I was hoping to import this data from the directly from webserver running php and never have to (humanly) touch this information in plain text (there's a reason it's encrypted obviously). But now I'm thinking I might need to write a simple CF script to decrypt it on the CF server and them copy the plain text data to the php server, import it into that system, and then delete unsecured data.

What are my options here? If it helps any here is the CF code currently used to decrypt the data:
<!--- Decrypt the string --->
<CFSET Binary_String = ToBinary(Previously_Encoded)>
<CFSET Encoded_String = ToString(Binary_String)>
<CFSET Decoded = Decrypt(Encoded_String, Application.Sym_Key)>
<!--- /Decrypt the string --->
posted by and hosted from Uranus to Computers & Internet (11 answers total)
Is the encryption reversible within coldfusion? Or is it meant to be one way?

There are (very easy) methods to decrypt basic XOR encryption (because it's a lousy way to encrypt), so it's probably possible to implement one of those.
posted by RustyBrooks at 11:26 AM on July 8, 2010

Whoops I see from your sample that it's decryptable.

Any chance you can send me (or post) a sample piece of text that's encrypted with this method? Make one of your own, not some piece of private data, and preferably something longer than the likely size of the key, so maybe 100 chars total or something?
posted by RustyBrooks at 11:28 AM on July 8, 2010

Response by poster: Thanks, Rusty. Here is an example: L1Q1RyQgSkciJTU3J1RcSC5CP0taCg==
posted by and hosted from Uranus at 11:34 AM on July 8, 2010

Response by poster: barake, I have access to the seed string (Application.Sym_Key), but that won't help me with the $key, will it?
posted by and hosted from Uranus at 11:45 AM on July 8, 2010

You're right.... decrypt it from coldfusion, transfer it to the php based server, and use a modern, more secure method to encrypt it there.
posted by MikeWarot at 11:58 AM on July 8, 2010 [1 favorite]

Application.Sym_Key should be the $key variable in the PHP example I linked to. From what I can tell when using the CFMX_COMPAT option (which is the default) a key isn't really generated - the data is just XOR'd with the supplied seed.

Should only take a few minutes to determine if that's the right path.
posted by barake at 12:01 PM on July 8, 2010

Hmm, 2 things, one is that I don't have my applied cryptography with me and I'm a little hazy on the details, the other is that I guess they might actually be using the key to make a non-repeating XOR key, which is actually not too bad. The method I know how to break uses a repeating key.
posted by RustyBrooks at 12:04 PM on July 8, 2010

Also I'm pretty sure that if you XOR the plain and cipher text the key pops out. You can try that and see if theyre using sym_key directly, or a generated key.
posted by RustyBrooks at 12:05 PM on July 8, 2010

Response by poster: I think I'm in over my head here.

The example in barake's link does look pretty much exactly like mine on the CF side. But I've tried this php to no avail: base64_decode('string_from_cf') ^ 'value_of_Application_Sym_Key';.

You all have given me hope that this is do-able and stuff to investigate, but MikeWarot's answer is looking prettier by the minute. Thanks.
posted by and hosted from Uranus at 12:45 PM on July 8, 2010

Best answer: CF5 uses a crappy proprietary algorithm for this. All of the CFMX_COMPAT stuff, etc, is from later versions where you could choose a real algorithm. MikeWarot's answer is definitely the way to go.
posted by me & my monkey at 1:31 PM on July 8, 2010

« Older Dirty funny-books.   |   "How can we live and die and never know the... Newer »
This thread is closed to new comments.