We are currently using web based LDAP for authentication and part of the process is to decrypt a cookie. In the past we have used the ColdFusion code below.
<cffile action="read" file="e:\keys\key.cfm" variable="thekey">
<cfset clearcookie = decrypt(evaluate("cookie.#[registered app name]#"), thekey,'AES/CBC/PKCS5Padding', 'base64')>
We now need to do the same in PHP but for some reason my code does not seem to be working. My cookie is currently saved under $ck and the key under $key and I do not have an IV which I hope is not needed.
Per a post by lord_t and Sage Pay Support, I am doing the following:
$ck = substr($ck,1);
$ck = base64_decode($ck);
$text= (mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $ck, MCRYPT_MODE_CBC,$key));
echo $text;
When I run it my output is garbage which leads me to believe the algorithm is not right. What could be the issue? Do I need and IV?
Again, I want to replicate what we have done in ColdFusion in the past.