error('ERROR: You do not have a LEGACY_APP_KEY set in your .env file. Please locate your old APP_KEY and ADD a line to your .env file like: LEGACY_APP_KEY=YOUR_OLD_APP_KEY'); return false; } // Do some basic legacy app key length checks if (strlen($legacy_key) == 32) { $legacy_length_check = true; } elseif (array_key_exists('1', $key_parts) && (strlen($key_parts[1])==44)) { $legacy_length_check = true; } else { $legacy_length_check = false; } // Check that the app key is 32 characters if ($legacy_length_check === true) { $this->comment('INFO: Your LEGACY_APP_KEY looks correct. Okay to continue.'); } else { $this->error('ERROR: Your LEGACY_APP_KEY is not the correct length (32 characters or base64 followed by 44 characters for later versions). Please locate your old APP_KEY and use that as your LEGACY_APP_KEY in your .env file to continue.'); return false; } $this->error('================================!!!! WARNING !!!!================================'); $this->error('================================!!!! WARNING !!!!================================'); $this->comment("This tool will attempt to decrypt your old Snipe-IT (mcrypt, now deprecated) encrypted data and re-encrypt it using OpenSSL. \n\nYou should only continue if you have backed up any and all old APP_KEYs and have backed up your data."); if ($this->confirm("Are you SURE you wish to continue?")) { $backup_file = 'backups/env-backups/'.'app_key-'.date('Y-m-d-gis'); try { Storage::disk('local')->put($backup_file, 'APP_KEY: '.config('app.key')); Storage::disk('local')->append($backup_file, 'LEGACY_APP_KEY: '.$legacy_key); } catch (\Exception $e) { $this->info('WARNING: Could not backup app keys'); } $mcrypter = new McryptEncrypter($legacy_key); $settings = Setting::getSettings(); if ($settings->ldap_password=='') { $this->comment('INFO: No LDAP password found. Skipping... '); } $custom_fields = CustomField::where('field_encrypted','=', 1)->get(); $this->comment('INFO: Retrieving encrypted custom fields...'); $query = Asset::withTrashed(); foreach ($custom_fields as $custom_field) { $this->comment('FIELD TO RECRYPT: '.$custom_field->name .' ('.$custom_field->db_column.')'); $query->orWhereNotNull($custom_field->db_column); } // Get all assets with a value in any of the fields that were encrypted $assets = $query->get(); $bar = $this->output->createProgressBar(count($assets)); foreach ($custom_fields as $encrypted_field) { // Try to decrypt the payload using the legacy app key try { $decrypted_field = $mcrypter->decrypt($encrypted_field); $this->comment($decrypted_field); } catch (\Exception $e) { $errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage(); } $bar->advance(); } foreach ($assets as $asset) { foreach ($custom_fields as $encrypted_field) { // Make sure the value isn't null if ($asset->{$encrypted_field}!='') { // Try to decrypt the payload using the legacy app key try { $decrypted_field = $mcrypter->decrypt($asset->{$encrypted_field}); $asset->{$encrypted_field} = \Crypt::encrypt($decrypted_field); $this->comment($decrypted_field); } catch (\Exception $e) { $errors[] = ' - ERROR: Could not decrypt field ['.$encrypted_field->name.']: '.$e->getMessage(); } } } $asset->save(); $bar->advance(); } $bar->finish(); if (count($errors) > 0) { $this->comment("\n\n"); $this->error("The decrypter encountered some errors: \n"); foreach ($errors as $error) { $this->error($error); } } } } }