MCrypt | RSA encryption/decryption solution | Encryption library

Just replace your "SCP" image on RSYNC one

FROM only accepts one or three arguments and --platform=linux/x86_64 is a modifier not an argument so split it onto two lines.

If you are using php-fpm, you can use php-fpm -i | grep php.ini to find the loaded configuration file.

If using php-cli, php -i | grep php.ini, and so on.

On some occasions, php-fpm and php-cli aren't using the same php.ini.

php -i -> php-cli

php-fpm -i -> php-fpm

Then add extension=yourExtension.so to php.ini, and restart your php-fpm, using php-fpm -m | grep yourExtension to check if the extension is loaded, it means work if printed you extension name.

If there's not, then, you need to find the extension_dir of php : php-fpm -i | grep extension_dir, and check if there is yourExtension.so file, if there's not, it means your extension installed to a wrong place, you need make a soft link or simply cp yourExtension.so to that place.

If you're using multi-version php, you need check which php you are using.

You have a couple problems here, which is why switching to mariadb didn't work on its own.

One way to make it more clear what the problem is, is to bash into a container created from your base image and run the commands manually.

I believe that the asterisk is interpreted by the shell, did you try yum -y remove 'php*'?

pecl will install Xdebug 3, and all your settings are still for Xdebug 2. Please go through the Upgrade Guide and adjust your settings.

The decr() method in the PHP code first Base64 decodes the encrypted data and then separates ciphertext and IV. Here the 8 bytes IV is expected to be appended to the ciphertext.
After that a decryption with AES in CFB mode is performed. There are different CFB variants of different segment sizes, here a segment size of 8 bits is used. CFB is a stream cipher mode, so no padding is needed/applied.

The bug in the posted NodeJS code is that ciphertext and IV are processed as strings using a UTF-8 encoding. This generally corrupts an arbitrary byte sequence (such as a ciphertext or an IV).
Regarding the ciphertext, the corruption happens in decipher.update(text, 'utf8'). Here UTF-8 is explicitly specified as input encoding in the second parameter.
Regarding the IV, the corruption happens when reading the IV into the buffer: Buffer.from(iv). Since no encoding is specified in the second parameter, UTF-8 is implicitly used. Both problems can be fixed by using latin1 as encoding.

A more robust solution is to use buffers throughout, so that no encoding is necessary:

We fixed the issue, simply in the vhost.conf, we needed to turn off EnableMMAP

There are several issues in the JavaScript code:

• The key must not be passed as a string, but as a WordArray (otherwise CryptoJS uses a key derivation function).
• IV and ciphertext are not determined correctly.
• The ciphertext must be passed as CipherParams object (or as Base64 encoded string).
• The padding must be PKCS7 (decryption would also work with NoPadding, but the padding bytes wouldn't be removed).
• The plaintext must be Utf8 decoded (.toString() hex encodes by default)

For details see the CryptoJS documentation, especially the chapters The Cipher Input and The Cipher Output.

The following JavaScript code decrypts the ciphertext: