Mcrypt has been deprecated for years and is finally gone from php. Unfortunately I need to decode encrypted data from ClickBank and their documentation only offers mcrypt solutions.
This is cut from their documentation. How can I do this without mcrypt_decode()?
$secretKey = "YOUR SECRET KEY"; // secret key from your ClickBank account
// get JSON from raw body...
$message = json_decode(file_get_contents('php://input'));
// Pull out the encrypted notification and the initialization vector for
// AES/CBC/PKCS5Padding decryption
$encrypted = $message->{'notification'};
$iv = $message->{'iv'};
error_log("IV: $iv");
// decrypt the body...
$decrypted = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_128,
substr(sha1($secretKey), 0, 32),
base64_decode($encrypted),
MCRYPT_MODE_CBC,
base64_decode($iv)), "\0..\32");
error_log("Decrypted: $decrypted");
////UTF8 Encoding, remove escape back slashes, and convert the decrypted string to a JSON object...
$sanitizedData = utf8_encode(stripslashes($decrypted));
$order = json_decode($decrypted);
$notification_array = json_decode(utf8_encode(stripslashes(trim(openssl_decrypt($encrypted,
'AES-256-CBC',
substr(sha1($secretKey), 0, 32),
OPENSSL_ZERO_PADDING, base64_decode($iv)), "\0..\32"))), true);