eventespresso /
event-espresso-core
@@ -12,85 +12,85 @@ |
||
| 12 | 12 | */ |
| 13 | 13 | interface EncryptionKeyManagerInterface |
| 14 | 14 | { |
| 15 | - /** |
|
| 16 | - * add an encryption key |
|
| 17 | - * |
|
| 18 | - * @param string $encryption_key_identifier - name of the encryption key to use |
|
| 19 | - * @param string $encryption_key - cryptographically secure passphrase. will generate if necessary |
|
| 20 | - * @param bool $overwrite - prevents accidental overwriting of an existing key which would be bad |
|
| 21 | - * @return bool |
|
| 22 | - */ |
|
| 23 | - public function addEncryptionKey($encryption_key_identifier, $encryption_key = '', $overwrite = false); |
|
| 24 | - |
|
| 25 | - |
|
| 26 | - /** |
|
| 27 | - * returns true if encryption key has already been generated |
|
| 28 | - * |
|
| 29 | - * @param string $encryption_key_identifier - encryption key name |
|
| 30 | - * @return bool |
|
| 31 | - */ |
|
| 32 | - public function encryptionKeyExists($encryption_key_identifier = ''); |
|
| 33 | - |
|
| 34 | - |
|
| 35 | - /** |
|
| 36 | - * returns cryptographically secure passphrase. will use default if necessary |
|
| 37 | - * |
|
| 38 | - * @param string $encryption_key_identifier - encryption key name. will use default if necessary |
|
| 39 | - * @param bool $generate - will generate a new key if the requested one does not exist |
|
| 40 | - * @param bool $throw_exception - if TRUE (default), will throw an exception if key is not found |
|
| 41 | - * @return string |
|
| 42 | - */ |
|
| 43 | - public function getEncryptionKey($encryption_key_identifier = '', $generate = false, $throw_exception = true); |
|
| 44 | - |
|
| 45 | - |
|
| 46 | - /** |
|
| 47 | - * creates a new encryption key |
|
| 48 | - * |
|
| 49 | - * @param bool $strong if true (default) will attempt to generate a cryptographically secure key |
|
| 50 | - * @return string |
|
| 51 | - */ |
|
| 52 | - public function generateEncryptionKey($strong = true); |
|
| 53 | - |
|
| 54 | - |
|
| 55 | - /** |
|
| 56 | - * @return int |
|
| 57 | - */ |
|
| 58 | - public function bitDepth(); |
|
| 59 | - |
|
| 60 | - |
|
| 61 | - /** |
|
| 62 | - * @param int $bit_depth options are 64, 128, 192, or 256 |
|
| 63 | - */ |
|
| 64 | - public function setBitDepth($bit_depth); |
|
| 65 | - |
|
| 66 | - |
|
| 67 | - /** |
|
| 68 | - * @return int |
|
| 69 | - */ |
|
| 70 | - public function keyLength(); |
|
| 71 | - |
|
| 72 | - |
|
| 73 | - /** |
|
| 74 | - * @param int $key_length |
|
| 75 | - */ |
|
| 76 | - public function setKeyLength($key_length); |
|
| 77 | - |
|
| 78 | - |
|
| 79 | - /** |
|
| 80 | - * deletes ALL existing encryption keys from the db |
|
| 81 | - * |
|
| 82 | - * @return bool true if keys successfully deleted, false otherwise. |
|
| 83 | - */ |
|
| 84 | - public function removeAllEncryptionKeys(); |
|
| 85 | - |
|
| 86 | - |
|
| 87 | - /** |
|
| 88 | - * deletes an existing encryption key from those saved in the db |
|
| 89 | - * |
|
| 90 | - * @param string $encryption_key_identifier encryption key name |
|
| 91 | - * @return int 1: key removed successfully. |
|
| 92 | - * 0: key did not exist. |
|
| 93 | - * -1: failed to remove key |
|
| 94 | - */ |
|
| 95 | - public function removeEncryptionKey($encryption_key_identifier = ''); |
|
| 15 | + /** |
|
| 16 | + * add an encryption key |
|
| 17 | + * |
|
| 18 | + * @param string $encryption_key_identifier - name of the encryption key to use |
|
| 19 | + * @param string $encryption_key - cryptographically secure passphrase. will generate if necessary |
|
| 20 | + * @param bool $overwrite - prevents accidental overwriting of an existing key which would be bad |
|
| 21 | + * @return bool |
|
| 22 | + */ |
|
| 23 | + public function addEncryptionKey($encryption_key_identifier, $encryption_key = '', $overwrite = false); |
|
| 24 | + |
|
| 25 | + |
|
| 26 | + /** |
|
| 27 | + * returns true if encryption key has already been generated |
|
| 28 | + * |
|
| 29 | + * @param string $encryption_key_identifier - encryption key name |
|
| 30 | + * @return bool |
|
| 31 | + */ |
|
| 32 | + public function encryptionKeyExists($encryption_key_identifier = ''); |
|
| 33 | + |
|
| 34 | + |
|
| 35 | + /** |
|
| 36 | + * returns cryptographically secure passphrase. will use default if necessary |
|
| 37 | + * |
|
| 38 | + * @param string $encryption_key_identifier - encryption key name. will use default if necessary |
|
| 39 | + * @param bool $generate - will generate a new key if the requested one does not exist |
|
| 40 | + * @param bool $throw_exception - if TRUE (default), will throw an exception if key is not found |
|
| 41 | + * @return string |
|
| 42 | + */ |
|
| 43 | + public function getEncryptionKey($encryption_key_identifier = '', $generate = false, $throw_exception = true); |
|
| 44 | + |
|
| 45 | + |
|
| 46 | + /** |
|
| 47 | + * creates a new encryption key |
|
| 48 | + * |
|
| 49 | + * @param bool $strong if true (default) will attempt to generate a cryptographically secure key |
|
| 50 | + * @return string |
|
| 51 | + */ |
|
| 52 | + public function generateEncryptionKey($strong = true); |
|
| 53 | + |
|
| 54 | + |
|
| 55 | + /** |
|
| 56 | + * @return int |
|
| 57 | + */ |
|
| 58 | + public function bitDepth(); |
|
| 59 | + |
|
| 60 | + |
|
| 61 | + /** |
|
| 62 | + * @param int $bit_depth options are 64, 128, 192, or 256 |
|
| 63 | + */ |
|
| 64 | + public function setBitDepth($bit_depth); |
|
| 65 | + |
|
| 66 | + |
|
| 67 | + /** |
|
| 68 | + * @return int |
|
| 69 | + */ |
|
| 70 | + public function keyLength(); |
|
| 71 | + |
|
| 72 | + |
|
| 73 | + /** |
|
| 74 | + * @param int $key_length |
|
| 75 | + */ |
|
| 76 | + public function setKeyLength($key_length); |
|
| 77 | + |
|
| 78 | + |
|
| 79 | + /** |
|
| 80 | + * deletes ALL existing encryption keys from the db |
|
| 81 | + * |
|
| 82 | + * @return bool true if keys successfully deleted, false otherwise. |
|
| 83 | + */ |
|
| 84 | + public function removeAllEncryptionKeys(); |
|
| 85 | + |
|
| 86 | + |
|
| 87 | + /** |
|
| 88 | + * deletes an existing encryption key from those saved in the db |
|
| 89 | + * |
|
| 90 | + * @param string $encryption_key_identifier encryption key name |
|
| 91 | + * @return int 1: key removed successfully. |
|
| 92 | + * 0: key did not exist. |
|
| 93 | + * -1: failed to remove key |
|
| 94 | + */ |
|
| 95 | + public function removeEncryptionKey($encryption_key_identifier = ''); |
|
| 96 | 96 | } |
@@ -16,301 +16,301 @@ |
||
| 16 | 16 | */ |
| 17 | 17 | class EncryptionKeyManager implements EncryptionKeyManagerInterface |
| 18 | 18 | { |
| 19 | - /** |
|
| 20 | - * @var Base64Encoder |
|
| 21 | - */ |
|
| 22 | - protected $base64_encoder; |
|
| 23 | - |
|
| 24 | - /** |
|
| 25 | - * name used for a default encryption key in case no others are set |
|
| 26 | - * |
|
| 27 | - * @var string |
|
| 28 | - */ |
|
| 29 | - private $default_encryption_key_id; |
|
| 30 | - |
|
| 31 | - /** |
|
| 32 | - * name used for saving encryption keys to the wp_options table |
|
| 33 | - * |
|
| 34 | - * @var string |
|
| 35 | - */ |
|
| 36 | - private $encryption_keys_option_name; |
|
| 37 | - |
|
| 38 | - /** |
|
| 39 | - * @var array |
|
| 40 | - */ |
|
| 41 | - private $encryption_keys = null; |
|
| 42 | - |
|
| 43 | - /** |
|
| 44 | - * number of bits used when generating cryptographically secure keys |
|
| 45 | - * |
|
| 46 | - * @var int |
|
| 47 | - */ |
|
| 48 | - private $bit_depth = 128; |
|
| 49 | - |
|
| 50 | - /** |
|
| 51 | - * @var int[] |
|
| 52 | - */ |
|
| 53 | - private $bit_depth_options = [64, 128, 192, 256]; |
|
| 54 | - |
|
| 55 | - /** |
|
| 56 | - * number of characters used when generating cryptographically weak keys |
|
| 57 | - * |
|
| 58 | - * @var int |
|
| 59 | - */ |
|
| 60 | - private $key_length = 40; |
|
| 61 | - |
|
| 62 | - |
|
| 63 | - /** |
|
| 64 | - * @param Base64Encoder $base64_encoder |
|
| 65 | - * @param string $default_encryption_key_id |
|
| 66 | - * @param string $encryption_keys_option_name |
|
| 67 | - */ |
|
| 68 | - public function __construct(Base64Encoder $base64_encoder, $default_encryption_key_id, $encryption_keys_option_name) |
|
| 69 | - { |
|
| 70 | - $this->base64_encoder = $base64_encoder; |
|
| 71 | - $this->default_encryption_key_id = $default_encryption_key_id; |
|
| 72 | - $this->encryption_keys_option_name = $encryption_keys_option_name; |
|
| 73 | - } |
|
| 74 | - |
|
| 75 | - |
|
| 76 | - /** |
|
| 77 | - * add an encryption key |
|
| 78 | - * |
|
| 79 | - * @param string $encryption_key_identifier - name of the encryption key to use |
|
| 80 | - * @param string $encryption_key - cryptographically secure passphrase. will generate if necessary |
|
| 81 | - * @param bool $overwrite - prevents accidental overwriting of an existing key which would be bad |
|
| 82 | - * @return bool |
|
| 83 | - * @throws Exception |
|
| 84 | - */ |
|
| 85 | - public function addEncryptionKey($encryption_key_identifier, $encryption_key = '', $overwrite = false) |
|
| 86 | - { |
|
| 87 | - $encryption_key_identifier = $encryption_key_identifier ?: $this->default_encryption_key_id; |
|
| 88 | - if ($this->encryptionKeyExists($encryption_key_identifier) && ! $overwrite) { |
|
| 89 | - // WOAH!!! that key already exists and we don't want to overwrite it |
|
| 90 | - throw new RuntimeException( |
|
| 91 | - sprintf( |
|
| 92 | - esc_html__( |
|
| 93 | - 'The "%1$s" encryption key already exists and can not be overwritten because previously encrypted values would no longer be capable of being decrypted.', |
|
| 94 | - 'event_espresso' |
|
| 95 | - ), |
|
| 96 | - $encryption_key_identifier |
|
| 97 | - ) |
|
| 98 | - ); |
|
| 99 | - } |
|
| 100 | - $this->encryption_keys[ $encryption_key_identifier ] = $encryption_key ?: $this->generateEncryptionKey(); |
|
| 101 | - return $this->saveEncryptionKeys(); |
|
| 102 | - } |
|
| 103 | - |
|
| 104 | - |
|
| 105 | - /** |
|
| 106 | - * returns true if encryption key has already been generated |
|
| 107 | - * |
|
| 108 | - * @param string $encryption_key_identifier - encryption key name |
|
| 109 | - * @return bool |
|
| 110 | - * @throws Exception |
|
| 111 | - * @throws OutOfBoundsException |
|
| 112 | - */ |
|
| 113 | - public function encryptionKeyExists($encryption_key_identifier = '') |
|
| 114 | - { |
|
| 115 | - // ensure keys are loaded |
|
| 116 | - $this->retrieveEncryptionKeys(); |
|
| 117 | - return isset($this->encryption_keys[ $encryption_key_identifier ]); |
|
| 118 | - } |
|
| 119 | - |
|
| 120 | - |
|
| 121 | - /** |
|
| 122 | - * returns cryptographically secure passphrase. will use default if necessary |
|
| 123 | - * |
|
| 124 | - * @param string $encryption_key_identifier - encryption key name. will use default if necessary |
|
| 125 | - * @param bool $generate - will generate a new key if the requested one does not exist |
|
| 126 | - * @param bool $throw_exception - if TRUE (default), will throw an exception if key is not found |
|
| 127 | - * @return string |
|
| 128 | - * @throws Exception |
|
| 129 | - */ |
|
| 130 | - public function getEncryptionKey($encryption_key_identifier = '', $generate = true, $throw_exception = true) |
|
| 131 | - { |
|
| 132 | - $encryption_key_identifier = $encryption_key_identifier ?: $this->default_encryption_key_id; |
|
| 133 | - // if encryption key has not been set |
|
| 134 | - if (! $this->encryptionKeyExists($encryption_key_identifier)) { |
|
| 135 | - if ($generate) { |
|
| 136 | - $this->addEncryptionKey($encryption_key_identifier); |
|
| 137 | - } else { |
|
| 138 | - if (! $throw_exception) { |
|
| 139 | - return ''; |
|
| 140 | - } |
|
| 141 | - throw new OutOfBoundsException( |
|
| 142 | - sprintf( |
|
| 143 | - esc_html__('The "%1$s" encryption key was not found or is invalid.', 'event_espresso'), |
|
| 144 | - $encryption_key_identifier |
|
| 145 | - ) |
|
| 146 | - ); |
|
| 147 | - } |
|
| 148 | - } |
|
| 149 | - return $this->encryption_keys[ $encryption_key_identifier ]; |
|
| 150 | - } |
|
| 151 | - |
|
| 152 | - |
|
| 153 | - /** |
|
| 154 | - * creates a new encryption key |
|
| 155 | - * |
|
| 156 | - * @param bool $strong if true (default) will attempt to generate a cryptographically secure key |
|
| 157 | - * @return string |
|
| 158 | - * @throws Exception |
|
| 159 | - */ |
|
| 160 | - public function generateEncryptionKey($strong = true) |
|
| 161 | - { |
|
| 162 | - return $strong && PHP_VERSION_ID >= 70100 |
|
| 163 | - ? $this->generateStrongEncryptionKey() |
|
| 164 | - : $this->generateWeakEncryptionKey(); |
|
| 165 | - } |
|
| 166 | - |
|
| 167 | - |
|
| 168 | - /** |
|
| 169 | - * creates a new cryptographically secure encryption key |
|
| 170 | - * |
|
| 171 | - * @return string |
|
| 172 | - * @throws Exception |
|
| 173 | - */ |
|
| 174 | - protected function generateStrongEncryptionKey() |
|
| 175 | - { |
|
| 176 | - // bit_depth needs to be divided by 8 to convert to bytes |
|
| 177 | - return $this->base64_encoder->encodeString(random_bytes($this->bit_depth / 8)); |
|
| 178 | - } |
|
| 179 | - |
|
| 180 | - |
|
| 181 | - /** |
|
| 182 | - * creates a new encryption key that should not be trusted to be cryptographically secure |
|
| 183 | - * |
|
| 184 | - * @return string |
|
| 185 | - * @throws Exception |
|
| 186 | - */ |
|
| 187 | - protected function generateWeakEncryptionKey() |
|
| 188 | - { |
|
| 189 | - // @see http://stackoverflow.com/questions/637278/what-is-the-best-way-to-generate-a-random-key-within-php |
|
| 190 | - $iterations = ceil($this->key_length / 40); |
|
| 191 | - $random_string = ''; |
|
| 192 | - for ($i = 0; $i < $iterations; $i++) { |
|
| 193 | - $random_string .= sha1(microtime(true) . mt_rand(10000, 90000)); |
|
| 194 | - } |
|
| 195 | - $random_string = (string) substr($random_string, 0, $this->key_length); |
|
| 196 | - return $this->base64_encoder->encodeString($random_string); |
|
| 197 | - } |
|
| 198 | - |
|
| 199 | - |
|
| 200 | - /** |
|
| 201 | - * @return int |
|
| 202 | - */ |
|
| 203 | - public function bitDepth() |
|
| 204 | - { |
|
| 205 | - return $this->bit_depth; |
|
| 206 | - } |
|
| 207 | - |
|
| 208 | - |
|
| 209 | - /** |
|
| 210 | - * @param int $bit_depth options are 64, 128, 192, or 256 |
|
| 211 | - */ |
|
| 212 | - public function setBitDepth($bit_depth) |
|
| 213 | - { |
|
| 214 | - $bit_depth = absint($bit_depth); |
|
| 215 | - $this->bit_depth = in_array($bit_depth, $this->bit_depth_options, true) ? $bit_depth : 128; |
|
| 216 | - } |
|
| 217 | - |
|
| 218 | - |
|
| 219 | - /** |
|
| 220 | - * @return int |
|
| 221 | - */ |
|
| 222 | - public function keyLength() |
|
| 223 | - { |
|
| 224 | - return $this->key_length; |
|
| 225 | - } |
|
| 226 | - |
|
| 227 | - |
|
| 228 | - /** |
|
| 229 | - * @param int $key_length |
|
| 230 | - */ |
|
| 231 | - public function setKeyLength($key_length) |
|
| 232 | - { |
|
| 233 | - // let's not let the key length go below 8 or above 128 |
|
| 234 | - $this->key_length = min(max(absint($key_length), 8), 128); |
|
| 235 | - } |
|
| 236 | - |
|
| 237 | - |
|
| 238 | - /** |
|
| 239 | - * deletes ALL existing encryption keys from the db |
|
| 240 | - * |
|
| 241 | - * @return bool true if keys successfully deleted, false otherwise. |
|
| 242 | - */ |
|
| 243 | - public function removeAllEncryptionKeys() |
|
| 244 | - { |
|
| 245 | - return delete_option($this->encryption_keys_option_name); |
|
| 246 | - } |
|
| 247 | - |
|
| 248 | - |
|
| 249 | - /** |
|
| 250 | - * deletes an existing encryption key from those saved in the db |
|
| 251 | - * |
|
| 252 | - * @param string $encryption_key_identifier encryption key name |
|
| 253 | - * @return int 1: key removed successfully. |
|
| 254 | - * 0: key did not exist. |
|
| 255 | - * -1: failed to remove key |
|
| 256 | - * @throws Exception |
|
| 257 | - */ |
|
| 258 | - public function removeEncryptionKey($encryption_key_identifier = '') |
|
| 259 | - { |
|
| 260 | - // if encryption key has not been set |
|
| 261 | - if (! $this->encryptionKeyExists($encryption_key_identifier)) { |
|
| 262 | - return 0; |
|
| 263 | - } |
|
| 264 | - unset($this->encryption_keys[ $encryption_key_identifier ]); |
|
| 265 | - return $this->saveEncryptionKeys() ? 1 : -1; |
|
| 266 | - } |
|
| 267 | - |
|
| 268 | - |
|
| 269 | - /** |
|
| 270 | - * retrieves encryption keys from db |
|
| 271 | - * |
|
| 272 | - * @return array |
|
| 273 | - * @throws Exception |
|
| 274 | - * @throws RuntimeException |
|
| 275 | - */ |
|
| 276 | - protected function retrieveEncryptionKeys() |
|
| 277 | - { |
|
| 278 | - // if encryption key has not been set |
|
| 279 | - if (empty($this->encryption_keys)) { |
|
| 280 | - // retrieve encryption_key from db |
|
| 281 | - $this->encryption_keys = get_option($this->encryption_keys_option_name, null); |
|
| 282 | - // WHAT?? No encryption keys in the db ?? |
|
| 283 | - if ($this->encryption_keys === null) { |
|
| 284 | - $this->encryption_keys = []; |
|
| 285 | - // let's create the default key and save it |
|
| 286 | - $new_key = $this->generateEncryptionKey(); |
|
| 287 | - $this->encryption_keys[ $this->default_encryption_key_id ] = $new_key; |
|
| 288 | - if (! $this->saveEncryptionKeys(true)) { |
|
| 289 | - throw new RuntimeException( |
|
| 290 | - sprintf( |
|
| 291 | - esc_html__( |
|
| 292 | - 'Failed to save the "%1$s" encryption keys array to the database.', |
|
| 293 | - 'event_espresso' |
|
| 294 | - ), |
|
| 295 | - $this->encryption_keys_option_name |
|
| 296 | - ) |
|
| 297 | - ); |
|
| 298 | - } |
|
| 299 | - } |
|
| 300 | - } |
|
| 301 | - return $this->encryption_keys; |
|
| 302 | - } |
|
| 303 | - |
|
| 304 | - |
|
| 305 | - /** |
|
| 306 | - * saves encryption keys from db |
|
| 307 | - * |
|
| 308 | - * @return bool |
|
| 309 | - */ |
|
| 310 | - protected function saveEncryptionKeys($initialize = false) |
|
| 311 | - { |
|
| 312 | - return $initialize |
|
| 313 | - ? add_option($this->encryption_keys_option_name, $this->encryption_keys, '', false) |
|
| 314 | - : update_option($this->encryption_keys_option_name, $this->encryption_keys, false); |
|
| 315 | - } |
|
| 19 | + /** |
|
| 20 | + * @var Base64Encoder |
|
| 21 | + */ |
|
| 22 | + protected $base64_encoder; |
|
| 23 | + |
|
| 24 | + /** |
|
| 25 | + * name used for a default encryption key in case no others are set |
|
| 26 | + * |
|
| 27 | + * @var string |
|
| 28 | + */ |
|
| 29 | + private $default_encryption_key_id; |
|
| 30 | + |
|
| 31 | + /** |
|
| 32 | + * name used for saving encryption keys to the wp_options table |
|
| 33 | + * |
|
| 34 | + * @var string |
|
| 35 | + */ |
|
| 36 | + private $encryption_keys_option_name; |
|
| 37 | + |
|
| 38 | + /** |
|
| 39 | + * @var array |
|
| 40 | + */ |
|
| 41 | + private $encryption_keys = null; |
|
| 42 | + |
|
| 43 | + /** |
|
| 44 | + * number of bits used when generating cryptographically secure keys |
|
| 45 | + * |
|
| 46 | + * @var int |
|
| 47 | + */ |
|
| 48 | + private $bit_depth = 128; |
|
| 49 | + |
|
| 50 | + /** |
|
| 51 | + * @var int[] |
|
| 52 | + */ |
|
| 53 | + private $bit_depth_options = [64, 128, 192, 256]; |
|
| 54 | + |
|
| 55 | + /** |
|
| 56 | + * number of characters used when generating cryptographically weak keys |
|
| 57 | + * |
|
| 58 | + * @var int |
|
| 59 | + */ |
|
| 60 | + private $key_length = 40; |
|
| 61 | + |
|
| 62 | + |
|
| 63 | + /** |
|
| 64 | + * @param Base64Encoder $base64_encoder |
|
| 65 | + * @param string $default_encryption_key_id |
|
| 66 | + * @param string $encryption_keys_option_name |
|
| 67 | + */ |
|
| 68 | + public function __construct(Base64Encoder $base64_encoder, $default_encryption_key_id, $encryption_keys_option_name) |
|
| 69 | + { |
|
| 70 | + $this->base64_encoder = $base64_encoder; |
|
| 71 | + $this->default_encryption_key_id = $default_encryption_key_id; |
|
| 72 | + $this->encryption_keys_option_name = $encryption_keys_option_name; |
|
| 73 | + } |
|
| 74 | + |
|
| 75 | + |
|
| 76 | + /** |
|
| 77 | + * add an encryption key |
|
| 78 | + * |
|
| 79 | + * @param string $encryption_key_identifier - name of the encryption key to use |
|
| 80 | + * @param string $encryption_key - cryptographically secure passphrase. will generate if necessary |
|
| 81 | + * @param bool $overwrite - prevents accidental overwriting of an existing key which would be bad |
|
| 82 | + * @return bool |
|
| 83 | + * @throws Exception |
|
| 84 | + */ |
|
| 85 | + public function addEncryptionKey($encryption_key_identifier, $encryption_key = '', $overwrite = false) |
|
| 86 | + { |
|
| 87 | + $encryption_key_identifier = $encryption_key_identifier ?: $this->default_encryption_key_id; |
|
| 88 | + if ($this->encryptionKeyExists($encryption_key_identifier) && ! $overwrite) { |
|
| 89 | + // WOAH!!! that key already exists and we don't want to overwrite it |
|
| 90 | + throw new RuntimeException( |
|
| 91 | + sprintf( |
|
| 92 | + esc_html__( |
|
| 93 | + 'The "%1$s" encryption key already exists and can not be overwritten because previously encrypted values would no longer be capable of being decrypted.', |
|
| 94 | + 'event_espresso' |
|
| 95 | + ), |
|
| 96 | + $encryption_key_identifier |
|
| 97 | + ) |
|
| 98 | + ); |
|
| 99 | + } |
|
| 100 | + $this->encryption_keys[ $encryption_key_identifier ] = $encryption_key ?: $this->generateEncryptionKey(); |
|
| 101 | + return $this->saveEncryptionKeys(); |
|
| 102 | + } |
|
| 103 | + |
|
| 104 | + |
|
| 105 | + /** |
|
| 106 | + * returns true if encryption key has already been generated |
|
| 107 | + * |
|
| 108 | + * @param string $encryption_key_identifier - encryption key name |
|
| 109 | + * @return bool |
|
| 110 | + * @throws Exception |
|
| 111 | + * @throws OutOfBoundsException |
|
| 112 | + */ |
|
| 113 | + public function encryptionKeyExists($encryption_key_identifier = '') |
|
| 114 | + { |
|
| 115 | + // ensure keys are loaded |
|
| 116 | + $this->retrieveEncryptionKeys(); |
|
| 117 | + return isset($this->encryption_keys[ $encryption_key_identifier ]); |
|
| 118 | + } |
|
| 119 | + |
|
| 120 | + |
|
| 121 | + /** |
|
| 122 | + * returns cryptographically secure passphrase. will use default if necessary |
|
| 123 | + * |
|
| 124 | + * @param string $encryption_key_identifier - encryption key name. will use default if necessary |
|
| 125 | + * @param bool $generate - will generate a new key if the requested one does not exist |
|
| 126 | + * @param bool $throw_exception - if TRUE (default), will throw an exception if key is not found |
|
| 127 | + * @return string |
|
| 128 | + * @throws Exception |
|
| 129 | + */ |
|
| 130 | + public function getEncryptionKey($encryption_key_identifier = '', $generate = true, $throw_exception = true) |
|
| 131 | + { |
|
| 132 | + $encryption_key_identifier = $encryption_key_identifier ?: $this->default_encryption_key_id; |
|
| 133 | + // if encryption key has not been set |
|
| 134 | + if (! $this->encryptionKeyExists($encryption_key_identifier)) { |
|
| 135 | + if ($generate) { |
|
| 136 | + $this->addEncryptionKey($encryption_key_identifier); |
|
| 137 | + } else { |
|
| 138 | + if (! $throw_exception) { |
|
| 139 | + return ''; |
|
| 140 | + } |
|
| 141 | + throw new OutOfBoundsException( |
|
| 142 | + sprintf( |
|
| 143 | + esc_html__('The "%1$s" encryption key was not found or is invalid.', 'event_espresso'), |
|
| 144 | + $encryption_key_identifier |
|
| 145 | + ) |
|
| 146 | + ); |
|
| 147 | + } |
|
| 148 | + } |
|
| 149 | + return $this->encryption_keys[ $encryption_key_identifier ]; |
|
| 150 | + } |
|
| 151 | + |
|
| 152 | + |
|
| 153 | + /** |
|
| 154 | + * creates a new encryption key |
|
| 155 | + * |
|
| 156 | + * @param bool $strong if true (default) will attempt to generate a cryptographically secure key |
|
| 157 | + * @return string |
|
| 158 | + * @throws Exception |
|
| 159 | + */ |
|
| 160 | + public function generateEncryptionKey($strong = true) |
|
| 161 | + { |
|
| 162 | + return $strong && PHP_VERSION_ID >= 70100 |
|
| 163 | + ? $this->generateStrongEncryptionKey() |
|
| 164 | + : $this->generateWeakEncryptionKey(); |
|
| 165 | + } |
|
| 166 | + |
|
| 167 | + |
|
| 168 | + /** |
|
| 169 | + * creates a new cryptographically secure encryption key |
|
| 170 | + * |
|
| 171 | + * @return string |
|
| 172 | + * @throws Exception |
|
| 173 | + */ |
|
| 174 | + protected function generateStrongEncryptionKey() |
|
| 175 | + { |
|
| 176 | + // bit_depth needs to be divided by 8 to convert to bytes |
|
| 177 | + return $this->base64_encoder->encodeString(random_bytes($this->bit_depth / 8)); |
|
| 178 | + } |
|
| 179 | + |
|
| 180 | + |
|
| 181 | + /** |
|
| 182 | + * creates a new encryption key that should not be trusted to be cryptographically secure |
|
| 183 | + * |
|
| 184 | + * @return string |
|
| 185 | + * @throws Exception |
|
| 186 | + */ |
|
| 187 | + protected function generateWeakEncryptionKey() |
|
| 188 | + { |
|
| 189 | + // @see http://stackoverflow.com/questions/637278/what-is-the-best-way-to-generate-a-random-key-within-php |
|
| 190 | + $iterations = ceil($this->key_length / 40); |
|
| 191 | + $random_string = ''; |
|
| 192 | + for ($i = 0; $i < $iterations; $i++) { |
|
| 193 | + $random_string .= sha1(microtime(true) . mt_rand(10000, 90000)); |
|
| 194 | + } |
|
| 195 | + $random_string = (string) substr($random_string, 0, $this->key_length); |
|
| 196 | + return $this->base64_encoder->encodeString($random_string); |
|
| 197 | + } |
|
| 198 | + |
|
| 199 | + |
|
| 200 | + /** |
|
| 201 | + * @return int |
|
| 202 | + */ |
|
| 203 | + public function bitDepth() |
|
| 204 | + { |
|
| 205 | + return $this->bit_depth; |
|
| 206 | + } |
|
| 207 | + |
|
| 208 | + |
|
| 209 | + /** |
|
| 210 | + * @param int $bit_depth options are 64, 128, 192, or 256 |
|
| 211 | + */ |
|
| 212 | + public function setBitDepth($bit_depth) |
|
| 213 | + { |
|
| 214 | + $bit_depth = absint($bit_depth); |
|
| 215 | + $this->bit_depth = in_array($bit_depth, $this->bit_depth_options, true) ? $bit_depth : 128; |
|
| 216 | + } |
|
| 217 | + |
|
| 218 | + |
|
| 219 | + /** |
|
| 220 | + * @return int |
|
| 221 | + */ |
|
| 222 | + public function keyLength() |
|
| 223 | + { |
|
| 224 | + return $this->key_length; |
|
| 225 | + } |
|
| 226 | + |
|
| 227 | + |
|
| 228 | + /** |
|
| 229 | + * @param int $key_length |
|
| 230 | + */ |
|
| 231 | + public function setKeyLength($key_length) |
|
| 232 | + { |
|
| 233 | + // let's not let the key length go below 8 or above 128 |
|
| 234 | + $this->key_length = min(max(absint($key_length), 8), 128); |
|
| 235 | + } |
|
| 236 | + |
|
| 237 | + |
|
| 238 | + /** |
|
| 239 | + * deletes ALL existing encryption keys from the db |
|
| 240 | + * |
|
| 241 | + * @return bool true if keys successfully deleted, false otherwise. |
|
| 242 | + */ |
|
| 243 | + public function removeAllEncryptionKeys() |
|
| 244 | + { |
|
| 245 | + return delete_option($this->encryption_keys_option_name); |
|
| 246 | + } |
|
| 247 | + |
|
| 248 | + |
|
| 249 | + /** |
|
| 250 | + * deletes an existing encryption key from those saved in the db |
|
| 251 | + * |
|
| 252 | + * @param string $encryption_key_identifier encryption key name |
|
| 253 | + * @return int 1: key removed successfully. |
|
| 254 | + * 0: key did not exist. |
|
| 255 | + * -1: failed to remove key |
|
| 256 | + * @throws Exception |
|
| 257 | + */ |
|
| 258 | + public function removeEncryptionKey($encryption_key_identifier = '') |
|
| 259 | + { |
|
| 260 | + // if encryption key has not been set |
|
| 261 | + if (! $this->encryptionKeyExists($encryption_key_identifier)) { |
|
| 262 | + return 0; |
|
| 263 | + } |
|
| 264 | + unset($this->encryption_keys[ $encryption_key_identifier ]); |
|
| 265 | + return $this->saveEncryptionKeys() ? 1 : -1; |
|
| 266 | + } |
|
| 267 | + |
|
| 268 | + |
|
| 269 | + /** |
|
| 270 | + * retrieves encryption keys from db |
|
| 271 | + * |
|
| 272 | + * @return array |
|
| 273 | + * @throws Exception |
|
| 274 | + * @throws RuntimeException |
|
| 275 | + */ |
|
| 276 | + protected function retrieveEncryptionKeys() |
|
| 277 | + { |
|
| 278 | + // if encryption key has not been set |
|
| 279 | + if (empty($this->encryption_keys)) { |
|
| 280 | + // retrieve encryption_key from db |
|
| 281 | + $this->encryption_keys = get_option($this->encryption_keys_option_name, null); |
|
| 282 | + // WHAT?? No encryption keys in the db ?? |
|
| 283 | + if ($this->encryption_keys === null) { |
|
| 284 | + $this->encryption_keys = []; |
|
| 285 | + // let's create the default key and save it |
|
| 286 | + $new_key = $this->generateEncryptionKey(); |
|
| 287 | + $this->encryption_keys[ $this->default_encryption_key_id ] = $new_key; |
|
| 288 | + if (! $this->saveEncryptionKeys(true)) { |
|
| 289 | + throw new RuntimeException( |
|
| 290 | + sprintf( |
|
| 291 | + esc_html__( |
|
| 292 | + 'Failed to save the "%1$s" encryption keys array to the database.', |
|
| 293 | + 'event_espresso' |
|
| 294 | + ), |
|
| 295 | + $this->encryption_keys_option_name |
|
| 296 | + ) |
|
| 297 | + ); |
|
| 298 | + } |
|
| 299 | + } |
|
| 300 | + } |
|
| 301 | + return $this->encryption_keys; |
|
| 302 | + } |
|
| 303 | + |
|
| 304 | + |
|
| 305 | + /** |
|
| 306 | + * saves encryption keys from db |
|
| 307 | + * |
|
| 308 | + * @return bool |
|
| 309 | + */ |
|
| 310 | + protected function saveEncryptionKeys($initialize = false) |
|
| 311 | + { |
|
| 312 | + return $initialize |
|
| 313 | + ? add_option($this->encryption_keys_option_name, $this->encryption_keys, '', false) |
|
| 314 | + : update_option($this->encryption_keys_option_name, $this->encryption_keys, false); |
|
| 315 | + } |
|
| 316 | 316 | } |
@@ -97,7 +97,7 @@ discard block |
||
| 97 | 97 | ) |
| 98 | 98 | ); |
| 99 | 99 | } |
| 100 | - $this->encryption_keys[ $encryption_key_identifier ] = $encryption_key ?: $this->generateEncryptionKey(); |
|
| 100 | + $this->encryption_keys[$encryption_key_identifier] = $encryption_key ?: $this->generateEncryptionKey(); |
|
| 101 | 101 | return $this->saveEncryptionKeys(); |
| 102 | 102 | } |
| 103 | 103 | |
@@ -114,7 +114,7 @@ discard block |
||
| 114 | 114 | { |
| 115 | 115 | // ensure keys are loaded |
| 116 | 116 | $this->retrieveEncryptionKeys(); |
| 117 | - return isset($this->encryption_keys[ $encryption_key_identifier ]); |
|
| 117 | + return isset($this->encryption_keys[$encryption_key_identifier]); |
|
| 118 | 118 | } |
| 119 | 119 | |
| 120 | 120 | |
@@ -131,11 +131,11 @@ discard block |
||
| 131 | 131 | { |
| 132 | 132 | $encryption_key_identifier = $encryption_key_identifier ?: $this->default_encryption_key_id; |
| 133 | 133 | // if encryption key has not been set |
| 134 | - if (! $this->encryptionKeyExists($encryption_key_identifier)) { |
|
| 134 | + if ( ! $this->encryptionKeyExists($encryption_key_identifier)) { |
|
| 135 | 135 | if ($generate) { |
| 136 | 136 | $this->addEncryptionKey($encryption_key_identifier); |
| 137 | 137 | } else { |
| 138 | - if (! $throw_exception) { |
|
| 138 | + if ( ! $throw_exception) { |
|
| 139 | 139 | return ''; |
| 140 | 140 | } |
| 141 | 141 | throw new OutOfBoundsException( |
@@ -146,7 +146,7 @@ discard block |
||
| 146 | 146 | ); |
| 147 | 147 | } |
| 148 | 148 | } |
| 149 | - return $this->encryption_keys[ $encryption_key_identifier ]; |
|
| 149 | + return $this->encryption_keys[$encryption_key_identifier]; |
|
| 150 | 150 | } |
| 151 | 151 | |
| 152 | 152 | |
@@ -190,7 +190,7 @@ discard block |
||
| 190 | 190 | $iterations = ceil($this->key_length / 40); |
| 191 | 191 | $random_string = ''; |
| 192 | 192 | for ($i = 0; $i < $iterations; $i++) { |
| 193 | - $random_string .= sha1(microtime(true) . mt_rand(10000, 90000)); |
|
| 193 | + $random_string .= sha1(microtime(true).mt_rand(10000, 90000)); |
|
| 194 | 194 | } |
| 195 | 195 | $random_string = (string) substr($random_string, 0, $this->key_length); |
| 196 | 196 | return $this->base64_encoder->encodeString($random_string); |
@@ -258,10 +258,10 @@ discard block |
||
| 258 | 258 | public function removeEncryptionKey($encryption_key_identifier = '') |
| 259 | 259 | { |
| 260 | 260 | // if encryption key has not been set |
| 261 | - if (! $this->encryptionKeyExists($encryption_key_identifier)) { |
|
| 261 | + if ( ! $this->encryptionKeyExists($encryption_key_identifier)) { |
|
| 262 | 262 | return 0; |
| 263 | 263 | } |
| 264 | - unset($this->encryption_keys[ $encryption_key_identifier ]); |
|
| 264 | + unset($this->encryption_keys[$encryption_key_identifier]); |
|
| 265 | 265 | return $this->saveEncryptionKeys() ? 1 : -1; |
| 266 | 266 | } |
| 267 | 267 | |
@@ -284,8 +284,8 @@ discard block |
||
| 284 | 284 | $this->encryption_keys = []; |
| 285 | 285 | // let's create the default key and save it |
| 286 | 286 | $new_key = $this->generateEncryptionKey(); |
| 287 | - $this->encryption_keys[ $this->default_encryption_key_id ] = $new_key; |
|
| 288 | - if (! $this->saveEncryptionKeys(true)) { |
|
| 287 | + $this->encryption_keys[$this->default_encryption_key_id] = $new_key; |
|
| 288 | + if ( ! $this->saveEncryptionKeys(true)) { |
|
| 289 | 289 | throw new RuntimeException( |
| 290 | 290 | sprintf( |
| 291 | 291 | esc_html__( |
@@ -15,205 +15,205 @@ |
||
| 15 | 15 | class CipherMethod |
| 16 | 16 | { |
| 17 | 17 | |
| 18 | - /** |
|
| 19 | - * @var string |
|
| 20 | - */ |
|
| 21 | - protected $cipher_method_option_name; |
|
| 22 | - |
|
| 23 | - /** |
|
| 24 | - * list of cipher methods that we consider usable, |
|
| 25 | - * essentially all of the installed_cipher_methods minus weak_algorithms |
|
| 26 | - * |
|
| 27 | - * @var array |
|
| 28 | - */ |
|
| 29 | - protected $cipher_methods = []; |
|
| 30 | - |
|
| 31 | - /** |
|
| 32 | - * @var string |
|
| 33 | - */ |
|
| 34 | - protected $default_cipher_method; |
|
| 35 | - |
|
| 36 | - /** |
|
| 37 | - * list of ALL cipher methods available on the server |
|
| 38 | - * |
|
| 39 | - * @var array |
|
| 40 | - */ |
|
| 41 | - protected $installed_cipher_methods; |
|
| 42 | - |
|
| 43 | - /** |
|
| 44 | - * the OpenSSL cipher method to use. default: AES-128-CBC |
|
| 45 | - * |
|
| 46 | - * @var string |
|
| 47 | - */ |
|
| 48 | - protected $validated_cipher_method; |
|
| 49 | - |
|
| 50 | - /** |
|
| 51 | - * as early as Aug 2016, Openssl declared the following weak: RC2, RC4, DES, 3DES, MD5 based |
|
| 52 | - * and ECB mode should be avoided |
|
| 53 | - * |
|
| 54 | - * @var array |
|
| 55 | - */ |
|
| 56 | - protected $weak_algorithms = ['des', 'ecb', 'md5', 'rc2', 'rc4']; |
|
| 57 | - |
|
| 58 | - |
|
| 59 | - /** |
|
| 60 | - * @param string $default_cipher_method |
|
| 61 | - * @param string $cipher_method_option_name |
|
| 62 | - */ |
|
| 63 | - public function __construct($default_cipher_method, $cipher_method_option_name) |
|
| 64 | - { |
|
| 65 | - $this->default_cipher_method = $default_cipher_method; |
|
| 66 | - $this->cipher_method_option_name = $cipher_method_option_name; |
|
| 67 | - $this->installed_cipher_methods = openssl_get_cipher_methods(); |
|
| 68 | - } |
|
| 69 | - |
|
| 70 | - |
|
| 71 | - /** |
|
| 72 | - * Returns a cipher method that has been verified to work. |
|
| 73 | - * First checks if the cached cipher has been set already and if so, returns that. |
|
| 74 | - * Then tests the incoming default and returns that if it's good. |
|
| 75 | - * If not, then it retrieves the previously tested and saved cipher method. |
|
| 76 | - * But if that doesn't exist, then calls getAvailableCipherMethod() |
|
| 77 | - * to see what is available on the server, and returns the results. |
|
| 78 | - * |
|
| 79 | - * @param string $cipher_method |
|
| 80 | - * @param bool $load_alternate [optional] if TRUE, will load the default cipher method (or any strong algorithm) |
|
| 81 | - * if the requested cipher method is not installed or invalid. |
|
| 82 | - * if FALSE, will throw an exception if the requested cipher method is not valid. |
|
| 83 | - * @return string |
|
| 84 | - * @throws RuntimeException |
|
| 85 | - */ |
|
| 86 | - public function getCipherMethod($cipher_method = null, $load_alternate = true) |
|
| 87 | - { |
|
| 88 | - if (empty($cipher_method) && $this->validated_cipher_method !== null) { |
|
| 89 | - return $this->validated_cipher_method; |
|
| 90 | - } |
|
| 91 | - // if nothing specific was requested and it's ok to load an alternate, then grab the system default |
|
| 92 | - if (empty($cipher_method) && $load_alternate) { |
|
| 93 | - $cipher_method = $this->default_cipher_method; |
|
| 94 | - } |
|
| 95 | - // verify that the cipher method can produce an initialization vector. |
|
| 96 | - // but if the requested is invalid and we don't want to load an alternate, then throw an exception |
|
| 97 | - $throw_exception = ! $load_alternate; |
|
| 98 | - if ($this->validateCipherMethod($cipher_method, $throw_exception) === false) { |
|
| 99 | - // nope? ... ok let's see what we can find |
|
| 100 | - $cipher_method = $this->getAvailableCipherMethod(); |
|
| 101 | - } |
|
| 102 | - // if nothing has been previously validated, then save the currently requested cipher which appears to be good |
|
| 103 | - if ($this->validated_cipher_method === null) { |
|
| 104 | - $this->validated_cipher_method = $cipher_method; |
|
| 105 | - } |
|
| 106 | - return $cipher_method; |
|
| 107 | - } |
|
| 108 | - |
|
| 109 | - |
|
| 110 | - /** |
|
| 111 | - * returns true if the selected cipher method either uses Galois/Counter Mode (GCM) |
|
| 112 | - * or Counter with CBC-MAC (CCM) authenticated encryption modes |
|
| 113 | - * (also need to be using PHP 7.1 or greater to actually use authenticated encryption modes) |
|
| 114 | - * |
|
| 115 | - * @return bool |
|
| 116 | - */ |
|
| 117 | - public function usesAuthenticatedEncryptionMode() |
|
| 118 | - { |
|
| 119 | - return PHP_VERSION_ID >= 70100 |
|
| 120 | - && ( |
|
| 121 | - stripos($this->validated_cipher_method, 'gcm') !== false |
|
| 122 | - || stripos($this->validated_cipher_method, 'ccm') !== false |
|
| 123 | - ); |
|
| 124 | - } |
|
| 125 | - |
|
| 126 | - |
|
| 127 | - /** |
|
| 128 | - * @param string $cipher_method |
|
| 129 | - * @return string |
|
| 130 | - * @throws RuntimeException |
|
| 131 | - */ |
|
| 132 | - protected function getAvailableCipherMethod($cipher_method = null) |
|
| 133 | - { |
|
| 134 | - // if nothing was supplied, the get what we found in the past to work |
|
| 135 | - $cipher_method_to_test = $cipher_method ?: get_option($this->cipher_method_option_name, ''); |
|
| 136 | - // verify that the incoming cipher method exists and can produce an initialization vector |
|
| 137 | - if ($this->validateCipherMethod($cipher_method_to_test) === false) { |
|
| 138 | - // what? there's no list? |
|
| 139 | - if (empty($this->cipher_methods)) { |
|
| 140 | - // generate that list and cache it |
|
| 141 | - $this->cipher_methods = $this->getAvailableStrongCipherMethods(); |
|
| 142 | - } |
|
| 143 | - // then grab the first item from the list (we'll add it back later if it is good) |
|
| 144 | - $cipher_method_to_test = array_shift($this->cipher_methods); |
|
| 145 | - if ($cipher_method_to_test === null) { |
|
| 146 | - throw new RuntimeException( |
|
| 147 | - esc_html__( |
|
| 148 | - 'OpenSSL support appears to be enabled on the server, but no cipher methods are available. Please contact the server administrator.', |
|
| 149 | - 'event_espresso' |
|
| 150 | - ) |
|
| 151 | - ); |
|
| 152 | - } |
|
| 153 | - // verify that the next cipher method works |
|
| 154 | - return $this->getAvailableCipherMethod($cipher_method_to_test); |
|
| 155 | - } |
|
| 156 | - // if we've gotten this far, then we found an available cipher method that works |
|
| 157 | - // so save that for next time, if it's not the same as what's there already |
|
| 158 | - if ($cipher_method_to_test !== $cipher_method) { |
|
| 159 | - update_option($this->cipher_method_option_name, $cipher_method_to_test); |
|
| 160 | - } |
|
| 161 | - // if we previously removed this cipher method from the list of valid ones, then let's put it back |
|
| 162 | - if (! in_array($cipher_method_to_test, $this->cipher_methods, true)) { |
|
| 163 | - array_unshift($this->cipher_methods, $cipher_method_to_test); |
|
| 164 | - } |
|
| 165 | - return $cipher_method_to_test; |
|
| 166 | - } |
|
| 167 | - |
|
| 168 | - |
|
| 169 | - /** |
|
| 170 | - * @return array |
|
| 171 | - */ |
|
| 172 | - protected function getAvailableStrongCipherMethods() |
|
| 173 | - { |
|
| 174 | - return array_filter($this->installed_cipher_methods, [$this, 'weakAlgorithmFilter']); |
|
| 175 | - } |
|
| 176 | - |
|
| 177 | - |
|
| 178 | - /** |
|
| 179 | - * @param string $cipher_method |
|
| 180 | - * @param false $throw_exception |
|
| 181 | - * @return bool |
|
| 182 | - */ |
|
| 183 | - protected function validateCipherMethod($cipher_method, $throw_exception = false) |
|
| 184 | - { |
|
| 185 | - // verify that the requested cipher method is actually installed and can produce an initialization vector |
|
| 186 | - if (in_array($cipher_method, $this->installed_cipher_methods, true) |
|
| 187 | - && openssl_cipher_iv_length($cipher_method) !== false |
|
| 188 | - ) { |
|
| 189 | - return true; |
|
| 190 | - } |
|
| 191 | - if (! $throw_exception) { |
|
| 192 | - return false; |
|
| 193 | - } |
|
| 194 | - throw new RuntimeException( |
|
| 195 | - sprintf( |
|
| 196 | - esc_html__( |
|
| 197 | - 'The requested OpenSSL cipher method "%1$s" is invalid or not installed on the server. Please contact the server administrator.', |
|
| 198 | - 'event_espresso' |
|
| 199 | - ), |
|
| 200 | - $cipher_method |
|
| 201 | - ) |
|
| 202 | - ); |
|
| 203 | - } |
|
| 204 | - |
|
| 205 | - |
|
| 206 | - /** |
|
| 207 | - * @see https://www.php.net/manual/en/function.openssl-get-cipher-methods.php#example-890 |
|
| 208 | - * @param string $cipher_method |
|
| 209 | - */ |
|
| 210 | - protected function weakAlgorithmFilter($cipher_method) |
|
| 211 | - { |
|
| 212 | - foreach ($this->weak_algorithms as $weak_algorithm) { |
|
| 213 | - if (stripos($cipher_method, $weak_algorithm) !== false) { |
|
| 214 | - return false; |
|
| 215 | - } |
|
| 216 | - } |
|
| 217 | - return true; |
|
| 218 | - } |
|
| 18 | + /** |
|
| 19 | + * @var string |
|
| 20 | + */ |
|
| 21 | + protected $cipher_method_option_name; |
|
| 22 | + |
|
| 23 | + /** |
|
| 24 | + * list of cipher methods that we consider usable, |
|
| 25 | + * essentially all of the installed_cipher_methods minus weak_algorithms |
|
| 26 | + * |
|
| 27 | + * @var array |
|
| 28 | + */ |
|
| 29 | + protected $cipher_methods = []; |
|
| 30 | + |
|
| 31 | + /** |
|
| 32 | + * @var string |
|
| 33 | + */ |
|
| 34 | + protected $default_cipher_method; |
|
| 35 | + |
|
| 36 | + /** |
|
| 37 | + * list of ALL cipher methods available on the server |
|
| 38 | + * |
|
| 39 | + * @var array |
|
| 40 | + */ |
|
| 41 | + protected $installed_cipher_methods; |
|
| 42 | + |
|
| 43 | + /** |
|
| 44 | + * the OpenSSL cipher method to use. default: AES-128-CBC |
|
| 45 | + * |
|
| 46 | + * @var string |
|
| 47 | + */ |
|
| 48 | + protected $validated_cipher_method; |
|
| 49 | + |
|
| 50 | + /** |
|
| 51 | + * as early as Aug 2016, Openssl declared the following weak: RC2, RC4, DES, 3DES, MD5 based |
|
| 52 | + * and ECB mode should be avoided |
|
| 53 | + * |
|
| 54 | + * @var array |
|
| 55 | + */ |
|
| 56 | + protected $weak_algorithms = ['des', 'ecb', 'md5', 'rc2', 'rc4']; |
|
| 57 | + |
|
| 58 | + |
|
| 59 | + /** |
|
| 60 | + * @param string $default_cipher_method |
|
| 61 | + * @param string $cipher_method_option_name |
|
| 62 | + */ |
|
| 63 | + public function __construct($default_cipher_method, $cipher_method_option_name) |
|
| 64 | + { |
|
| 65 | + $this->default_cipher_method = $default_cipher_method; |
|
| 66 | + $this->cipher_method_option_name = $cipher_method_option_name; |
|
| 67 | + $this->installed_cipher_methods = openssl_get_cipher_methods(); |
|
| 68 | + } |
|
| 69 | + |
|
| 70 | + |
|
| 71 | + /** |
|
| 72 | + * Returns a cipher method that has been verified to work. |
|
| 73 | + * First checks if the cached cipher has been set already and if so, returns that. |
|
| 74 | + * Then tests the incoming default and returns that if it's good. |
|
| 75 | + * If not, then it retrieves the previously tested and saved cipher method. |
|
| 76 | + * But if that doesn't exist, then calls getAvailableCipherMethod() |
|
| 77 | + * to see what is available on the server, and returns the results. |
|
| 78 | + * |
|
| 79 | + * @param string $cipher_method |
|
| 80 | + * @param bool $load_alternate [optional] if TRUE, will load the default cipher method (or any strong algorithm) |
|
| 81 | + * if the requested cipher method is not installed or invalid. |
|
| 82 | + * if FALSE, will throw an exception if the requested cipher method is not valid. |
|
| 83 | + * @return string |
|
| 84 | + * @throws RuntimeException |
|
| 85 | + */ |
|
| 86 | + public function getCipherMethod($cipher_method = null, $load_alternate = true) |
|
| 87 | + { |
|
| 88 | + if (empty($cipher_method) && $this->validated_cipher_method !== null) { |
|
| 89 | + return $this->validated_cipher_method; |
|
| 90 | + } |
|
| 91 | + // if nothing specific was requested and it's ok to load an alternate, then grab the system default |
|
| 92 | + if (empty($cipher_method) && $load_alternate) { |
|
| 93 | + $cipher_method = $this->default_cipher_method; |
|
| 94 | + } |
|
| 95 | + // verify that the cipher method can produce an initialization vector. |
|
| 96 | + // but if the requested is invalid and we don't want to load an alternate, then throw an exception |
|
| 97 | + $throw_exception = ! $load_alternate; |
|
| 98 | + if ($this->validateCipherMethod($cipher_method, $throw_exception) === false) { |
|
| 99 | + // nope? ... ok let's see what we can find |
|
| 100 | + $cipher_method = $this->getAvailableCipherMethod(); |
|
| 101 | + } |
|
| 102 | + // if nothing has been previously validated, then save the currently requested cipher which appears to be good |
|
| 103 | + if ($this->validated_cipher_method === null) { |
|
| 104 | + $this->validated_cipher_method = $cipher_method; |
|
| 105 | + } |
|
| 106 | + return $cipher_method; |
|
| 107 | + } |
|
| 108 | + |
|
| 109 | + |
|
| 110 | + /** |
|
| 111 | + * returns true if the selected cipher method either uses Galois/Counter Mode (GCM) |
|
| 112 | + * or Counter with CBC-MAC (CCM) authenticated encryption modes |
|
| 113 | + * (also need to be using PHP 7.1 or greater to actually use authenticated encryption modes) |
|
| 114 | + * |
|
| 115 | + * @return bool |
|
| 116 | + */ |
|
| 117 | + public function usesAuthenticatedEncryptionMode() |
|
| 118 | + { |
|
| 119 | + return PHP_VERSION_ID >= 70100 |
|
| 120 | + && ( |
|
| 121 | + stripos($this->validated_cipher_method, 'gcm') !== false |
|
| 122 | + || stripos($this->validated_cipher_method, 'ccm') !== false |
|
| 123 | + ); |
|
| 124 | + } |
|
| 125 | + |
|
| 126 | + |
|
| 127 | + /** |
|
| 128 | + * @param string $cipher_method |
|
| 129 | + * @return string |
|
| 130 | + * @throws RuntimeException |
|
| 131 | + */ |
|
| 132 | + protected function getAvailableCipherMethod($cipher_method = null) |
|
| 133 | + { |
|
| 134 | + // if nothing was supplied, the get what we found in the past to work |
|
| 135 | + $cipher_method_to_test = $cipher_method ?: get_option($this->cipher_method_option_name, ''); |
|
| 136 | + // verify that the incoming cipher method exists and can produce an initialization vector |
|
| 137 | + if ($this->validateCipherMethod($cipher_method_to_test) === false) { |
|
| 138 | + // what? there's no list? |
|
| 139 | + if (empty($this->cipher_methods)) { |
|
| 140 | + // generate that list and cache it |
|
| 141 | + $this->cipher_methods = $this->getAvailableStrongCipherMethods(); |
|
| 142 | + } |
|
| 143 | + // then grab the first item from the list (we'll add it back later if it is good) |
|
| 144 | + $cipher_method_to_test = array_shift($this->cipher_methods); |
|
| 145 | + if ($cipher_method_to_test === null) { |
|
| 146 | + throw new RuntimeException( |
|
| 147 | + esc_html__( |
|
| 148 | + 'OpenSSL support appears to be enabled on the server, but no cipher methods are available. Please contact the server administrator.', |
|
| 149 | + 'event_espresso' |
|
| 150 | + ) |
|
| 151 | + ); |
|
| 152 | + } |
|
| 153 | + // verify that the next cipher method works |
|
| 154 | + return $this->getAvailableCipherMethod($cipher_method_to_test); |
|
| 155 | + } |
|
| 156 | + // if we've gotten this far, then we found an available cipher method that works |
|
| 157 | + // so save that for next time, if it's not the same as what's there already |
|
| 158 | + if ($cipher_method_to_test !== $cipher_method) { |
|
| 159 | + update_option($this->cipher_method_option_name, $cipher_method_to_test); |
|
| 160 | + } |
|
| 161 | + // if we previously removed this cipher method from the list of valid ones, then let's put it back |
|
| 162 | + if (! in_array($cipher_method_to_test, $this->cipher_methods, true)) { |
|
| 163 | + array_unshift($this->cipher_methods, $cipher_method_to_test); |
|
| 164 | + } |
|
| 165 | + return $cipher_method_to_test; |
|
| 166 | + } |
|
| 167 | + |
|
| 168 | + |
|
| 169 | + /** |
|
| 170 | + * @return array |
|
| 171 | + */ |
|
| 172 | + protected function getAvailableStrongCipherMethods() |
|
| 173 | + { |
|
| 174 | + return array_filter($this->installed_cipher_methods, [$this, 'weakAlgorithmFilter']); |
|
| 175 | + } |
|
| 176 | + |
|
| 177 | + |
|
| 178 | + /** |
|
| 179 | + * @param string $cipher_method |
|
| 180 | + * @param false $throw_exception |
|
| 181 | + * @return bool |
|
| 182 | + */ |
|
| 183 | + protected function validateCipherMethod($cipher_method, $throw_exception = false) |
|
| 184 | + { |
|
| 185 | + // verify that the requested cipher method is actually installed and can produce an initialization vector |
|
| 186 | + if (in_array($cipher_method, $this->installed_cipher_methods, true) |
|
| 187 | + && openssl_cipher_iv_length($cipher_method) !== false |
|
| 188 | + ) { |
|
| 189 | + return true; |
|
| 190 | + } |
|
| 191 | + if (! $throw_exception) { |
|
| 192 | + return false; |
|
| 193 | + } |
|
| 194 | + throw new RuntimeException( |
|
| 195 | + sprintf( |
|
| 196 | + esc_html__( |
|
| 197 | + 'The requested OpenSSL cipher method "%1$s" is invalid or not installed on the server. Please contact the server administrator.', |
|
| 198 | + 'event_espresso' |
|
| 199 | + ), |
|
| 200 | + $cipher_method |
|
| 201 | + ) |
|
| 202 | + ); |
|
| 203 | + } |
|
| 204 | + |
|
| 205 | + |
|
| 206 | + /** |
|
| 207 | + * @see https://www.php.net/manual/en/function.openssl-get-cipher-methods.php#example-890 |
|
| 208 | + * @param string $cipher_method |
|
| 209 | + */ |
|
| 210 | + protected function weakAlgorithmFilter($cipher_method) |
|
| 211 | + { |
|
| 212 | + foreach ($this->weak_algorithms as $weak_algorithm) { |
|
| 213 | + if (stripos($cipher_method, $weak_algorithm) !== false) { |
|
| 214 | + return false; |
|
| 215 | + } |
|
| 216 | + } |
|
| 217 | + return true; |
|
| 218 | + } |
|
| 219 | 219 | } |
