|
1
|
|
|
<?php declare(strict_types=1); |
|
2
|
|
|
|
|
3
|
|
|
/** |
|
4
|
|
|
* OpensslWrapper.php |
|
5
|
|
|
* |
|
6
|
|
|
* PHP version 7 |
|
7
|
|
|
* |
|
8
|
|
|
* @category Dcrypt |
|
9
|
|
|
* @package Dcrypt |
|
10
|
|
|
* @author Michael Meyer (mmeyer2k) <[email protected]> |
|
11
|
|
|
* @license http://opensource.org/licenses/MIT The MIT License (MIT) |
|
12
|
|
|
* @link https://github.com/mmeyer2k/dcrypt |
|
13
|
|
|
*/ |
|
14
|
|
|
|
|
15
|
|
|
namespace Dcrypt; |
|
16
|
|
|
|
|
17
|
|
|
/** |
|
18
|
|
|
* A wrapper around any openssl_* functions. |
|
19
|
|
|
* |
|
20
|
|
|
* @category Dcrypt |
|
21
|
|
|
* @package Dcrypt |
|
22
|
|
|
* @author Michael Meyer (mmeyer2k) <[email protected]> |
|
23
|
|
|
* @license http://opensource.org/licenses/MIT The MIT License (MIT) |
|
24
|
|
|
* @link https://github.com/mmeyer2k/dcrypt |
|
25
|
|
|
*/ |
|
26
|
|
|
class OpensslWrapper |
|
27
|
|
|
{ |
|
28
|
|
|
/** |
|
29
|
|
|
* OpenSSL encrypt wrapper function |
|
30
|
|
|
* |
|
31
|
|
|
* @param string $data Data to decrypt |
|
32
|
|
|
* @param string $cipher Cipher method to use |
|
33
|
|
|
* @param string $key Key string |
|
34
|
|
|
* @param string $iv Initialization vector |
|
35
|
|
|
* @param string $tag AAD tag |
|
36
|
|
|
* |
|
37
|
|
|
* @return string |
|
38
|
|
|
*/ |
|
39
|
18 |
View Code Duplication |
protected static function opensslEncrypt( |
|
|
|
|
|
|
40
|
|
|
string $data, |
|
41
|
|
|
string $cipher, |
|
42
|
|
|
string $key, |
|
43
|
|
|
string $iv, |
|
44
|
|
|
string &$tag |
|
45
|
|
|
): string { |
|
46
|
18 |
|
if (OpensslStatic::tagRequired($cipher)) { |
|
|
|
|
|
|
47
|
6 |
|
return \openssl_encrypt($data, $cipher, $key, 1, $iv, $tag, '', 4); |
|
48
|
|
|
} else { |
|
49
|
14 |
|
return \openssl_encrypt($data, $cipher, $key, 1, $iv); |
|
50
|
|
|
} |
|
51
|
|
|
} |
|
52
|
|
|
|
|
53
|
|
|
/** |
|
54
|
|
|
* OpenSSL decrypt wrapper function |
|
55
|
|
|
* |
|
56
|
|
|
* @param string $input Data to decrypt |
|
57
|
|
|
* @param string $cipher Cipher method to use |
|
58
|
|
|
* @param string $key Key string |
|
59
|
|
|
* @param string $iv Initialization vector |
|
60
|
|
|
* @param string $tag AAD authentication tag |
|
61
|
|
|
* |
|
62
|
|
|
* @return string |
|
63
|
|
|
*/ |
|
64
|
24 |
View Code Duplication |
protected static function opensslDecrypt( |
|
|
|
|
|
|
65
|
|
|
string $input, |
|
66
|
|
|
string $cipher, |
|
67
|
|
|
string $key, |
|
68
|
|
|
string $iv, |
|
69
|
|
|
string $tag |
|
70
|
|
|
): string { |
|
71
|
24 |
|
if (OpensslStatic::tagRequired($cipher)) { |
|
|
|
|
|
|
72
|
8 |
|
return \openssl_decrypt($input, $cipher, $key, 1, $iv, $tag, ''); |
|
73
|
|
|
} else { |
|
74
|
19 |
|
return \openssl_decrypt($input, $cipher, $key, 1, $iv); |
|
75
|
|
|
} |
|
76
|
|
|
} |
|
77
|
|
|
|
|
78
|
|
|
/** |
|
79
|
|
|
* Get IV size for specified CIPHER. |
|
80
|
|
|
* |
|
81
|
|
|
* @param string $cipher Openssl cipher |
|
82
|
|
|
* |
|
83
|
|
|
* @return int |
|
84
|
|
|
*/ |
|
85
|
32 |
|
protected static function ivSize(string $cipher): int |
|
86
|
|
|
{ |
|
87
|
32 |
|
$ret = \openssl_cipher_iv_length($cipher); |
|
88
|
|
|
|
|
89
|
31 |
|
return $ret; |
|
90
|
|
|
} |
|
91
|
|
|
|
|
92
|
|
|
/** |
|
93
|
|
|
* Get a correctly sized IV for the specified cipher |
|
94
|
|
|
* |
|
95
|
|
|
* @param string $cipher Openssl cipher |
|
96
|
|
|
* |
|
97
|
|
|
* @return string |
|
98
|
|
|
* @throws \Exception |
|
99
|
|
|
*/ |
|
100
|
25 |
|
protected static function ivGenerate(string $cipher): string |
|
101
|
|
|
{ |
|
102
|
25 |
|
$size = self::ivSize($cipher); |
|
103
|
|
|
|
|
104
|
24 |
|
if ($size === 0) { |
|
105
|
6 |
|
return ''; |
|
106
|
|
|
} |
|
107
|
|
|
|
|
108
|
20 |
|
return \random_bytes($size); |
|
109
|
|
|
} |
|
110
|
|
|
|
|
111
|
|
|
/** |
|
112
|
|
|
* Determines if the provided cipher requires a tag |
|
113
|
|
|
* |
|
114
|
|
|
* @param string $cipher Openssl cipher |
|
115
|
|
|
* |
|
116
|
|
|
* @return bool |
|
117
|
|
|
*/ |
|
118
|
25 |
|
protected static function tagRequired(string $cipher): bool |
|
119
|
|
|
{ |
|
120
|
25 |
|
$cipher = strtolower($cipher); |
|
121
|
|
|
|
|
122
|
|
|
$needle_tips = [ |
|
123
|
25 |
|
'-gcm', |
|
124
|
|
|
'-ccm', |
|
125
|
|
|
]; |
|
126
|
|
|
|
|
127
|
25 |
|
foreach ($needle_tips as $needle) { |
|
128
|
25 |
|
if (strpos($cipher, $needle)) { |
|
129
|
25 |
|
return true; |
|
130
|
|
|
} |
|
131
|
|
|
} |
|
132
|
|
|
|
|
133
|
20 |
|
return false; |
|
134
|
|
|
} |
|
135
|
|
|
} |
|
136
|
|
|
|
mmeyer2k /
dcrypt
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.