|
1
|
|
|
<?php |
|
2
|
|
|
|
|
3
|
|
|
declare(strict_types = 1); |
|
4
|
|
|
|
|
5
|
|
|
namespace Sop\GCM\Cipher\AES; |
|
6
|
|
|
|
|
7
|
|
|
use Sop\GCM\Cipher\Cipher; |
|
8
|
|
|
use Sop\GCM\Exception\AuthenticationException; |
|
9
|
|
|
|
|
10
|
|
|
/** |
|
11
|
|
|
* Base class for AES ciphers for the GCM. |
|
12
|
|
|
*/ |
|
13
|
|
|
abstract class AESCipher implements Cipher |
|
14
|
|
|
{ |
|
15
|
|
|
/** |
|
16
|
|
|
* Mapping from key size in bits to AES cipher implementation class name. |
|
17
|
|
|
* |
|
18
|
|
|
* @internal |
|
19
|
|
|
* |
|
20
|
|
|
* @var array |
|
21
|
|
|
*/ |
|
22
|
|
|
const MAP_KEYSIZE_TO_CLS = [ |
|
23
|
|
|
128 => AES128Cipher::class, |
|
24
|
|
|
192 => AES192Cipher::class, |
|
25
|
|
|
256 => AES256Cipher::class, |
|
26
|
|
|
]; |
|
27
|
|
|
|
|
28
|
|
|
/** |
|
29
|
|
|
* Get AES cipher instance by key length. |
|
30
|
|
|
* |
|
31
|
|
|
* @param int $len Key length in bytes |
|
32
|
|
|
* |
|
33
|
|
|
* @throws \UnexpectedValueException |
|
34
|
|
|
* |
|
35
|
|
|
* @return self |
|
36
|
|
|
*/ |
|
37
|
81 |
|
public static function fromKeyLength(int $len): self |
|
38
|
|
|
{ |
|
39
|
81 |
|
$bits = $len << 3; |
|
40
|
81 |
|
if (!array_key_exists($bits, self::MAP_KEYSIZE_TO_CLS)) { |
|
41
|
1 |
|
throw new \UnexpectedValueException( |
|
42
|
1 |
|
"No AES implementation for {$bits}-bit key size."); |
|
43
|
|
|
} |
|
44
|
80 |
|
$cls = self::MAP_KEYSIZE_TO_CLS[$bits]; |
|
45
|
80 |
|
return new $cls(); |
|
46
|
|
|
} |
|
47
|
|
|
|
|
48
|
|
|
/** |
|
49
|
|
|
* {@inheritdoc} |
|
50
|
|
|
* |
|
51
|
|
|
* @throws \UnexpectedValueException If key size is incorrect |
|
52
|
|
|
* @throws \RuntimeException For generic errors |
|
53
|
|
|
*/ |
|
54
|
54 |
|
public function encrypt(string $data, string $key): string |
|
55
|
|
|
{ |
|
56
|
54 |
|
$this->_checkKeySize($key); |
|
57
|
51 |
|
$result = openssl_encrypt($data, $this->_cipherName(), $key, |
|
58
|
51 |
|
OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING); |
|
59
|
51 |
|
if (false === $result) { |
|
60
|
1 |
|
throw new \RuntimeException( |
|
61
|
1 |
|
'openssl_encrypt() failed: ' . self::_getLastOpenSSLError()); |
|
62
|
|
|
} |
|
63
|
50 |
|
return $result; |
|
64
|
|
|
} |
|
65
|
|
|
|
|
66
|
|
|
/** |
|
67
|
|
|
* Check whether OpenSSL has native AES-GCM cipher available. |
|
68
|
|
|
* |
|
69
|
|
|
* @return bool |
|
70
|
|
|
*/ |
|
71
|
43 |
|
public function hasNativeCipher(): bool |
|
72
|
|
|
{ |
|
73
|
43 |
|
static $supported_methods; |
|
74
|
43 |
|
if (!isset($supported_methods)) { |
|
75
|
3 |
|
$supported_methods = array_flip(openssl_get_cipher_methods(false)); |
|
76
|
|
|
} |
|
77
|
43 |
|
$method = $this->_nativeCipherName(); |
|
78
|
43 |
|
return isset($supported_methods[$method]); |
|
79
|
|
|
} |
|
80
|
|
|
|
|
81
|
|
|
/** |
|
82
|
|
|
* Encrypt plaintext using native OpenSSL. |
|
83
|
|
|
* |
|
84
|
|
|
* @param string $plaintext Plaintext to encrypt |
|
85
|
|
|
* @param string $aad Additional authenticated data |
|
86
|
|
|
* @param string $key Encryption key |
|
87
|
|
|
* @param string $iv Initialization vector |
|
88
|
|
|
* @param int $tag_length Authentication tag length in bytes |
|
89
|
|
|
* |
|
90
|
|
|
* @return array Tuple of ciphertext and authentication tag |
|
91
|
|
|
*/ |
|
92
|
44 |
|
public function nativeEncrypt(string $plaintext, string $aad, string $key, |
|
93
|
|
|
string $iv, int $tag_length = 16): array |
|
94
|
|
|
{ |
|
95
|
44 |
|
$this->_checkKeySize($key); |
|
96
|
44 |
|
$ciphertext = @openssl_encrypt($plaintext, $this->_nativeCipherName(), |
|
97
|
44 |
|
$key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv, $tag, $aad, $tag_length); |
|
98
|
|
|
// should never fail, since key size is already checked |
|
99
|
44 |
|
if (false === $ciphertext) { |
|
100
|
1 |
|
throw new \RuntimeException( |
|
101
|
1 |
|
'openssl_encrypt() failed: ' . self::_getLastOpenSSLError()); |
|
102
|
|
|
} |
|
103
|
43 |
|
return [$ciphertext, $tag]; |
|
104
|
|
|
} |
|
105
|
|
|
|
|
106
|
|
|
/** |
|
107
|
|
|
* Decrypt ciphertext using native OpenSSL. |
|
108
|
|
|
* |
|
109
|
|
|
* @param string $ciphertext Ciphertext to decrypt |
|
110
|
|
|
* @param string $auth_tag Authentication tag to verify |
|
111
|
|
|
* @param string $aad Additional authenticated data |
|
112
|
|
|
* @param string $key Encryption key |
|
113
|
|
|
* @param string $iv Initialization vector |
|
114
|
|
|
* |
|
115
|
|
|
* @return string Plaintext |
|
116
|
|
|
*/ |
|
117
|
43 |
|
public function nativeDecrypt(string $ciphertext, string $auth_tag, |
|
118
|
|
|
string $aad, string $key, string $iv): string |
|
119
|
|
|
{ |
|
120
|
43 |
|
$this->_checkKeySize($key); |
|
121
|
43 |
|
$plaintext = openssl_decrypt($ciphertext, $this->_nativeCipherName(), |
|
122
|
43 |
|
$key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $iv, $auth_tag, $aad); |
|
123
|
43 |
|
if (false === $plaintext) { |
|
124
|
1 |
|
throw new AuthenticationException('Authentication failed.'); |
|
125
|
|
|
} |
|
126
|
42 |
|
return $plaintext; |
|
127
|
|
|
} |
|
128
|
|
|
|
|
129
|
|
|
/** |
|
130
|
|
|
* Get the AES-ECB cipher method name recognized by OpenSSL. |
|
131
|
|
|
* |
|
132
|
|
|
* @return string |
|
133
|
|
|
*/ |
|
134
|
|
|
abstract protected function _cipherName(): string; |
|
135
|
|
|
|
|
136
|
|
|
/** |
|
137
|
|
|
* Get the AES-GCM cipher method recognized by OpenSSL. |
|
138
|
|
|
*/ |
|
139
|
|
|
abstract protected function _nativeCipherName(): string; |
|
140
|
|
|
|
|
141
|
|
|
/** |
|
142
|
|
|
* Get the key size in bytes. |
|
143
|
|
|
* |
|
144
|
|
|
* @return int |
|
145
|
|
|
*/ |
|
146
|
|
|
abstract protected function _keySize(): int; |
|
147
|
|
|
|
|
148
|
99 |
|
protected function _checkKeySize(string $key): void |
|
149
|
|
|
{ |
|
150
|
99 |
|
if (strlen($key) !== $this->_keySize()) { |
|
151
|
3 |
|
throw new \UnexpectedValueException('Key size must be ' . |
|
152
|
3 |
|
$this->_keySize() . ' bytes.'); |
|
153
|
|
|
} |
|
154
|
96 |
|
} |
|
155
|
|
|
|
|
156
|
|
|
/** |
|
157
|
|
|
* Get latest OpenSSL error message. |
|
158
|
|
|
* |
|
159
|
|
|
* @return string |
|
160
|
|
|
*/ |
|
161
|
2 |
|
protected static function _getLastOpenSSLError(): string |
|
162
|
|
|
{ |
|
163
|
2 |
|
$msg = ''; |
|
164
|
2 |
|
while (false !== ($err = openssl_error_string())) { |
|
165
|
1 |
|
$msg = $err; |
|
166
|
|
|
} |
|
167
|
2 |
|
return $msg; |
|
168
|
|
|
} |
|
169
|
|
|
} |
|
170
|
|
|
|
sop /
gcm
