fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-06 10:11:38 +09:00
Code Issues Projects Releases Packages Wiki Activity

Remove code that uses defuse/php-encryption (from next branch)

Browse source
This commit is contained in:
Kijin Sung 2022-12-25 18:26:10 +09:00
parent 0ed1cfdef7
commit 35a93f3928
3 changed files with 43 additions and 69 deletions
Download patch file Download diff file Expand all files Collapse all files

47
common/libraries/cryptocompat.php
View file

@ -1,8 +1,11 @@
<?php
/**
* This class uses mcrypt to perform encryption and decryption in a way
* that is fully compatible with https://github.com/defuse/php-encryption
* This class uses openssl to perform encryption and decryption in a format
* that is fully compatible with version 1.x of defuse/php-encryption
* which we must preserve for backward compatibility.
*
* This file is part of Rhymix and is licensed under GPLv2 or later.
*/
class CryptoCompat
{
@ -26,9 +29,21 @@ class CryptoCompat
$iv = self::_createIV();
// Encrypt the plaintext
$mcrypt_method = str_replace('aes', 'rijndael', self::ENCRYPTION_ALGO);
$plaintext = self::_applyPKCS7Padding($plaintext, self::ENCRYPTION_BLOCK_SIZE);
$ciphertext = mcrypt_encrypt($mcrypt_method, $enc_key, $plaintext, self::ENCRYPTION_MODE, $iv);
if (function_exists('openssl_encrypt'))
{
$openssl_method = strtoupper(self::ENCRYPTION_ALGO . '-' . self::ENCRYPTION_MODE);
$ciphertext = openssl_encrypt($plaintext, $openssl_method, $enc_key, OPENSSL_RAW_DATA, $iv);
}
elseif (function_exists('mcrypt_encrypt'))
{
$plaintext = self::_applyPKCS7Padding($plaintext, self::ENCRYPTION_BLOCK_SIZE);
$mcrypt_method = str_replace('aes', 'rijndael', self::ENCRYPTION_ALGO);
$ciphertext = mcrypt_encrypt($mcrypt_method, $enc_key, $plaintext, self::ENCRYPTION_MODE, $iv);
}
else
{
throw new Rhymix\Framework\Exception('msg_crypto_not_available');
}
// Generate MAC
$mac_key = self::_defuseCompatibleHKDF($key, self::ENCRYPTION_MAC_INFO);
@ -58,13 +73,25 @@ class CryptoCompat
$enc_key = self::_defuseCompatibleHKDF($key, self::ENCRYPTION_KEY_INFO);
// Decrypt the ciphertext
$mcrypt_method = str_replace('aes', 'rijndael', self::ENCRYPTION_ALGO);
$plaintext = @mcrypt_decrypt($mcrypt_method, $enc_key, $ciphertext, self::ENCRYPTION_MODE, $iv);
if ($plaintext === false)
if (function_exists('openssl_decrypt'))
{
return false;
$openssl_method = strtoupper(self::ENCRYPTION_ALGO . '-' . self::ENCRYPTION_MODE);
$plaintext = openssl_decrypt($ciphertext, $openssl_method, $enc_key, OPENSSL_RAW_DATA, $iv);
}
$plaintext = self::_stripPKCS7Padding($plaintext, self::ENCRYPTION_BLOCK_SIZE);
elseif (function_exists('mcrypt_decrypt'))
{
$mcrypt_method = str_replace('aes', 'rijndael', self::ENCRYPTION_ALGO);
$plaintext = mcrypt_decrypt($mcrypt_method, $enc_key, $ciphertext, self::ENCRYPTION_MODE, $iv);
if ($plaintext !== false)
{
$plaintext = self::_stripPKCS7Padding($plaintext, self::ENCRYPTION_BLOCK_SIZE);
}
}
else
{
throw new Rhymix\Framework\Exception('msg_crypto_not_available');
}
if ($plaintext === false)
{
return false;