first commit
This commit is contained in:
168
classes/PhpEncryptionLegacyEngine.php
Normal file
168
classes/PhpEncryptionLegacyEngine.php
Normal file
@@ -0,0 +1,168 @@
|
||||
<?php
|
||||
/**
|
||||
* Copyright since 2007 PrestaShop SA and Contributors
|
||||
* PrestaShop is an International Registered Trademark & Property of PrestaShop SA
|
||||
*
|
||||
* NOTICE OF LICENSE
|
||||
*
|
||||
* This source file is subject to the Open Software License (OSL 3.0)
|
||||
* that is bundled with this package in the file LICENSE.md.
|
||||
* It is also available through the world-wide-web at this URL:
|
||||
* https://opensource.org/licenses/OSL-3.0
|
||||
* If you did not receive a copy of the license and are unable to
|
||||
* obtain it through the world-wide-web, please send an email
|
||||
* to license@prestashop.com so we can send you a copy immediately.
|
||||
*
|
||||
* DISCLAIMER
|
||||
*
|
||||
* Do not edit or add to this file if you wish to upgrade PrestaShop to newer
|
||||
* versions in the future. If you wish to customize PrestaShop for your
|
||||
* needs please refer to https://devdocs.prestashop.com/ for more information.
|
||||
*
|
||||
* @author PrestaShop SA and Contributors <contact@prestashop.com>
|
||||
* @copyright Since 2007 PrestaShop SA and Contributors
|
||||
* @license https://opensource.org/licenses/OSL-3.0 Open Software License (OSL 3.0)
|
||||
*/
|
||||
|
||||
/**
|
||||
* Class PhpEncryption engine for openSSL < 0.9.8.
|
||||
*
|
||||
* @doc http://php.net/manual/fr/function.mcrypt-encrypt.php#refsect1-function.mcrypt-encrypt-examples
|
||||
*
|
||||
* This class will be deprecated when web hosting providers will update their version of OpenSSL.
|
||||
*/
|
||||
class PhpEncryptionLegacyEngineCore extends PhpEncryptionEngine
|
||||
{
|
||||
protected $key;
|
||||
protected $hmacIv;
|
||||
protected $iv;
|
||||
protected $ivSize;
|
||||
|
||||
protected $mode = MCRYPT_MODE_CBC;
|
||||
protected $cipher = MCRYPT_RIJNDAEL_128;
|
||||
|
||||
/**
|
||||
* PhpEncryptionCore constructor.
|
||||
*
|
||||
* @param string $hexString A string that only contains hexadecimal characters
|
||||
* Bother upper and lower case are allowed
|
||||
*/
|
||||
public function __construct($hexString)
|
||||
{
|
||||
$this->key = substr($hexString, 0, 32);
|
||||
$this->ivSize = mcrypt_get_iv_size($this->cipher, $this->mode);
|
||||
$this->iv = mcrypt_create_iv($this->ivSize, MCRYPT_RAND);
|
||||
$this->hmacIv = substr(sha1(_COOKIE_KEY_), 0, $this->ivSize);
|
||||
}
|
||||
|
||||
/**
|
||||
* Encrypt the plaintext.
|
||||
*
|
||||
* @param string $plaintext Plaintext
|
||||
*
|
||||
* @return string Cipher text
|
||||
*/
|
||||
public function encrypt($plaintext)
|
||||
{
|
||||
$blockSize = mcrypt_get_block_size($this->cipher, $this->mode);
|
||||
$pad = $blockSize - (strlen($plaintext) % $blockSize);
|
||||
|
||||
$cipherText = mcrypt_encrypt(
|
||||
$this->cipher,
|
||||
$this->key,
|
||||
$plaintext . str_repeat(chr($pad), $pad),
|
||||
$this->mode,
|
||||
$this->iv
|
||||
);
|
||||
$cipherText = $this->iv . $cipherText;
|
||||
|
||||
return $this->generateHmac($cipherText) . ':' . base64_encode($cipherText);
|
||||
}
|
||||
|
||||
/**
|
||||
* Decrypt the cipher text.
|
||||
*
|
||||
* @param string $cipherText Cipher text
|
||||
*
|
||||
* @return bool|string Plaintext
|
||||
* `false` if unable to decrypt
|
||||
*
|
||||
* @throws Exception
|
||||
*/
|
||||
public function decrypt($cipherText)
|
||||
{
|
||||
$data = explode(':', $cipherText);
|
||||
if (count($data) != 2) {
|
||||
return false;
|
||||
}
|
||||
|
||||
list($hmac, $encrypted) = $data;
|
||||
$encrypted = base64_decode($encrypted);
|
||||
$newHmac = $this->generateHmac($encrypted);
|
||||
if ($hmac !== $newHmac) {
|
||||
return false;
|
||||
}
|
||||
|
||||
$ivDec = substr($encrypted, 0, $this->ivSize);
|
||||
$cipherText = substr($encrypted, $this->ivSize);
|
||||
|
||||
$data = mcrypt_decrypt(
|
||||
$this->cipher,
|
||||
$this->key,
|
||||
$cipherText,
|
||||
$this->mode,
|
||||
$ivDec
|
||||
);
|
||||
|
||||
$pad = ord($data[strlen($data) - 1]);
|
||||
|
||||
return substr($data, 0, -$pad);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate Hmac.
|
||||
*
|
||||
* @param string $encrypted
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
protected function generateHmac($encrypted)
|
||||
{
|
||||
$macKey = $this->generateKeygenS2k('sha256', $this->key, $this->hmacIv, 32);
|
||||
|
||||
return hash_hmac(
|
||||
'sha256',
|
||||
$this->hmacIv . $this->cipher . $encrypted,
|
||||
$macKey
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
* Alternative to mhash_keygen_s2k for security reason
|
||||
* and php compatibilities.
|
||||
*
|
||||
* @param string $hash
|
||||
* @param string $password
|
||||
* @param string $salt
|
||||
* @param int $bytes
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
protected function generateKeygenS2k($hash, $password, $salt, $bytes)
|
||||
{
|
||||
$result = '';
|
||||
foreach (range(0, ceil($bytes / strlen(hash($hash, null, true))) - 1) as $i) {
|
||||
$result .= hash(
|
||||
$hash,
|
||||
str_repeat("\0", $i) . str_pad(substr($salt, 0, 8), 8, "\0", STR_PAD_RIGHT) . $password,
|
||||
true
|
||||
);
|
||||
}
|
||||
|
||||
return substr(
|
||||
$result,
|
||||
0,
|
||||
(int) $bytes
|
||||
);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user