Bitrix-D7
23.9
Загрузка...
Поиск...
Не найдено
cipher.php
1
<?php
8
namespace
Bitrix\Main\Security
;
9
10
class
Cipher
11
{
12
protected
$cipherAlgorithm
;
13
protected
$hashAlgorithm
;
14
protected
$ivLength
;
15
protected
$calculateHash
;
16
24
public
function
__construct
(
$cipherAlgorithm
=
'aes-256-ctr'
,
$hashAlgorithm
=
'sha256'
,
$calculateHash
=
true
)
25
{
26
if
(!function_exists(
'openssl_get_cipher_methods'
))
27
{
28
throw
new
SecurityException
(
"Openssl extension is not available."
);
29
}
30
if
(!in_array(
$cipherAlgorithm
, openssl_get_cipher_methods(
true
)))
31
{
32
throw
new
SecurityException
(
"Unknown cipher algorithm {$cipherAlgorithm}."
);
33
}
34
if
(!in_array(
$hashAlgorithm
, openssl_get_md_methods(
true
)))
35
{
36
throw
new
SecurityException
(
"Unknown hash algorithm {$hashAlgorithm}."
);
37
}
38
39
$this->cipherAlgorithm =
$cipherAlgorithm
;
40
$this->hashAlgorithm =
$hashAlgorithm
;
41
$this->ivLength = openssl_cipher_iv_length(
$cipherAlgorithm
);
42
$this->calculateHash = (bool)
$calculateHash
;
43
}
44
52
public
function
encrypt
($data, $key)
53
{
54
// Initialisation vector: it MUST be different every time
55
$iv = openssl_random_pseudo_bytes($this->ivLength, $strong);
56
if
(!$strong)
57
{
58
throw
new
SecurityException
(
"Not a strong initialisation vector."
);
59
}
60
61
// Hash the key: we shouldn't use the password itself, it can be weak
62
$keyHash = openssl_digest($iv.$key, $this->hashAlgorithm,
true
);
63
64
if
($this->calculateHash)
65
{
66
//store the hash to check on reading
67
$dataHash = openssl_digest($data, $this->hashAlgorithm,
true
);
68
$data = $dataHash.$data;
69
}
70
71
// Encrypt the data
72
$encrypted = openssl_encrypt($data, $this->cipherAlgorithm, $keyHash, OPENSSL_RAW_DATA, $iv);
73
if
($encrypted ===
false
)
74
{
75
throw
new
SecurityException
(
"Encryption failed: "
.openssl_error_string());
76
}
77
78
// Store IV with encrypted data to use it for decryption
79
$res = $iv.$encrypted;
80
81
return
$res;
82
}
83
91
public
function
decrypt
($data, $key)
92
{
93
// Extract the initialisation vector and encrypted data
94
$iv = substr($data, 0, $this->ivLength);
95
$raw = substr($data, $this->ivLength);
96
97
// Hash the key
98
$keyHash = openssl_digest($iv.$key, $this->hashAlgorithm,
true
);
99
100
// Decrypt
101
$result = openssl_decrypt($raw, $this->cipherAlgorithm, $keyHash, OPENSSL_RAW_DATA, $iv);
102
if
($result ===
false
)
103
{
104
throw
new
SecurityException
(
"Decryption failed: "
.openssl_error_string());
105
}
106
107
if
($this->calculateHash)
108
{
109
//extract the hash and decrypted data
110
$length = strlen($keyHash);
111
$hash = substr($result, 0, $length);
112
$result = substr($result, $length);
113
114
//check the hash: may be the crypto key has changed? It shouldn't.
115
$dataHash = openssl_digest($result, $this->hashAlgorithm,
true
);
116
if
($dataHash !== $hash)
117
{
118
throw
new
SecurityException
(
"The hash is incorrect: the data was corrupted or a wrong key was supplied."
);
119
}
120
}
121
return
$result;
122
}
123
}
Bitrix\Main\Security\Cipher
Definition
cipher.php:11
Bitrix\Main\Security\Cipher\decrypt
decrypt($data, $key)
Definition
cipher.php:91
Bitrix\Main\Security\Cipher\$ivLength
$ivLength
Definition
cipher.php:14
Bitrix\Main\Security\Cipher\__construct
__construct($cipherAlgorithm='aes-256-ctr', $hashAlgorithm='sha256', $calculateHash=true)
Definition
cipher.php:24
Bitrix\Main\Security\Cipher\$hashAlgorithm
$hashAlgorithm
Definition
cipher.php:13
Bitrix\Main\Security\Cipher\$calculateHash
$calculateHash
Definition
cipher.php:15
Bitrix\Main\Security\Cipher\encrypt
encrypt($data, $key)
Definition
cipher.php:52
Bitrix\Main\Security\Cipher\$cipherAlgorithm
$cipherAlgorithm
Definition
cipher.php:12
Bitrix\Main\Security\SecurityException
Definition
securityexception.php:5
Bitrix\Main\Security
Definition
asymmetriccipher.php:8
modules
main
lib
security
cipher.php
Создано системой
1.10.0
1.10.0