From 89b6244ed11aa97c65099106dc36d1a87dff1064 Mon Sep 17 00:00:00 2001 From: May Date: Wed, 4 Jan 2023 11:19:29 +0100 Subject: [PATCH 1/2] adding support for seal and open --- src/AESCryptoServiceProvider.php | 68 +++++++++++++++++++++++++- src/RSACryptoServiceProvider.php | 16 ------ tests/RSACryptoServiceProviderTest.php | 19 +++++++ 3 files changed, 86 insertions(+), 17 deletions(-) diff --git a/src/AESCryptoServiceProvider.php b/src/AESCryptoServiceProvider.php index e7d3377..fb9c5df 100644 --- a/src/AESCryptoServiceProvider.php +++ b/src/AESCryptoServiceProvider.php @@ -80,8 +80,12 @@ public function generateKey() * @todo Change return type to string only, throw exception instead * @return bool|string */ - public function generateIV() + public function generateIV(?string $cipher = null) { + if ($cipher != null) { + $this->cipher = strtolower($cipher); + } + if (in_array($this->cipher, openssl_get_cipher_methods())) { if ($ivLength = openssl_cipher_iv_length($this->cipher)) { if ($iv = openssl_random_pseudo_bytes($ivLength)) { @@ -92,6 +96,8 @@ public function generateIV() return $this->iv; } + var_dump('Eroro'); + return false; } @@ -154,4 +160,64 @@ public function decrypt(string $encryptedData): string return $decryptedText; } + + /** + * Seal data using AES-256-CBC and public key + * + * @param string $plain_text + * @param RSAParameters $rSAParameters + * @return array Sealed data [1] and encrypted key [0] + */ + public function seal(string $plain_text, RSAParameters $rSAParameters, bool $humanReadableData = false): array + { + $this->generateIV('aes-256-cbc'); + + openssl_seal($plain_text, $sealed_data, $ekeys, [$rSAParameters->getPublicKey()], 'aes-256-cbc', $this->iv); + + $sealed_data = $this->iv . $sealed_data; + + if ($humanReadableData) { + return [ + base64_encode($ekeys[0]), + base64_encode($sealed_data) + ]; + }; + + return [ + $ekeys[0], + $sealed_data + ]; + } + + /** + * open function using AES-256-CBC and private key + * + * @param string $sealed_data + * @param string $ekeys + * @param RSAParameters $rSAParameters + * @return string Opened data + */ + public function open(string $sealed_data, string $ekeys, RSAParameters $rSAParameters): string + { + if (preg_match('/^[a-zA-Z0-9\/\r\n+]*={0,2}$/', $sealed_data)) { + $sealed_data = base64_decode($sealed_data); + } + + if (preg_match('/^[a-zA-Z0-9\/\r\n+]*={0,2}$/', $ekeys)) { + $ekeys = base64_decode($ekeys); + } + + if ($ivLength = openssl_cipher_iv_length('aes-256-cbc')) { + $iv_len = $ivLength; + } else { + throw new IvGenerateException(); + } + + $iv = substr($sealed_data, 0, $iv_len); + $encryptedData = substr($sealed_data, $iv_len); + + openssl_open($encryptedData, $open_data, $ekeys, $rSAParameters->getPrivateKey(), 'aes-256-cbc', $iv); + + return $open_data; + } } diff --git a/src/RSACryptoServiceProvider.php b/src/RSACryptoServiceProvider.php index 1fb544c..509fdd8 100644 --- a/src/RSACryptoServiceProvider.php +++ b/src/RSACryptoServiceProvider.php @@ -72,22 +72,6 @@ public function publicDecrypt(string $encryptedText): string return $plainText; } - /** - * @param string $plain_text - * @return string - */ - protected function seal(string $plain_text): string - { - //openssl_open($plain_text, $sealed_data, $ekeys, [$this->parameters->getPrivateKey()]) - - throw new NotImplementedException(); - } - - protected function open(): string - { - throw new NotImplementedException(); - } - /** * Sign data with key and return signature * diff --git a/tests/RSACryptoServiceProviderTest.php b/tests/RSACryptoServiceProviderTest.php index 48d2f0f..b80f9b5 100644 --- a/tests/RSACryptoServiceProviderTest.php +++ b/tests/RSACryptoServiceProviderTest.php @@ -2,6 +2,7 @@ namespace MayMeow\Cryptography\Tests; +use MayMeow\Cryptography\AESCryptoServiceProvider; use MayMeow\Cryptography\RSACryptoServiceProvider; use MayMeow\Cryptography\RSAParameters; use PHPUnit\Framework\TestCase; @@ -21,4 +22,22 @@ public function canEncryptAndDecryptText() $this->assertEquals($plainText, $rsa->decrypt($encryptedTest)); } + + /** @test */ + public function canSealData() + { + $plainText = "This is going"; + $parameters = new RSAParameters(); + $parameters->generateKeys("passphrase"); + + $rsa = new RSACryptoServiceProvider(); + $rsa->setParameters($parameters); + + $aes = new AESCryptoServiceProvider(); + + $sealed = $aes->seal($plainText, $parameters, humanReadableData: true); + $opened = $aes->open($sealed[1], $sealed[0], $parameters); + + $this->assertEquals($plainText, $opened); + } } \ No newline at end of file From 50564ff56670c4dddce889662d3d28b28b600370 Mon Sep 17 00:00:00 2001 From: May Date: Wed, 4 Jan 2023 11:23:56 +0100 Subject: [PATCH 2/2] add documentation --- src/AESCryptoServiceProvider.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/AESCryptoServiceProvider.php b/src/AESCryptoServiceProvider.php index fb9c5df..5b975b2 100644 --- a/src/AESCryptoServiceProvider.php +++ b/src/AESCryptoServiceProvider.php @@ -164,9 +164,13 @@ public function decrypt(string $encryptedData): string /** * Seal data using AES-256-CBC and public key * + * Sealed data are array that contains encrypted data [1] and encrypted key [0] + * encrypted data also contains IV + * * @param string $plain_text * @param RSAParameters $rSAParameters - * @return array Sealed data [1] and encrypted key [0] + * @param bool $humanReadableData whether to return base64 encoded data + * @return array Sealed data */ public function seal(string $plain_text, RSAParameters $rSAParameters, bool $humanReadableData = false): array { @@ -215,7 +219,7 @@ public function open(string $sealed_data, string $ekeys, RSAParameters $rSAParam $iv = substr($sealed_data, 0, $iv_len); $encryptedData = substr($sealed_data, $iv_len); - + openssl_open($encryptedData, $open_data, $ekeys, $rSAParameters->getPrivateKey(), 'aes-256-cbc', $iv); return $open_data;