public function testEncodeDecodeEquivalencyTwoBytes()
{
for ($b1 = 0; $b1 < 256; $b1++) {
for ($b2 = 0; $b2 < 256; $b2++) {
$str = \pack('C', $b1) . \pack('C', $b2);
$encode_a = Encoding::binToHex($str);
$encode_b = \bin2hex($str);
$this->assertSame($encode_b, $encode_a);
$decode_a = Encoding::hexToBin($encode_a);
$decode_b = \hex2bin($encode_b);
$this->assertSame($decode_b, $decode_a);
$this->assertSame($str, $decode_b);
}
}
}
/**
* Encrypts a string with either a key or a password.
*
* @param string $plaintext
* @param KeyOrPassword $secret
* @param bool $raw_binary
*
* @return string
*/
private static function encryptInternal($plaintext, KeyOrPassword $secret, $raw_binary)
{
RuntimeTests::runtimeTest();
$salt = Core::secureRandom(Core::SALT_BYTE_SIZE);
$keys = $secret->deriveKeys($salt);
$ekey = $keys->getEncryptionKey();
$akey = $keys->getAuthenticationKey();
$iv = Core::secureRandom(Core::BLOCK_BYTE_SIZE);
$ciphertext = Core::CURRENT_VERSION . $salt . $iv . self::plainEncrypt($plaintext, $ekey, $iv);
$auth = \hash_hmac(Core::HASH_FUNCTION_NAME, $ciphertext, $akey, true);
$ciphertext = $ciphertext . $auth;
if ($raw_binary) {
return $ciphertext;
}
return Encoding::binToHex($ciphertext);
}
/**
* INTERNAL USE ONLY: Applies a version header, applies a checksum, and
* then encodes a byte string into a range of printable ASCII characters.
*
* @param string $header
* @param string $bytes
*
* @throws \Defuse\Crypto\Exception\EnvironmentIsBrokenException
*
* @return string
*/
public static function saveBytesToChecksummedAsciiSafeString($header, $bytes)
{
// Headers must be a constant length to prevent one type's header from
// being a prefix of another type's header, leading to ambiguity.
if (Core::ourStrlen($header) !== self::SERIALIZE_HEADER_BYTES) {
throw new Ex\EnvironmentIsBrokenException('Header must be ' . self::SERIALIZE_HEADER_BYTES . ' bytes.');
}
return Encoding::binToHex($header . $bytes . \hash(self::CHECKSUM_HASH_ALGO, $header . $bytes, true));
}
/**
* Encrypts a message.
*
* $plaintext is the message to encrypt.
* $key is the encryption key, a value generated by CreateNewRandomKey().
* You MUST catch exceptions thrown by this function. Read the docs.
*
* @param string $plaintext
* @param string $key
* @param boolean $raw_binary
* @return string
* @throws Ex\CannotPerformOperationException
* @throws Ex\CryptoTestFailedException
*/
public static function encrypt($plaintext, $key, $raw_binary = false)
{
RuntimeTests::runtimeTest();
/* Attempt to validate that the key was generated safely. */
if (!is_a($key, "\\Defuse\\Crypto\\Key")) {
throw new Ex\CannotPerformOperationException("The given key is not a valid Key object.");
}
$key = $key->getRawBytes();
$config = self::getVersionConfigFromHeader(Core::CURRENT_VERSION, Core::CURRENT_VERSION);
if (Core::ourStrlen($key) !== $config->keyByteSize()) {
throw new Ex\CannotPerformOperationException("Key is the wrong size.");
}
$salt = Core::secureRandom($config->saltByteSize());
// Generate a sub-key for encryption.
$ekey = Core::HKDF($config->hashFunctionName(), $key, $config->keyByteSize(), $config->encryptionInfoString(), $salt, $config);
// Generate a sub-key for authentication and apply the HMAC.
$akey = Core::HKDF($config->hashFunctionName(), $key, $config->keyByteSize(), $config->authenticationInfoString(), $salt, $config);
// Generate a random initialization vector.
Core::ensureFunctionExists("openssl_cipher_iv_length");
$ivsize = \openssl_cipher_iv_length($config->cipherMethod());
if ($ivsize === false || $ivsize <= 0) {
throw new Ex\CannotPerformOperationException("Could not get the IV length from OpenSSL");
}
$iv = Core::secureRandom($ivsize);
$ciphertext = $salt . $iv . self::plainEncrypt($plaintext, $ekey, $iv, $config);
$auth = \hash_hmac($config->hashFunctionName(), Core::CURRENT_VERSION . $ciphertext, $akey, true);
// We're now appending the header as of 2.00
$ciphertext = Core::CURRENT_VERSION . $auth . $ciphertext;
if ($raw_binary) {
return $ciphertext;
}
return Encoding::binToHex($ciphertext);
}
public function saveToAsciiSafeString()
{
return Encoding::binToHex($this->key_version_header . $this->key_bytes . hash($this->config->checksumHashFunction(), $this->key_version_header . $this->key_bytes, true));
}
