/**
* Decrypts and unserialize the given binary string, assumed to be a result
* of the addInternal method (i.e the content of a kphpdb file). Returns the
* result (an array), or false if something went wrong (bad password, bad
* binary string).
* @param string $bin The binary string to decrypt and unserialize.
* @param string $pwd The internal password to use as key.
* @return boolean|array Returns false if something went wrong, an array
* with the decrypted and unserialized data otherwise.
*/
private static function decryptUnserialize($bin, $pwd)
{
if ($bin == null || strlen($bin) < self::IV_SIZE) {
return false;
}
$iv = substr($bin, 0, self::IV_SIZE);
$key = hash('SHA256', $pwd, true);
$cipher = new CipherMcrypt(MCRYPT_RIJNDAEL_256, 'cfb', $key, $iv, CipherMcrypt::PK7_PADDING);
$plain = $cipher->decrypt(substr($bin, self::IV_SIZE));
$cipher->unload();
return @unserialize($plain);
}
/**
* Returns as a binary string the final AES key used for decrypting
* the database file, computed from the seeds and the master composite key.
* @return string
*/
private function transformKey()
{
$seed = $this->header->transformSeed;
$keyHash = $this->key->getHash();
/// does not yet support the case rounds >> 2**31
$rounds = $this->header->rounds->asInt();
$AESEncryptor = new CipherMcrypt(CipherMcrypt::AES128, 'ecb', $seed);
$AESEncryptor->load();
for ($i = 0; $i < $rounds; $i++) {
$keyHash = $AESEncryptor->encrypt($keyHash);
}
$AESEncryptor->unload();
$finalKey = HashHouse::hash($keyHash);
$aesKey = HashHouse::hash($this->header->masterSeed . $finalKey);
return $aesKey;
}
