public static function decrypt($ciphertext, $key)
{
// Extract MAC and IV from the remainder of the ciphertext
$mac = substr($ciphertext, 0, self::ENCRYPTION_MAC_SIZE);
$iv = substr($ciphertext, self::ENCRYPTION_MAC_SIZE, self::ENCRYPTION_BLOCK_SIZE);
$ciphertext = substr($ciphertext, self::ENCRYPTION_MAC_SIZE + self::ENCRYPTION_BLOCK_SIZE);
// Validate MAC
$mac_key = self::_defuseCompatibleHKDF($key, self::ENCRYPTION_MAC_INFO);
$mac_compare = hash_hmac(self::ENCRYPTION_MAC_ALGO, $iv . $ciphertext, $mac_key, true);
if (!Rhymix\Framework\Security::compareStrings($mac, $mac_compare)) {
return false;
}
// Generate subkey for encryption
$enc_key = self::_defuseCompatibleHKDF($key, self::ENCRYPTION_KEY_INFO);
// Decrypt the ciphertext
$mcrypt_method = str_replace('aes', 'rijndael', self::ENCRYPTION_ALGO);
$plaintext = @mcrypt_decrypt($mcrypt_method, $enc_key, $ciphertext, self::ENCRYPTION_MODE, $iv);
if ($plaintext === false) {
return false;
}
$plaintext = self::_stripPKCS7Padding($plaintext, self::ENCRYPTION_BLOCK_SIZE);
if ($plaintext === false) {
return false;
}
// Return the plaintext
return $plaintext;
}
function strcmpConstantTime($a, $b)
{
return Rhymix\Framework\Security::compareStrings($a, $b);
}
