public function testRuntimeTest()
{
RuntimeTests::runtimeTest();
}
/**
* Decrypts a ciphertext to a string with either a key or a password.
*
* @param string $ciphertext
* @param KeyOrPassword $secret
* @param bool $raw_binary
*
* @throws Ex\EnvironmentIsBrokenException
* @throws Ex\WrongKeyOrModifiedCiphertextException
*
* @return string
*/
private static function decryptInternal($ciphertext, KeyOrPassword $secret, $raw_binary)
{
RuntimeTests::runtimeTest();
if (!$raw_binary) {
try {
$ciphertext = Encoding::hexToBin($ciphertext);
} catch (Ex\BadFormatException $ex) {
throw new Ex\WrongKeyOrModifiedCiphertextException('Ciphertext has invalid hex encoding.');
}
}
if (Core::ourStrlen($ciphertext) < Core::MINIMUM_CIPHERTEXT_SIZE) {
throw new Ex\WrongKeyOrModifiedCiphertextException('Ciphertext is too short.');
}
// Get and check the version header.
$header = Core::ourSubstr($ciphertext, 0, Core::HEADER_VERSION_SIZE);
if ($header !== Core::CURRENT_VERSION) {
throw new Ex\WrongKeyOrModifiedCiphertextException('Bad version header.');
}
// Get the salt.
$salt = Core::ourSubstr($ciphertext, Core::HEADER_VERSION_SIZE, Core::SALT_BYTE_SIZE);
if ($salt === false) {
throw new Ex\EnvironmentIsBrokenException();
}
// Get the IV.
$iv = Core::ourSubstr($ciphertext, Core::HEADER_VERSION_SIZE + Core::SALT_BYTE_SIZE, Core::BLOCK_BYTE_SIZE);
if ($iv === false) {
throw new Ex\EnvironmentIsBrokenException();
}
// Get the HMAC.
$hmac = Core::ourSubstr($ciphertext, Core::ourStrlen($ciphertext) - Core::MAC_BYTE_SIZE, Core::MAC_BYTE_SIZE);
if ($hmac === false) {
throw new Ex\EnvironmentIsBrokenException();
}
// Get the actual encrypted ciphertext.
$encrypted = Core::ourSubstr($ciphertext, Core::HEADER_VERSION_SIZE + Core::SALT_BYTE_SIZE + Core::BLOCK_BYTE_SIZE, Core::ourStrlen($ciphertext) - Core::MAC_BYTE_SIZE - Core::SALT_BYTE_SIZE - Core::BLOCK_BYTE_SIZE - Core::HEADER_VERSION_SIZE);
if ($encrypted === false) {
throw new Ex\EnvironmentIsBrokenException();
}
// Derive the separate encryption and authentication keys from the key
// or password, whichever it is.
$keys = $secret->deriveKeys($salt);
if (self::verifyHMAC($hmac, $header . $salt . $iv . $encrypted, $keys->getAuthenticationKey())) {
$plaintext = self::plainDecrypt($encrypted, $keys->getEncryptionKey(), $iv, Core::CIPHER_METHOD);
return $plaintext;
} else {
throw new Ex\WrongKeyOrModifiedCiphertextException('Integrity check failed.');
}
}
/**
* Decrypts a ciphertext (legacy -- before version tagging)
*
* $ciphertext is the ciphertext to decrypt.
* $key is the key that the ciphertext was encrypted with.
* You MUST catch exceptions thrown by this function. Read the docs.
*
* @param string $ciphertext
* @param string $key
* @return string
* @throws Ex\CannotPerformOperationException
* @throws Ex\CryptoTestFailedException
* @throws Ex\InvalidCiphertextException
*/
public static function legacyDecrypt($ciphertext, $key)
{
RuntimeTests::runtimeTest();
$config = self::getVersionConfigFromHeader(Core::LEGACY_VERSION, Core::LEGACY_VERSION);
// Extract the HMAC from the front of the ciphertext.
if (Core::ourStrlen($ciphertext) <= $config->macByteSize()) {
throw new Ex\InvalidCiphertextException("Ciphertext is too short.");
}
$hmac = Core::ourSubstr($ciphertext, 0, $config->macByteSize());
if ($hmac === false) {
throw new Ex\CannotPerformOperationException();
}
$ciphertext = Core::ourSubstr($ciphertext, $config->macByteSize());
if ($ciphertext === false) {
throw new Ex\CannotPerformOperationException();
}
// Regenerate the same authentication sub-key.
$akey = Core::HKDF($config->hashFunctionName(), $key, $config->keyByteSize(), $config->authenticationInfoString(), null, $config);
if (self::verifyHMAC($hmac, $ciphertext, $akey, $config)) {
// Regenerate the same encryption sub-key.
$ekey = Core::HKDF($config->hashFunctionName(), $key, $config->keyByteSize(), $config->encryptionInfoString(), null, $config);
// Extract the initialization vector from the ciphertext.
Core::EnsureFunctionExists("openssl_cipher_iv_length");
$ivsize = \openssl_cipher_iv_length($config->cipherMethod());
if ($ivsize === false || $ivsize <= 0) {
throw new Ex\CannotPerformOperationException("Could not get the IV length from OpenSSL");
}
if (Core::ourStrlen($ciphertext) <= $ivsize) {
throw new Ex\InvalidCiphertextException("Ciphertext is too short.");
}
$iv = Core::ourSubstr($ciphertext, 0, $ivsize);
if ($iv === false) {
throw new Ex\CannotPerformOperationException();
}
$ciphertext = Core::ourSubstr($ciphertext, $ivsize);
if ($ciphertext === false) {
throw new Ex\CannotPerformOperationException();
}
$plaintext = self::plainDecrypt($ciphertext, $ekey, $iv, $config);
return $plaintext;
} else {
/*
* We throw an exception instead of returning false because we want
* a script that doesn't handle this condition to CRASH, instead
* of thinking the ciphertext decrypted to the value false.
*/
throw new Ex\InvalidCiphertextException("Integrity check failed.");
}
}
