public static function encrypt($data, $password, $IV, $AAD)
{
if (self::useOpenSSL()) {
$method = self::getMethod($password);
$encrypt = openssl_encrypt($data, $method, $password, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, $IV, $tag, $AAD);
} else {
if (self::useSO()) {
try {
$cipher = \Crypto\Cipher::aes(\Crypto\Cipher::MODE_GCM, self::bitLen($password));
$cipher->setAAD($AAD);
$encrypt = $cipher->encrypt($data, $password, $IV);
$tag = $cipher->getTag();
} catch (\Exception $e) {
//echo $e->getMessage();
return false;
}
} else {
try {
list($encrypt, $tag) = AESGCM::encrypt($password, $IV, $data, $AAD);
} catch (\Exception $e) {
//echo $e->getMessage();
return false;
}
}
}
return $encrypt . $tag;
}
/**
* {@inheritdoc}
*/
public function encryptContent($data, $cek, $iv, $aad, $encoded_protected_header, &$tag)
{
$calculated_aad = $encoded_protected_header;
if (null !== $aad) {
$calculated_aad .= '.' . $aad;
}
list($cyphertext, $tag) = GCM::encrypt($cek, $iv, $data, $calculated_aad);
return $cyphertext;
}
/**
* {@inheritdoc}
*/
public function wrapKey(JWKInterface $key, $cek, array $complete_headers, array &$additional_headers)
{
$this->checkKey($key);
$kek = Base64Url::decode($key->get('k'));
$iv = random_bytes(96 / 8);
$additional_headers['iv'] = Base64Url::encode($iv);
list($encrypted_cek, $tag) = AESGCM::encrypt($kek, $iv, $cek, null);
$additional_headers['tag'] = Base64Url::encode($tag);
return $encrypted_cek;
}
/**
* @param string $payload With padding
* @param string $userPublicKey Base 64 encoded (MIME or URL-safe)
* @param string $userAuthToken Base 64 encoded (MIME or URL-safe)
* @param bool $nativeEncryption Use OpenSSL (>PHP7.1)
*
* @return array
*/
public static function encrypt($payload, $userPublicKey, $userAuthToken, $nativeEncryption)
{
$userPublicKey = Base64Url::decode($userPublicKey);
$userAuthToken = Base64Url::decode($userAuthToken);
// initialize utilities
$math = EccFactory::getAdapter();
$pointSerializer = new UncompressedPointSerializer($math);
$generator = EccFactory::getNistCurves()->generator256();
$curve = EccFactory::getNistCurves()->curve256();
// get local key pair
$localPrivateKeyObject = $generator->createPrivateKey();
$localPublicKeyObject = $localPrivateKeyObject->getPublicKey();
$localPublicKey = hex2bin($pointSerializer->serialize($localPublicKeyObject->getPoint()));
// get user public key object
$pointUserPublicKey = $pointSerializer->unserialize($curve, bin2hex($userPublicKey));
$userPublicKeyObject = $generator->getPublicKeyFrom($pointUserPublicKey->getX(), $pointUserPublicKey->getY(), $generator->getOrder());
// get shared secret from user public key and local private key
$sharedSecret = hex2bin($math->decHex(gmp_strval($userPublicKeyObject->getPoint()->mul($localPrivateKeyObject->getSecret())->getX())));
// generate salt
$salt = openssl_random_pseudo_bytes(16);
// section 4.3
$ikm = !empty($userAuthToken) ? self::hkdf($userAuthToken, $sharedSecret, 'Content-Encoding: auth' . chr(0), 32) : $sharedSecret;
// section 4.2
$context = self::createContext($userPublicKey, $localPublicKey);
// derive the Content Encryption Key
$contentEncryptionKeyInfo = self::createInfo('aesgcm', $context);
$contentEncryptionKey = self::hkdf($salt, $ikm, $contentEncryptionKeyInfo, 16);
// section 3.3, derive the nonce
$nonceInfo = self::createInfo('nonce', $context);
$nonce = self::hkdf($salt, $ikm, $nonceInfo, 12);
// encrypt
// "The additional data passed to each invocation of AEAD_AES_128_GCM is a zero-length octet sequence."
if (!$nativeEncryption) {
list($encryptedText, $tag) = \AESGCM\AESGCM::encrypt($contentEncryptionKey, $nonce, $payload, '');
} else {
$encryptedText = openssl_encrypt($payload, 'aes-128-gcm', $contentEncryptionKey, OPENSSL_RAW_DATA, $nonce, $tag);
// base 64 encoded
}
// return values in url safe base64
return array('localPublicKey' => Base64Url::encode($localPublicKey), 'salt' => Base64Url::encode($salt), 'cipherText' => $encryptedText . $tag);
}
