/**
* {@inheritdoc}
*/
public function decryptContent($data, $cek, $iv, $aad, $encoded_protected_header, $tag)
{
$calculated_aad = $encoded_protected_header;
if (null !== $aad) {
$calculated_aad .= '.' . $aad;
}
if (version_compare(PHP_VERSION, '7.1.0') >= 0) {
return openssl_decrypt($data, $this->getMode($cek), $cek, OPENSSL_RAW_DATA, $iv, $tag, $calculated_aad);
} elseif (class_exists('\\Crypto\\Cipher')) {
$cipher = Cipher::aes(Cipher::MODE_GCM, $this->getKeySize());
$cipher->setTag($tag);
$cipher->setAAD($calculated_aad);
$plaintext = $cipher->decrypt($data, $cek, $iv);
return $plaintext;
}
return GCM::decrypt($cek, $iv, $data, $calculated_aad, $tag);
}
/**
* @param \Jose\Object\JWKInterface $key
* @param string $encryted_cek
* @param array $header
*
* @return mixed
*/
public function decryptKey(JWKInterface $key, $encryted_cek, array $header)
{
$this->checkKey($key);
$this->checkAdditionalParameters($header);
$cipher = Cipher::aes(Cipher::MODE_GCM, $this->getKeySize());
$cipher->setTag(Base64Url::decode($header['tag']));
$cipher->setAAD(null);
$cek = $cipher->decrypt($encryted_cek, Base64Url::decode($key->get('k')), Base64Url::decode($header['iv']));
return $cek;
}
/**
* Decrypt ciphertext using AES cipher with GCM mode and 256 bit key
* @param string $ct Ciphertext
* @param string $key Key
* @param string $iv Initial vector
* @param string $aad Additional application data
* @param string $tag Authentication tag
* @return string Plaintext
* @throw Crypto\AlgorithmException if any of the method fails
*/
function gcm_decrypt($ct, $key, $iv, $aad, $tag)
{
echo "------- DECRYPTION -------\n";
echo "Ciphertext: " . bin2hex($ct) . PHP_EOL;
$cipher = Cipher::aes(Cipher::MODE_GCM, 256);
$cipher->setTag($tag);
$cipher->setAAD($aad);
$pt = $cipher->decrypt($ct, $key, $iv);
echo "Plaintext: " . bin2hex($pt) . PHP_EOL;
}
/**
* {@inheritdoc}
*/
public function decryptContent($data, $cek, $iv, $aad, $encoded_protected_header, $tag)
{
$cipher = Cipher::aes(Cipher::MODE_GCM, $this->getKeySize());
$calculated_aad = $encoded_protected_header;
if (null !== $aad) {
$calculated_aad .= '.' . $aad;
}
$cipher->setTag($tag);
$cipher->setAAD($calculated_aad);
$plaintext = $cipher->decrypt($data, $cek, $iv);
return $plaintext;
}
/**
* {@inheritdoc}
*/
public function unwrapKey(JWKInterface $key, $encrypted_cek, array $header)
{
$this->checkKey($key);
$this->checkAdditionalParameters($header);
$kek = Base64Url::decode($key->get('k'));
$tag = Base64Url::decode($header['tag']);
$iv = Base64Url::decode($header['iv']);
if (version_compare(PHP_VERSION, '7.1.0') >= 0) {
return openssl_decrypt($encrypted_cek, $this->getMode($kek), $kek, OPENSSL_RAW_DATA, $iv, $tag, null);
} elseif (class_exists('\\Crypto\\Cipher')) {
$cipher = Cipher::aes(Cipher::MODE_GCM, $this->getKeySize());
$cipher->setTag($tag);
$cipher->setAAD(null);
$cek = $cipher->decrypt($encrypted_cek, $kek, $iv);
return $cek;
}
return AESGCM::decrypt($kek, $iv, $encrypted_cek, null, $tag);
}
$iv = str_repeat('i', $iv_len);
// Test data
$data1 = "Test";
$data2 = "Data";
$data = $data1 . $data2;
// Simple encryption
$sim_ct = $cipher->encrypt($data, $key, $iv);
// init/update/finish encryption
$cipher->encryptInit($key, $iv);
$iuf_ct = $cipher->encryptUpdate($data1);
$iuf_ct .= $cipher->encryptUpdate($data2);
$iuf_ct .= $cipher->encryptFinish();
// Raw data output (used base64 format for printing)
echo "Ciphertext (sim): " . base64_encode($sim_ct) . PHP_EOL;
echo "Ciphertext (iuf): " . base64_encode($iuf_ct) . PHP_EOL;
// $iuf_out == $sim_out
$ct = $sim_ct;
// Another way how to create a new cipher object (using the same algorithm and mode)
$cipher = Cipher::aes(Cipher::MODE_CBC, 256);
// Simple decryption
$sim_text = $cipher->decrypt($ct, $key, $iv);
// init/update/finish decryption
$cipher->decryptInit($key, $iv);
$iuf_text = $cipher->decryptUpdate($ct);
$iuf_text .= $cipher->decryptFinish();
// Raw data output ($iuf_out == $sim_out)
echo "Text (sim): " . $sim_text . PHP_EOL;
echo "Text (iuf): " . $iuf_text . PHP_EOL;
} catch (AlgorithmException $e) {
echo $e->getMessage() . PHP_EOL;
}
public static function decrypt($encData, $password, $IV, $AAD)
{
/*
* https://tools.ietf.org/html/rfc5116#section-5.1
*
* An authentication tag with a length of 16 octets (128
* bits) is used. The AEAD_AES_128_GCM ciphertext is formed by
* appending the authentication tag provided as an output to the GCM
* encryption operation to the ciphertext that is output by that
* operation.
*
* ciphertext is exactly 16 octets longer than its
* corresponding plaintext.
*/
if (strlen($encData) < self::TAG_LEN) {
return false;
}
// Get the tag appended to cipher text
$tag = substr($encData, strlen($encData) - self::TAG_LEN, self::TAG_LEN);
// Resize the cipher text
$encData = substr($encData, 0, strlen($encData) - self::TAG_LEN);
if (self::useOpenSSL()) {
$method = self::getMethod($password);
$data = openssl_decrypt($encData, $method, $password, OPENSSL_RAW_DATA, $IV, $tag, $AAD);
} else {
if (self::useSO()) {
try {
$cipher = \Crypto\Cipher::aes(\Crypto\Cipher::MODE_GCM, self::bitLen($password));
$cipher->setTag($tag);
$cipher->setAAD($AAD);
$data = $cipher->decrypt($encData, $password, $IV);
} catch (\Exception $e) {
return false;
}
} else {
try {
$data = AESGCM::decrypt($password, $IV, $encData, $AAD, $tag);
} catch (\Exception $e) {
//echo $e->getMessage();
return false;
}
}
}
return $data;
}
/**
* @param string $K Key encryption key
* @param string $key_length Key length
* @param string $IV Initialization vector
* @param string|null $C Data to encrypt (null for authentication)
* @param string|null $A Additional Authentication Data
* @param string $T Tag
* @param int $tag_length Tag length
*
* @return string
*/
private static function decryptWithCryptoExtension($K, $key_length, $IV, $C, $A, $T, $tag_length = 128)
{
$cipher = \Crypto\Cipher::aes(\Crypto\Cipher::MODE_GCM, $key_length);
$cipher->setTag($T);
$cipher->setAAD($A);
$cipher->setTagLength($tag_length / 8);
return $cipher->decrypt($C, $K, $IV);
}