/** * Decrypt a string. * * @param string $text The content for the decryption. * * @return string The decrypted string */ public function Decrypt($text) { $text = $this->splitText($text); // Set the iv. $this->aes->setIV($text[0]); // Decrypt. return $this->aes->decrypt($text[1]); }
public static function decrypt($data, $k, $iv) { $aes = new AES(MCRYPT_MODE_CBC); $aes->setKey($k); $aes->setIV($iv); return $aes->decrypt($data); }
/** * Process the launchkey option to prepare for usage within the plugin. The option will have encrypted attributes * decrypted as well as set default values for any missing or unset attributes. * * @since 1.0.0 * * @param $input * * @return array */ public function post_get_option_filter($input) { // Define the defaults for attributes $defaults = static::get_defaults(); // If the input is empty (null) set it to an empty array $input ?: array(); // Merge the input array over the defaults array to set any know data to the response $output = array_merge($defaults, $input); // If the secret key attribute is not empty, decrypt it if (!empty($input[LaunchKey_WP_Options::OPTION_SECRET_KEY])) { $key = md5($input[LaunchKey_WP_Options::OPTION_SECRET_KEY]); if (empty($this->cache[$key])) { /** * Use the rocket key as the IV. If null, use the static value. * @link https://docs.launchkey.com/glossary.html#term-iv */ $iv = empty($output[LaunchKey_WP_Options::OPTION_ROCKET_KEY]) ? static::STATIC_IV : $output[LaunchKey_WP_Options::OPTION_ROCKET_KEY]; $this->crypt_aes->setIV($iv); /** * Decrypt the Base64 decoded string and set it as the output value * @link https://docs.launchkey.com/glossary.html#term-base64 */ $this->cache[$key] = $this->crypt_aes->decrypt(base64_decode($input[LaunchKey_WP_Options::OPTION_SECRET_KEY])); } $output[LaunchKey_WP_Options::OPTION_SECRET_KEY] = $this->cache[$key]; } // If the private key attribute is not empty, decrypt it if (!empty($input[LaunchKey_WP_Options::OPTION_PRIVATE_KEY])) { $key = md5($input[LaunchKey_WP_Options::OPTION_PRIVATE_KEY]); if (empty($this->cache[$key])) { /** * Use the decrypted secret key as the IV. If null, use the static value. * @link https://docs.launchkey.com/glossary.html#term-iv */ $iv = empty($output[LaunchKey_WP_Options::OPTION_SECRET_KEY]) ? static::STATIC_IV : $output[LaunchKey_WP_Options::OPTION_SECRET_KEY]; $this->crypt_aes->setIV($iv); /** * Decrypt the Base64 decoded string and set it as the output value * @link https://docs.launchkey.com/glossary.html#term-base64 * * We are suppressing errors as */ $this->cache[$key] = @$this->crypt_aes->decrypt(base64_decode($input[LaunchKey_WP_Options::OPTION_PRIVATE_KEY])); } $output[LaunchKey_WP_Options::OPTION_PRIVATE_KEY] = $this->cache[$key]; } return $output; }
/** * Decrypts a value and verifies the HMAC (Encrypt-Then-Mac) * @param string $authenticatedCiphertext * @param string $password Password to encrypt, if not specified the secret from config.php will be taken * @return string plaintext * @throws \Exception If the HMAC does not match */ public function decrypt($authenticatedCiphertext, $password = '') { if ($password === '') { $password = $this->config->getSystemValue('secret'); } $this->cipher->setPassword($password); $parts = explode('|', $authenticatedCiphertext); if (sizeof($parts) !== 3) { throw new \Exception('Authenticated ciphertext could not be decoded.'); } $ciphertext = hex2bin($parts[0]); $iv = $parts[1]; $hmac = hex2bin($parts[2]); $this->cipher->setIV($iv); if (!hash_equals($this->calculateHMAC($parts[0] . $parts[1], $password), $hmac)) { throw new \Exception('HMAC does not match.'); } return $this->cipher->decrypt($ciphertext); }
/** * Decryption using openssl's AES or phpseclib's AES * (phpseclib uses mcrypt when it is available) * * @param string $encdata encrypted data * @param string $secret the secret * * @return string original data */ public function cookieDecrypt($encdata, $secret) { if (is_null($this->_cookie_iv)) { $this->_cookie_iv = base64_decode($_COOKIE['pma_iv-' . $GLOBALS['server']], true); } if (mb_strlen($this->_cookie_iv, '8bit') < $this->getIVSize()) { $this->createIV(); } if (self::useOpenSSL()) { return openssl_decrypt($encdata, 'AES-128-CBC', $secret, 0, $this->_cookie_iv); } else { $cipher = new Crypt\AES(Crypt\Base::MODE_CBC); $cipher->setIV($this->_cookie_iv); $cipher->setKey($secret); return $cipher->decrypt(base64_decode($encdata)); } }
/** * Convert a private key to the appropriate format. * * @access public * @param \phpseclib\Math\BigInteger $n * @param \phpseclib\Math\BigInteger $e * @param \phpseclib\Math\BigInteger $d * @param array $primes * @param array $exponents * @param array $coefficients * @param string $password optional * @return string */ static function savePrivateKey(BigInteger $n, BigInteger $e, BigInteger $d, $primes, $exponents, $coefficients, $password = '') { if (count($primes) != 2) { return false; } $raw = array('modulus' => $n->toBytes(true), 'publicExponent' => $e->toBytes(true), 'privateExponent' => $d->toBytes(true), 'prime1' => $primes[1]->toBytes(true), 'prime2' => $primes[2]->toBytes(true), 'exponent1' => $exponents[1]->toBytes(true), 'exponent2' => $exponents[2]->toBytes(true), 'coefficient' => $coefficients[2]->toBytes(true)); $key = "PuTTY-User-Key-File-2: ssh-rsa\r\nEncryption: "; $encryption = !empty($password) || is_string($password) ? 'aes256-cbc' : 'none'; $key .= $encryption; $key .= "\r\nComment: " . self::$comment . "\r\n"; $public = pack('Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($raw['publicExponent']), $raw['publicExponent'], strlen($raw['modulus']), $raw['modulus']); $source = pack('Na*Na*Na*Na*', strlen('ssh-rsa'), 'ssh-rsa', strlen($encryption), $encryption, strlen(self::$comment), self::$comment, strlen($public), $public); $public = Base64::encode($public); $key .= "Public-Lines: " . (strlen($public) + 63 >> 6) . "\r\n"; $key .= chunk_split($public, 64); $private = pack('Na*Na*Na*Na*', strlen($raw['privateExponent']), $raw['privateExponent'], strlen($raw['prime1']), $raw['prime1'], strlen($raw['prime2']), $raw['prime2'], strlen($raw['coefficient']), $raw['coefficient']); if (empty($password) && !is_string($password)) { $source .= pack('Na*', strlen($private), $private); $hashkey = 'putty-private-key-file-mac-key'; } else { $private .= Random::string(16 - (strlen($private) & 15)); $source .= pack('Na*', strlen($private), $private); $crypto = new AES(); $crypto->setKey(static::generateSymmetricKey($password, 32)); $crypto->setIV(str_repeat("", $crypto->getBlockLength() >> 3)); $crypto->disablePadding(); $private = $crypto->encrypt($private); $hashkey = 'putty-private-key-file-mac-key' . $password; } $private = Base64::encode($private); $key .= 'Private-Lines: ' . (strlen($private) + 63 >> 6) . "\r\n"; $key .= chunk_split($private, 64); $hash = new Hash('sha1'); $hash->setKey(sha1($hashkey, true)); $key .= 'Private-MAC: ' . Hex::encode($hash->hash($source)) . "\r\n"; return $key; }
/** * Decryption using openssl's AES or phpseclib's AES * (phpseclib uses mcrypt when it is available) * * @param string $encdata encrypted data * @param string $secret the secret * * @return string|bool original data, false on error */ public function cookieDecrypt($encdata, $secret) { $data = json_decode($encdata, true); if (!is_array($data) || !isset($data['mac']) || !isset($data['iv']) || !isset($data['payload']) || !is_string($data['mac']) || !is_string($data['iv']) || !is_string($data['payload'])) { return false; } $mac_secret = $this->getMACSecret($secret); $aes_secret = $this->getAESSecret($secret); $newmac = hash_hmac('sha1', $data['iv'] . $data['payload'], $mac_secret); if (!hash_equals($data['mac'], $newmac)) { return false; } if (self::useOpenSSL()) { return openssl_decrypt($data['payload'], 'AES-128-CBC', $secret, 0, base64_decode($data['iv'])); } else { $cipher = new Crypt\AES(Crypt\Base::MODE_CBC); $cipher->setIV(base64_decode($data['iv'])); $cipher->setKey($aes_secret); return $cipher->decrypt(base64_decode($data['payload'])); } }
public function testGFSBox256() { $aes = new AES(); $aes->setKey(pack('H*', '00000000000000000000000000000000' . '00000000000000000000000000000000')); $aes->setIV(pack('H*', '00000000000000000000000000000000')); $aes->disablePadding(); $aes->setPreferredEngine($this->engine); $this->_checkEngine($aes); $result = bin2hex($aes->encrypt(pack('H*', '014730f80ac625fe84f026c60bfd547d'))); $this->assertSame($result, '5c9d844ed46f9885085e5d6a4f94c7d7'); $result = bin2hex($aes->encrypt(pack('H*', '0b24af36193ce4665f2825d7b4749c98'))); $this->assertSame($result, 'a9ff75bd7cf6613d3731c77c3b6d0c04'); $result = bin2hex($aes->encrypt(pack('H*', '761c1fe41a18acf20d241650611d90f1'))); $this->assertSame($result, '623a52fcea5d443e48d9181ab32c7421'); $result = bin2hex($aes->encrypt(pack('H*', '8a560769d605868ad80d819bdba03771'))); $this->assertSame($result, '38f2c7ae10612415d27ca190d27da8b4'); $result = bin2hex($aes->encrypt(pack('H*', '91fbef2d15a97816060bee1feaa49afe'))); $this->assertSame($result, '1bc704f1bce135ceb810341b216d7abe'); }
/** * @param $aes * @param $key * @param $iv */ public function __construct($aes, $key, $iv) { $this->cipher = new $aes(); $this->cipher->setKey(hex2bin($key)); $this->cipher->setIV(hex2bin($iv)); }
/** * @inheritDoc */ public function decrypt($encryptedValue, $key, $iv) { $this->aes->setKey($key); $this->aes->setIV($iv); return $this->aes->decrypt($encryptedValue); }