예제 #1
0
 public function decryptContent($content, $publicKey)
 {
     $plaintext = \Sodium\crypto_secretbox_open($content, $publicKey, $this->privateKey);
     if ($plaintext === false) {
         throw new CannotEncryptContentException();
     }
     return $plaintext;
 }
예제 #2
0
function safeDecrypt($encrypted, $key)
{
    $decoded = base64_decode($encrypted);
    $nonce = mb_substr($decoded, 0, \Sodium\CRYPTO_SECRETBOX_NONCEBYTES, '8bit');
    $ciphertext = mb_substr($decoded, \Sodium\CRYPTO_SECRETBOX_NONCEBYTES, null, '8bit');
    $plain = \Sodium\crypto_secretbox_open($ciphertext, $nonce, $key);
    \Sodium\memzero($ciphertext);
    \Sodium\memzero($key);
    return $plain;
}
예제 #3
0
 /**
  * Returns the encrypted message in plaintext format.
  *
  * @param string $message The encrypted message portion.
  * @param string $key The encryption key used with the message.
  * @param string $hashKey The key to hash the key with.
  * @return string The encrypted message in plaintext format.
  * @throws Exceptions\DecryptionException
  * @throws Exceptions\InvalidTypeException
  * @throws Exceptions\OutOfRangeException
  */
 public static function decryptMessage($message, $key, $hashKey = '')
 {
     // Test the message and key for string validity.
     Helpers::isString($message, 'Encryption', 'decryptMessage');
     Helpers::isString($key, 'Encryption', 'decryptMessage');
     Helpers::isString($hashKey, 'Encryption', 'decryptMessage');
     // Create a special hashed key for encryption.
     $key = Hash::hash($key, $hashKey, Constants::SECRETBOX_KEYBYTES);
     // Validate and decode the paylload.
     $payload = self::getJsonPayload($message);
     $nonce = base64_decode($payload['nonce']);
     $ciphertext = base64_decode($payload['ciphertext']);
     // Open the secret box using the data provided.
     $plaintext = \Sodium\crypto_secretbox_open($ciphertext, $nonce, $key);
     // Test if the secret box returned usable data.
     if ($plaintext === false) {
         throw new Exceptions\DecryptionException("Failed to decrypt message using key.");
     }
     return unserialize($plaintext);
 }
 /**
  * @param string $encrypted
  *
  * @throws CryptoException
  *
  * @return string
  */
 public function decrypt($encrypted)
 {
     if (!$encrypted || !is_string($encrypted)) {
         throw new CryptoException(sprintf(self::ERR_CANNOT_DECRYPT, gettype($encrypted)));
     }
     // Sanity check size of payload is larger than MAC + NONCE
     if (ByteString::strlen($encrypted) < self::NONCE_SIZE_BYTES + \Sodium\CRYPTO_AUTH_BYTES) {
         throw new CryptoException(self::ERR_SIZE);
     }
     // Split into nonce, mac, and encrypted payload
     $nonce = ByteString::substr($encrypted, 0, self::NONCE_SIZE_BYTES);
     $mac = ByteString::substr($encrypted, self::NONCE_SIZE_BYTES, \Sodium\CRYPTO_AUTH_BYTES);
     $encrypted = ByteString::substr($encrypted, self::NONCE_SIZE_BYTES + \Sodium\CRYPTO_AUTH_BYTES);
     // Verify MAC
     try {
         $isVerified = \Sodium\crypto_auth_verify($mac, $nonce . $encrypted, $this->authSecret->getValue());
     } catch (Exception $ex) {
         throw new CryptoException(sprintf(self::ERR_DECODE_UNEXPECTED, $ex->getMessage()), $ex->getCode(), $ex);
     }
     if (!$isVerified) {
         throw new CryptoException(self::ERR_DECODE);
     }
     // Decrypt authenticated payload
     try {
         $unencrypted = \Sodium\crypto_secretbox_open($encrypted, $nonce, $this->cryptoSecret->getValue());
     } catch (Exception $ex) {
         throw new CryptoException(sprintf(self::ERR_DECRYPT, $ex->getMessage()), $ex->getCode(), $ex);
     }
     return $unencrypted;
 }
예제 #5
0
function _appBaseDecrypt($data)
{
    $key = substr(_configBaseQuery("loadedHash"), 0, \Sodium\CRYPTO_SECRETBOX_KEYBYTES);
    $decoded = $data;
    $nonce = mb_substr($decoded, 0, \Sodium\CRYPTO_SECRETBOX_NONCEBYTES, '8bit');
    $ciphertext = mb_substr($decoded, \Sodium\CRYPTO_SECRETBOX_NONCEBYTES, null, '8bit');
    $decrypted = \Sodium\crypto_secretbox_open($ciphertext, $nonce, $key);
    if ($decrypted === false) {
        _logBaseWrite("_appBaseDecryptERR!");
        _screenBaseCleanUp();
        exit;
    }
    return $decrypted;
}
 /**
  * decrypt a secret box
  *
  * @param string $box as binary
  * @param string $nonce as binary
  * @param string $key as binary
  * @return string as binary
  */
 protected function openSecretBox($box, $nonce, $key)
 {
     /** @noinspection PhpUndefinedNamespaceInspection @noinspection PhpUndefinedFunctionInspection */
     return \Sodium\crypto_secretbox_open($box, $nonce, $key);
 }