function main() { if ($_SERVER['REQUEST_METHOD'] === 'POST') { if (array_key_exists('content', $_POST)) { // define password bytes $passwordBytes = Configuration::$aesPasswordBytes; // decode $content = $_POST['content']; $decodedContent = base64_decode($content); // decrypt $decryptedContent = EncryptionHelper::decryptMessage($decodedContent, $passwordBytes); $decryptedContent = StringHelper::untilLastOccurence($decryptedContent, '}'); // json decode $highscoreData = json_decode($decryptedContent); // store $config = ConfidentialConfiguration::getDatabaseConfiguration(); $highscore = new Highscore($config->databaseHost, $config->databaseUserName, $config->databaseUserPassword, $config->databaseName); $highscore->insert($highscoreData); die(ResponseHelper::serializeResponse('Success', 'Success')); } else { die(ResponseHelper::serializeResponse('Error', 'The request must contain a POST parameter')); } } else { die(ResponseHelper::serializeResponse('Error', 'Not a POST request, sorry')); } }
public static function decryptMessage($content, $passwordBytes) { // extract relevant portions of content $iv = substr($content, -32); $data = substr($content, 0, -32); $keyString = StringHelper::getStringFromBytes($passwordBytes); // debug /* echo 'bytes of encrypted message: ' . getStringBytesAsString($data) . '<br>'; echo 'bytes of iv: ' . getStringBytesAsString($iv) . '<br>'; echo 'bytes of key: ' . getStringBytesAsString($keyString) . '<br>'; echo 'num of bytes of key: ' . count(getStringBytesAsString($keyString)) . '<br>'; echo 'key in plaintext: ' . $keyString . '<br>'; */ // decrypt return EncryptionHelper::aesDecrypt($data, $keyString, $iv); }