* @throws \RuntimeException raised on missing mcrypt * @throws \InvalidArgumentException raised on decrypting failed * @param string $cipher encrypted message * @return string decrypted message */ public function decrypt($cipher) { // test for tag on cipher and pass back provided cipher as is if tag is missing if (substr($cipher, 0, 8) !== 'TXF!CIPH') { log::warning('actually not decrypting since cipher is not properly encrypted'); return $cipher; } if (!is_callable('mcrypt_module_open')) { throw new \RuntimeException('missing mcrypt'); } // actually decrypt provided cipher mcrypt_generic_init($this->cryptModule, $this->preparedKey(), $this->preparedIV()); $decrypted = mdecrypt_generic($this->cryptModule, substr($cipher, 8)); mcrypt_generic_deinit($this->cryptModule); // check integrity of decrypted message $cleartext = substr($decrypted, 20); $hash = substr($decrypted, 0, 20); if (sha1($cleartext, true) !== $hash) { log::error('decryption failed'); throw new \InvalidArgumentException('decryption failed'); } return $cleartext; } } crypt::init();
/** * Retrieves current singleton session manager. * * This method creates new session manager or restores one from available * record in session space on demand. * * @return session */ public static final function current() { if (!self::$current instanceof self) { self::getScopeParameter($domain, $path); \session_set_cookie_params(0, path::addTrailingSlash($path), $domain); // trigger import of class crypt so it may set required cookies crypt::init(); // without existing link in current runtime check for snapshot // stored in session @session_start(); if ($_SESSION[self::stubName] instanceof self) { // restore found snapshot self::$current = $_SESSION[self::stubName]; } else { // not in session -> start new session manager self::$current = new static(); } } // (re-)retrieve current session manager instance return self::$current; }