/**
* Encrypt or decrypt a binary input string.
*
* @param string $input Input data to encrypt
* @param string $password Encryption/decryption key to use on input
* @param string $algo Hashing algo to generate keystream
*
* @return string
*/
public static function crypt($input, $password, $algo = 'sha512')
{
$chunks = \str_split($input, Str::hashSize($algo));
foreach ($chunks as $i => &$chunk) {
$chunk = $chunk ^ \hash($algo, $password . $i, true);
}
return \implode($chunks);
}
/**
* Decrypt cyphertext
*
* @param string $cyphertext Cypher text to decrypt
* @param string $password Password that should be used to decrypt input data
* @param int $cost Number of HMAC iterations to perform on key
* @param string $cipher Mcrypt cipher
* @param string $mode Mcrypt mode
* @param string $algo Hashing algorithm to use for internal operations
*
* @return string|boolean Returns false on checksum validation failure
*/
public static function decrypt($cyphertext, $password, $cost = 0, $cipher = MCRYPT_RIJNDAEL_128, $mode = MCRYPT_MODE_CBC, $algo = 'sha256')
{
// Determine that size of the IV in bytes
$ivsize = \mcrypt_get_iv_size($cipher, $mode);
// Find the IV at the beginning of the cypher text
$iv = Str::substr($cyphertext, 0, $ivsize);
// Gather the checksum portion of the cypher text
$chksum = Str::substr($cyphertext, $ivsize, Str::hashSize($algo));
// Gather message portion of cyphertext after iv and checksum
$message = Str::substr($cyphertext, $ivsize + Str::hashSize($algo));
// Derive key from password
$key = self::key($password, $iv, $cost, $cipher, $mode, $algo);
// Calculate verification checksum
$verify = self::checksum($message, $iv, $key, $cipher, $mode, $algo);
// If checksum could not be verified return false
self::checksumVerify($verify, $chksum);
// Decrypt unpad return
return Pkcs7::unpad(\mcrypt_decrypt($cipher, $key, $message, $mode, $iv));
}
