|
|
|
|
|
|
|
|
* @author Lukas Reschke <lukas@statuscode.ch> |
|
|
* @author Lukas Reschke <lukas@statuscode.ch> |
|
|
* @author Morris Jobke <hey@morrisjobke.de> |
|
|
* @author Morris Jobke <hey@morrisjobke.de> |
|
|
* @author Roeland Jago Douma <roeland@famdouma.nl> |
|
|
* @author Roeland Jago Douma <roeland@famdouma.nl> |
|
|
|
|
|
* @author Lynn Stephenson <lynn.stephenson@protonmail.com> |
|
|
* |
|
|
* |
|
|
* @license AGPL-3.0 |
|
|
* @license AGPL-3.0 |
|
|
* |
|
|
* |
|
|
|
|
|
|
|
|
if ($password === '') { |
|
|
if ($password === '') { |
|
|
$password = $this->config->getSystemValue('secret'); |
|
|
$password = $this->config->getSystemValue('secret'); |
|
|
} |
|
|
} |
|
|
$this->cipher->setPassword($password); |
|
|
|
|
|
|
|
|
$keyMaterial = hash_hkdf('sha512', $password); |
|
|
|
|
|
$this->cipher->setPassword(substr($keyMaterial, 0, 32)); |
|
|
|
|
|
|
|
|
$iv = \random_bytes($this->ivLength); |
|
|
$iv = \random_bytes($this->ivLength); |
|
|
$this->cipher->setIV($iv); |
|
|
$this->cipher->setIV($iv); |
|
|
|
|
|
|
|
|
$ciphertext = bin2hex($this->cipher->encrypt($plaintext)); |
|
|
$ciphertext = bin2hex($this->cipher->encrypt($plaintext)); |
|
|
$iv = bin2hex($iv); |
|
|
$iv = bin2hex($iv); |
|
|
$hmac = bin2hex($this->calculateHMAC($ciphertext.$iv, $password)); |
|
|
|
|
|
|
|
|
$hmac = bin2hex($this->calculateHMAC($ciphertext.$iv, substr($keyMaterial, 32))); |
|
|
|
|
|
|
|
|
return $ciphertext.'|'.$iv.'|'.$hmac.'|2'; |
|
|
|
|
|
|
|
|
return $ciphertext.'|'.$iv.'|'.$hmac.'|3'; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
/** |
|
|
/** |
|
|
|
|
|
|
|
|
if ($password === '') { |
|
|
if ($password === '') { |
|
|
$password = $this->config->getSystemValue('secret'); |
|
|
$password = $this->config->getSystemValue('secret'); |
|
|
} |
|
|
} |
|
|
$this->cipher->setPassword($password); |
|
|
|
|
|
|
|
|
$hmacKey = $encryptionKey = $password; |
|
|
|
|
|
|
|
|
$parts = explode('|', $authenticatedCiphertext); |
|
|
$parts = explode('|', $authenticatedCiphertext); |
|
|
$partCount = \count($parts); |
|
|
$partCount = \count($parts); |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if ($partCount === 4) { |
|
|
if ($partCount === 4) { |
|
|
$version = $parts[3]; |
|
|
$version = $parts[3]; |
|
|
if ($version === '2') { |
|
|
|
|
|
|
|
|
if ($version >= '2') { |
|
|
$iv = hex2bin($iv); |
|
|
$iv = hex2bin($iv); |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if ($version === '3') { |
|
|
|
|
|
$keyMaterial = hash_hkdf('sha512', $password); |
|
|
|
|
|
$encryptionKey = substr($keyMaterial, 0, 32); |
|
|
|
|
|
$hmacKey = substr($keyMaterial, 32); |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
$this->cipher->setPassword($encryptionKey); |
|
|
$this->cipher->setIV($iv); |
|
|
$this->cipher->setIV($iv); |
|
|
|
|
|
|
|
|
if (!hash_equals($this->calculateHMAC($parts[0] . $parts[1], $password), $hmac)) { |
|
|
|
|
|
|
|
|
if (!hash_equals($this->calculateHMAC($parts[0] . $parts[1], $hmacKey), $hmac)) { |
|
|
throw new \Exception('HMAC does not match.'); |
|
|
throw new \Exception('HMAC does not match.'); |
|
|
} |
|
|
} |
|
|
|
|
|
|