116 lines
3.5 KiB
PHP
116 lines
3.5 KiB
PHP
<?php
|
|
$sf_env = get_option('select-environment');
|
|
if ($sf_env == 'full') {
|
|
include_once(get_template_directory() . '/helpers/sfconfig-test.php');
|
|
} else {
|
|
include_once(get_template_directory() . '/helpers/sfconfig-prod.php');
|
|
}
|
|
|
|
if(!class_exists("EncryptedContent")){
|
|
class EncryptedContent{
|
|
public $IV;
|
|
public $Data;
|
|
}
|
|
}
|
|
|
|
if(!class_exists("MessageContentSigned")){
|
|
class MessageContentSigned{
|
|
public $Content;
|
|
public $Signature;
|
|
}
|
|
}
|
|
|
|
if (!class_exists("MessageContent")){
|
|
class MessageContent{
|
|
public $Body;
|
|
public $Timestamp;
|
|
public $Uid;
|
|
}
|
|
}
|
|
|
|
if(!class_exists("SecuredContent")){
|
|
date_default_timezone_set('UTC');
|
|
|
|
class SecuredContent {
|
|
protected $encrption_key;
|
|
protected $signature_key;
|
|
protected $cipher;
|
|
|
|
public function __construct() {
|
|
/*$this->encrption_key = get_option("encrption_key");
|
|
$this->signature_key = get_option("signature_key");*/
|
|
$this->encrption_key = ENCRYPTION_KEY;
|
|
$this->signature_key = SIGNATURE_KEY;
|
|
$this->cipher = 'AES-256-CBC';
|
|
|
|
}
|
|
|
|
public function encode_content($raw_content)
|
|
{
|
|
$message_content = new MessageContent();
|
|
$message_content->Body = $raw_content;
|
|
$message_content->Timestamp = date('Y-m-d H:i:s', time());
|
|
$message_content->Uid = self::guid();
|
|
|
|
// create signature & pack message
|
|
$signed_message = new MessageContentSigned();
|
|
$signed_message->Content = json_encode($message_content);
|
|
$signed_message->Signature = $this->generate_signature($signed_message->Content);
|
|
|
|
// create initialization vector & encode data
|
|
$iv_size = 16;
|
|
$iv = openssl_random_pseudo_bytes($iv_size);
|
|
$key = base64_decode($this->encrption_key);
|
|
$data = json_encode($signed_message);
|
|
$padding = 16 - (strlen($data) % 16);
|
|
$data .= str_repeat(chr($padding), $padding);
|
|
$cipher_text = openssl_encrypt($data, $this->cipher, $key, OPENSSL_RAW_DATA, $iv);
|
|
|
|
// store content inside an encrypted container
|
|
$encrypted_content = new EncryptedContent();
|
|
$encrypted_content->IV = base64_encode($iv);
|
|
$encrypted_content->Data = base64_encode($cipher_text);
|
|
|
|
return $encrypted_content;
|
|
}
|
|
|
|
public function decode_content($encrypted_string)
|
|
{
|
|
$encrypted_content = json_decode($encrypted_string);
|
|
|
|
// decode data
|
|
|
|
$key = base64_decode($this->encrption_key);
|
|
$iv = base64_decode($encrypted_content->IV);
|
|
$message = openssl_decrypt(base64_decode($encrypted_content->Data), $this->cipher, $key, OPENSSL_RAW_DATA, $iv);
|
|
$message = json_decode(substr($message, 0));
|
|
$signature = $this->generate_signature($message->Content);
|
|
|
|
return json_decode($message->Content)->Body;
|
|
}
|
|
|
|
private function generate_signature($message_content)
|
|
{
|
|
$private_key = openssl_get_privatekey($this->signature_key);
|
|
|
|
openssl_sign($message_content, $signature, $this->signature_key, 'SHA256');
|
|
|
|
openssl_free_key($private_key);
|
|
|
|
return base64_encode($signature);
|
|
}
|
|
|
|
public static function guid()
|
|
{
|
|
if (function_exists('com_create_guid') === true)
|
|
{
|
|
return trim(com_create_guid(), '{}');
|
|
}
|
|
|
|
return sprintf('%04X%04X-%04X-%04X-%04X-%04X%04X%04X', mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(16384, 20479), mt_rand(32768, 49151), mt_rand(0, 65535), mt_rand(0, 65535), mt_rand(0, 65535));
|
|
}
|
|
}
|
|
}
|
|
|
|
|