php/yii2
1
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2025-11-22 17:48:37 +08:00
Code Issues Packages Projects Releases Wiki Activity

use OPENSSL_RAW_DATA, in which openssl adds/strips padding https://en.wikipedia.org/wiki/Padding_%28cryptography%29#PKCS7

Browse Source
This commit is contained in:
tom--
2015-02-11 11:14:11 -05:00
parent 1590cb8d68
commit e049e9b117
1 changed files with 14 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
framework/base/Security.php
View File

@@ -172,11 +172,14 @@ class Security extends Component
$key = $this->hkdf(self::KDF_HASH, $secret, $keySalt, $info, self::KEY_SIZE); $key = $this->hkdf(self::KDF_HASH, $secret, $keySalt, $info, self::KEY_SIZE);
} }
$data = $this->addPadding($data);
$ivSize = 16; $ivSize = 16;
$iv = $this->generateRandomKey($ivSize); $iv = $this->generateRandomKey($ivSize);
$encrypted = openssl_encrypt($data, $this->opensslCipher(), $key, OPENSSL_ZERO_PADDING, $iv);
$encrypted = base64_decode($encrypted); // $data = $this->addPadding($data);
// $encrypted = openssl_encrypt($data, $this->opensslCipher(), $key, OPENSSL_ZERO_PADDING, $iv);
// $encrypted = base64_decode($encrypted);
$encrypted = openssl_encrypt($data, $this->opensslCipher(), $key, OPENSSL_RAW_DATA, $iv);
$authKey = $this->hkdf(self::KDF_HASH, $key, null, self::AUTH_KEY_INFO, self::KEY_SIZE); $authKey = $this->hkdf(self::KDF_HASH, $key, null, self::AUTH_KEY_INFO, self::KEY_SIZE);
$hashed = $this->hashData($iv . $encrypted, $authKey); $hashed = $this->hashData($iv . $encrypted, $authKey);
@@ -216,10 +219,15 @@ class Security extends Component
$ivSize = 16; $ivSize = 16;
$iv = StringHelper::byteSubstr($data, 0, $ivSize); $iv = StringHelper::byteSubstr($data, 0, $ivSize);
$encrypted = base64_encode(StringHelper::byteSubstr($data, $ivSize, null)); $encrypted = StringHelper::byteSubstr($data, $ivSize, null);
$decrypted = openssl_decrypt($encrypted, $this->opensslCipher(), $key, OPENSSL_ZERO_PADDING, $iv);
return $this->stripPadding($decrypted); // $encrypted = base64_encode($encrypted);
// $decrypted = openssl_decrypt($encrypted, $this->opensslCipher(), $key, OPENSSL_ZERO_PADDING, $iv);
// $decrypted = $this->stripPadding($decrypted);
$decrypted = openssl_decrypt($encrypted, $this->opensslCipher(), $key, OPENSSL_RAW_DATA, $iv);
return $decrypted;
} }
/** /**