SodiumCipher.php
2.97 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
<?php
/**
* Joomla! Content Management System
*
* @copyright Copyright (C) 2005 - 2019 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE.txt
*/
namespace Joomla\CMS\Crypt\Cipher;
defined('JPATH_PLATFORM') or die;
use Joomla\CMS\Crypt\CipherInterface;
use Joomla\CMS\Crypt\Key;
use ParagonIE\Sodium\Compat;
/**
* JCrypt cipher for sodium algorithm encryption, decryption and key generation.
*
* @since 3.8.0
*/
class SodiumCipher implements CipherInterface
{
/**
* The message nonce to be used with encryption/decryption
*
* @var string
* @since 3.8.0
*/
private $nonce;
/**
* Method to decrypt a data string.
*
* @param string $data The encrypted string to decrypt.
* @param Key $key The key object to use for decryption.
*
* @return string The decrypted data string.
*
* @since 3.8.0
* @throws \RuntimeException
*/
public function decrypt($data, Key $key)
{
// Validate key.
if ($key->type !== 'sodium')
{
throw new \InvalidArgumentException('Invalid key of type: ' . $key->type . '. Expected sodium.');
}
if (!$this->nonce)
{
throw new \RuntimeException('Missing nonce to decrypt data');
}
$decrypted = Compat::crypto_box_open(
$data,
$this->nonce,
Compat::crypto_box_keypair_from_secretkey_and_publickey($key->private, $key->public)
);
if ($decrypted === false)
{
throw new \RuntimeException('Malformed message or invalid MAC');
}
return $decrypted;
}
/**
* Method to encrypt a data string.
*
* @param string $data The data string to encrypt.
* @param Key $key The key object to use for encryption.
*
* @return string The encrypted data string.
*
* @since 3.8.0
* @throws \RuntimeException
*/
public function encrypt($data, Key $key)
{
// Validate key.
if ($key->type !== 'sodium')
{
throw new \InvalidArgumentException('Invalid key of type: ' . $key->type . '. Expected sodium.');
}
if (!$this->nonce)
{
throw new \RuntimeException('Missing nonce to decrypt data');
}
return Compat::crypto_box(
$data,
$this->nonce,
Compat::crypto_box_keypair_from_secretkey_and_publickey($key->private, $key->public)
);
}
/**
* Method to generate a new encryption key object.
*
* @param array $options Key generation options.
*
* @return Key
*
* @since 3.8.0
* @throws RuntimeException
*/
public function generateKey(array $options = array())
{
// Create the new encryption key object.
$key = new Key('sodium');
// Generate the encryption key.
$pair = Compat::crypto_box_keypair();
$key->public = Compat::crypto_box_publickey($pair);
$key->private = Compat::crypto_box_secretkey($pair);
return $key;
}
/**
* Set the nonce to use for encrypting/decrypting messages
*
* @param string $nonce The message nonce
*
* @return void
*
* @since 3.8.0
*/
public function setNonce($nonce)
{
$this->nonce = $nonce;
}
}