lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Support Initialisation vector in crypt/decrypt

Browse Source
This commit is contained in:
Laurent Destailleur 2022-08-24 23:41:26 +02:00
parent eb3a7b6ead
commit 17c404e940
1 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
htdocs/core/lib/security.lib.php
View File

@ -124,8 +124,14 @@ function dolEncrypt($chain, $key = '', $ciphering = "AES-256-CTR")
if (!function_exists('openssl_encrypt')) {
return $chain;
} else {
$newchain = openssl_encrypt($chain, $ciphering, $key);
return 'dolcrypt:'.$ciphering.':'.$newchain;
$ivlen = openssl_cipher_iv_length($ciphering);
if ($ivlen < 0 || $ivlen > 32) {
$ivlen = 32;
}
$ivseed = mt_rand(0, pow(2, $ivlen) - 1);
$newchain = openssl_encrypt($chain, $ciphering, $key, null, $ivseed);
return 'dolcrypt:'.$ciphering.':'.$ivseed.':'.$newchain;
}
}
@ -154,7 +160,12 @@ function dolDecrypt($chain, $key = '')
if (preg_match('/^dolcrypt:([^:]+):(.+)$/', $chain, $reg)) {
$ciphering = $reg[1];
if (function_exists('openssl_decrypt')) {
$newchain = openssl_decrypt($reg[2], $ciphering, $key);
$tmpexplode = explode(':', $reg[2]);
if (!empty($tmpexplode[1]) && is_numeric($tmpexplode[0])) {
$newchain = openssl_decrypt($tmpexplode[1], $ciphering, $key, null, $tmpexplode[0]);
} else {
$newchain = openssl_decrypt($tmpexplode[0], $ciphering, $key, null, null);
}
} else {
$newchain = 'Error function openssl_decrypt() not available';
}