Skip to content

Add legacy support for encryption and decryption methods in AES CyriptoService provider #30

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
MayMeow merged 6 commits into from
Jun 4, 2025
Merged

Add legacy support for encryption and decryption methods in AES CyriptoService provider #30

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
c756083
Add legacy support for encryption and decryption methods in AESCrypto…
MayMeow Jun 4, 2025
f75e0ff
Fix CS Errors
MayMeow Jun 4, 2025
a6ef622
Enhance documentation for encrypt and decrypt methods to clarify lega…
MayMeow Jun 4, 2025
8c58d37
Refactor IV and TAG handling in decrypt method for clarity and consis…
MayMeow Jun 4, 2025
e2d4af6
Refactor encrypt method to use buildPayload for consistent data forma…
MayMeow Jun 4, 2025
f7cacde
Refactor decrypt method to use parsePayload for improved clarity and …
MayMeow Jun 4, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
63 changes: 57 additions & 6 deletions src/AESCryptoServiceProvider.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,9 +103,12 @@
* Returns encrypted text
*
* @param string $plainText
* @param bool $legacy
* If true, returns IV-TAG-EncryptedData format
* If false, returns IV-EncryptedData-TAG format
* @return string
*/
public function encrypt(string $plainText): string
public function encrypt(string $plainText, bool $legacy = false): string
{
$encryptedBytes = openssl_encrypt(
$plainText,
Expand All @@ -113,21 +116,47 @@
$this->key,
OPENSSL_RAW_DATA,
$this->iv,
$this->tag

Check failure on line 119 in src/AESCryptoServiceProvider.php

View workflow job for this annotation

GitHub Actions / stan 

Property MayMeow\Cryptography\AESCryptoServiceProvider::$tag (string) does not accept string|null.
);

return base64_encode($this->iv . $this->tag . $encryptedBytes);
return base64_encode($this->buildPayload(
iv: $this->iv,
tag: $this->tag,
encryptedData: $encryptedBytes,

Check failure on line 125 in src/AESCryptoServiceProvider.php

View workflow job for this annotation

GitHub Actions / stan 

Parameter $encryptedData of method MayMeow\Cryptography\AESCryptoServiceProvider::buildPayload() expects string, string|false given.
legacy: $legacy
));
}

/**
* Build payload for encrypted data
*
* @param string $iv
* @param string $tag
* @param string $encryptedData
* @param bool $legacy
* If true, returns IV-TAG-EncryptedData format
* If false, returns IV-EncryptedData-TAG format
* @return string
*/
protected function buildPayload(string $iv, string $tag, string $encryptedData, bool $legacy): string
{
return $legacy
? $iv . $tag . $encryptedData // IV-TAG-EncryptedData
: $iv . $encryptedData . $tag; // IV-EncryptedData-TAG
}

/**
* Decrypt given text
*
* @param string $encryptedData
* @param bool $legacy
* If true, expects IV-TAG-EncryptedData format
* If false, expects IV-EncryptedData-TAG format
* @return string
* @throws DecryptException
* @throws IvGenerateException
*/
public function decrypt(string $encryptedData): string
public function decrypt(string $encryptedData, bool $legacy = false): string
{
$c = base64_decode($encryptedData);

Expand All @@ -137,9 +166,11 @@
throw new IvGenerateException();
}

$this->iv = substr($c, 0, $iv_len);
$this->tag = substr($c, $iv_len, static::DEFAULT_GCM_TAG_LENGTH);
$encryptedBytes = substr($c, $iv_len + static::DEFAULT_GCM_TAG_LENGTH);
[$this->iv, $encryptedBytes, $this->tag] = $this->parsePayload(
cipherText: $c,
ivLength: $iv_len,
legacy: $legacy
);

$decryptedText = openssl_decrypt(
$encryptedBytes,
Expand All @@ -157,6 +188,26 @@
return $decryptedText;
}

/**
* Parse payload from encrypted data
*
* @param string $cipherText
* @param int $ivLength
* @param bool $legacy
* If true, expects IV-TAG-EncryptedData format
* If false, expects IV-EncryptedData-TAG format
* @return array That contains IV, EncryptedData and TAG in that order
*/
protected function parsePayload(string $cipherText, int $ivLength, bool $legacy = false): array

Check failure on line 201 in src/AESCryptoServiceProvider.php

View workflow job for this annotation

GitHub Actions / stan 

Method MayMeow\Cryptography\AESCryptoServiceProvider::parsePayload() return type has no value type specified in iterable type array.
{
$iv = substr($cipherText, 0, $ivLength);
$tagLength = static::DEFAULT_GCM_TAG_LENGTH;

return $legacy
? [$iv, substr($cipherText, $ivLength + $tagLength), substr($cipherText, $ivLength, $tagLength)]
: [$iv, substr($cipherText, $ivLength, -$tagLength), substr($cipherText, -$tagLength)];

Check failure on line 208 in src/AESCryptoServiceProvider.php

View workflow job for this annotation

GitHub Actions / stan 

Parameter #3 $length of function substr expects int|null, float|int given.

Check failure on line 208 in src/AESCryptoServiceProvider.php

View workflow job for this annotation

GitHub Actions / stan 

Parameter #2 $offset of function substr expects int, float|int given.
}

/**
* Seal data using AES-256-CBC and public key
*
Expand All @@ -168,7 +219,7 @@
* @param bool $humanReadableData whether to return base64 encoded data
* @return array Sealed data
*/
public function seal(

Check failure on line 222 in src/AESCryptoServiceProvider.php

View workflow job for this annotation

GitHub Actions / stan 

Method MayMeow\Cryptography\AESCryptoServiceProvider::seal() return type has no value type specified in iterable type array.
string $plain_text,
RSAParameters $rSAParameters,
bool $humanReadableData = false
Expand Down
2 changes: 2 additions & 0 deletions tests/AESCryptoServiceProviderTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,12 @@ public function textCanBeEncryptedAndDecrypted() : void

$plainText = "This is going to be encrypted!";
$encryptedText= $csp->encrypt($plainText);
$encryptedTextLegacy = $csp->encrypt($plainText, legacy: true);

$csp2 = new AESCryptoServiceProvider();
$csp2->setKey($key);

$this->assertEquals($plainText, $csp2->decrypt($encryptedText));
$this->assertEquals($plainText, $csp2->decrypt($encryptedTextLegacy, legacy: true));
}
}
Loading