You are here

Home » API reference » Lockr 7.2 » LockrAes256CbcSha256KeyWrapper.php » LockrAes256CbcSha256KeyWrapper

public static function LockrAes256CbcSha256KeyWrapper::decrypt in Lockr 7.2

Same name and namespace in other branches
  1. 7.3 vendor/lockr/lockr/src/KeyWrapper/LockrAes256CbcSha256KeyWrapper.php \Lockr\KeyWrapper\LockrAes256CbcSha256KeyWrapper::decrypt()

Decrypt the given ciphertext using encoded.

Parameters

string $ciphertext:

string $encoded:

Return value

string|bool

Overrides KeyWrapperInterface::decrypt

File

vendor/lockr/lockr-client/src/KeyWrapper/LockrAes256CbcSha256KeyWrapper.php, line 46

Class

LockrAes256CbcSha256KeyWrapper

Namespace

Lockr\KeyWrapper

Code

public static function decrypt($ciphertext, $wrapping_key) {
  $wrapping_key = substr($wrapping_key, strlen(self::PREFIX));
  $wrapping_key = base64_decode($wrapping_key);
  $key_data = hash('sha512', $wrapping_key, true);
  $enc_key = substr($key_data, 0, self::KEY_LEN);
  $hmac_key = substr($key_data, self::KEY_LEN);
  $ciphertext = base64_decode($ciphertext);
  $iv = substr($ciphertext, 0, self::IV_LEN);
  $hmac0 = substr($ciphertext, -self::HMAC_LEN);
  $ciphertext = substr($ciphertext, self::IV_LEN, -self::HMAC_LEN);
  $hmac1 = self::hmac($iv, $ciphertext, $hmac_key);
  if (!hash_equals($hmac0, $hmac1)) {
    return false;
  }
  $plaintext = openssl_decrypt($ciphertext, self::METHOD, $enc_key, OPENSSL_RAW_DATA, $iv);
  return $plaintext;
}