protected function TfaBasePlugin::decryptLegacyDataWithOpenSSL in Two-factor Authentication (TFA) 7.2
Use OpenSSL to decrypt data that was originally encrypted with Mcrypt.
As used by an earlier version of this module.
Parameters
string $data: The data to be decrypted.
Return value
string The plaintext, or empty string on failure.
phpcs:disable Drupal.NamingConventions.ValidFunctionName.ScopeNotCamelCaps
1 call to TfaBasePlugin::decryptLegacyDataWithOpenSSL()
- TfaBasePlugin::decrypt in ./
tfa.inc - Decrypt a encrypted string.
File
- ./
tfa.inc, line 736 - TFA module classes.
Class
- TfaBasePlugin
- Base plugin class.
Code
protected function decryptLegacyDataWithOpenSSL($data) {
// Based on return value of mcrypt_enc_get_key_size($td).
$key_size = 32;
// Based on return value of mcrypt_enc_get_iv_size($td).
$iv_size = 16;
$key = substr($this->encryptionKey, 0, $key_size);
$iv = substr($data, 0, $iv_size);
$data = substr($data, $iv_size);
// Using 3 instead of the constant OPENSSL_NO_PADDING, for PHP 5.3.
$decrypted_text = openssl_decrypt($data, 'aes-256-cbc', $key, 3, $iv);
// Return only the message and none of its padding.
if (strpos($decrypted_text, '|') !== FALSE) {
list($length, $padded_data) = explode('|', $decrypted_text, 2);
$decrypted_text = substr($padded_data, 0, $length);
return $decrypted_text;
}
else {
return '';
}
}