You are here

Home » API reference » Two-factor Authentication (TFA) 7.2 » tfa.inc » TfaBasePlugin

protected function TfaBasePlugin::decryptLegacyDataWithOpenSSL in Two-factor Authentication (TFA) 7.2

Use OpenSSL to decrypt data that was originally encrypted with Mcrypt.

As used by an earlier version of this module.

Parameters

string $data: The data to be decrypted.

Return value

string The plaintext, or empty string on failure.

phpcs:disable Drupal.NamingConventions.ValidFunctionName.ScopeNotCamelCaps

1 call to TfaBasePlugin::decryptLegacyDataWithOpenSSL()
TfaBasePlugin::decrypt in ./tfa.inc
Decrypt a encrypted string.

File

./tfa.inc, line 736
TFA module classes.

Class

TfaBasePlugin
Base plugin class.

Code

protected function decryptLegacyDataWithOpenSSL($data) {

  // Based on return value of mcrypt_enc_get_key_size($td).
  $key_size = 32;

  // Based on return value of mcrypt_enc_get_iv_size($td).
  $iv_size = 16;
  $key = substr($this->encryptionKey, 0, $key_size);
  $iv = substr($data, 0, $iv_size);
  $data = substr($data, $iv_size);

  // Using 3 instead of the constant OPENSSL_NO_PADDING, for PHP 5.3.
  $decrypted_text = openssl_decrypt($data, 'aes-256-cbc', $key, 3, $iv);

  // Return only the message and none of its padding.
  if (strpos($decrypted_text, '|') !== FALSE) {
    list($length, $padded_data) = explode('|', $decrypted_text, 2);
    $decrypted_text = substr($padded_data, 0, $length);
    return $decrypted_text;
  }
  else {
    return '';
  }
}