[Summary view] [Print] [Text view]

   1  <?php
   2  
   3  /**
   4   * @package    Joomla.Administrator
   5   * @subpackage com_users
   6   *
   7   * @copyright  (C) 2022 Open Source Matters, Inc. <https://www.joomla.org>
   8   * @license    GNU General Public License version 2 or later; see LICENSE.txt
   9   */
  10  
  11  namespace Joomla\Component\Users\Administrator\Service;
  12  
  13  use Joomla\CMS\Encrypt\Aes;
  14  use Joomla\CMS\Factory;
  15  
  16  // phpcs:disable PSR1.Files.SideEffects
  17  \defined('_JEXEC') or die;
  18  // phpcs:enable PSR1.Files.SideEffects
  19  
  20  /**
  21   * Data encryption service.
  22   *
  23   * @since 4.2.0
  24   */
  25  class Encrypt
  26  {
  27      /**
  28       * The encryption engine used by this service
  29       *
  30       * @var    Aes
  31       * @since  4.2.0
  32       */
  33      private $aes;
  34  
  35      /**
  36       * EncryptService constructor.
  37       *
  38       * @since   4.2.0
  39       */
  40      public function __construct()
  41      {
  42          $this->initialize();
  43      }
  44  
  45      /**
  46       * Encrypt the plaintext $data and return the ciphertext prefixed by ###AES128###
  47       *
  48       * @param   string  $data  The plaintext data
  49       *
  50       * @return  string  The ciphertext, prefixed by ###AES128###
  51       *
  52       * @since   4.2.0
  53       */
  54      public function encrypt(string $data): string
  55      {
  56          if (!is_object($this->aes)) {
  57              return $data;
  58          }
  59  
  60          $this->aes->setPassword($this->getPassword(), false);
  61          $encrypted = $this->aes->encryptString($data, true);
  62  
  63          return '###AES128###' . $encrypted;
  64      }
  65  
  66      /**
  67       * Decrypt the ciphertext, prefixed by ###AES128###, and return the plaintext.
  68       *
  69       * @param   string  $data    The ciphertext, prefixed by ###AES128###
  70       * @param   bool    $legacy  Use legacy key expansion? Use it to decrypt data encrypted with FOF 3.
  71       *
  72       * @return  string  The plaintext data
  73       *
  74       * @since   4.2.0
  75       */
  76      public function decrypt(string $data, bool $legacy = false): string
  77      {
  78          if (substr($data, 0, 12) != '###AES128###') {
  79              return $data;
  80          }
  81  
  82          $data = substr($data, 12);
  83  
  84          if (!is_object($this->aes)) {
  85              return $data;
  86          }
  87  
  88          $this->aes->setPassword($this->getPassword(), $legacy);
  89          $decrypted = $this->aes->decryptString($data, true, $legacy);
  90  
  91          // Decrypted data is null byte padded. We have to remove the padding before proceeding.
  92          return rtrim($decrypted, "\0");
  93      }
  94  
  95      /**
  96       * Initialize the AES cryptography object
  97       *
  98       * @return  void
  99       * @since   4.2.0
 100       */
 101      private function initialize(): void
 102      {
 103          if (is_object($this->aes)) {
 104              return;
 105          }
 106  
 107          $password = $this->getPassword();
 108  
 109          if (empty($password)) {
 110              return;
 111          }
 112  
 113          $this->aes = new Aes('cbc');
 114          $this->aes->setPassword($password);
 115      }
 116  
 117      /**
 118       * Returns the password used to encrypt information in the component
 119       *
 120       * @return  string
 121       *
 122       * @since   4.2.0
 123       */
 124      private function getPassword(): string
 125      {
 126          try {
 127              return Factory::getApplication()->get('secret', '');
 128          } catch (\Exception $e) {
 129              return '';
 130          }
 131      }
 132  }