136 lines
3.4 KiB
Plaintext
136 lines
3.4 KiB
Plaintext
/**
|
|
* Determines if the server can encrypt backups
|
|
*
|
|
* @return boolean
|
|
*/
|
|
function ai1wm_can_encrypt() {
|
|
if ( ! function_exists( 'openssl_encrypt' ) ) {
|
|
return false;
|
|
}
|
|
|
|
if ( ! function_exists( 'openssl_random_pseudo_bytes' ) ) {
|
|
return false;
|
|
}
|
|
|
|
if ( ! function_exists( 'openssl_cipher_iv_length' ) ) {
|
|
return false;
|
|
}
|
|
|
|
if ( ! function_exists( 'sha1' ) ) {
|
|
return false;
|
|
}
|
|
|
|
if ( ! in_array( AI1WM_CIPHER_NAME, array_map( 'strtoupper', openssl_get_cipher_methods() ) ) ) {
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Determines if the server can decrypt backups
|
|
*
|
|
* @return boolean
|
|
*/
|
|
function ai1wm_can_decrypt() {
|
|
if ( ! function_exists( 'openssl_decrypt' ) ) {
|
|
return false;
|
|
}
|
|
|
|
if ( ! function_exists( 'openssl_random_pseudo_bytes' ) ) {
|
|
return false;
|
|
}
|
|
|
|
if ( ! function_exists( 'openssl_cipher_iv_length' ) ) {
|
|
return false;
|
|
}
|
|
|
|
if ( ! function_exists( 'sha1' ) ) {
|
|
return false;
|
|
}
|
|
|
|
if ( ! in_array( AI1WM_CIPHER_NAME, array_map( 'strtoupper', openssl_get_cipher_methods() ) ) ) {
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Encrypts a string with a key
|
|
*
|
|
* @param string $string String to encrypt
|
|
* @param string $key Key to encrypt the string with
|
|
* @return string
|
|
* @throws Ai1wm_Not_Encryptable_Exception
|
|
*/
|
|
function ai1wm_encrypt_string( $string, $key ) {
|
|
$iv_length = ai1wm_crypt_iv_length();
|
|
$key = substr( sha1( $key, true ), 0, $iv_length );
|
|
|
|
$iv = openssl_random_pseudo_bytes( $iv_length );
|
|
if ( $iv === false ) {
|
|
throw new Ai1wm_Not_Encryptable_Exception( __( 'Unable to generate random bytes.', AI1WM_PLUGIN_NAME ) );
|
|
}
|
|
|
|
$encrypted_string = openssl_encrypt( $string, AI1WM_CIPHER_NAME, $key, OPENSSL_RAW_DATA, $iv );
|
|
if ( $encrypted_string === false ) {
|
|
throw new Ai1wm_Not_Encryptable_Exception( __( 'Unable to encrypt data.', AI1WM_PLUGIN_NAME ) );
|
|
}
|
|
|
|
return sprintf( '%s%s', $iv, $encrypted_string );
|
|
}
|
|
|
|
/**
|
|
* Returns encrypt/decrypt iv length
|
|
*
|
|
* @return int
|
|
* @throws Ai1wm_Not_Encryptable_Exception
|
|
*/
|
|
function ai1wm_crypt_iv_length() {
|
|
$iv_length = openssl_cipher_iv_length( AI1WM_CIPHER_NAME );
|
|
if ( $iv_length === false ) {
|
|
throw new Ai1wm_Not_Encryptable_Exception( __( 'Unable to obtain cipher length.', AI1WM_PLUGIN_NAME ) );
|
|
}
|
|
|
|
return $iv_length;
|
|
}
|
|
|
|
/**
|
|
* Decrypts a string with a eky
|
|
*
|
|
* @param string $encrypted_string String to decrypt
|
|
* @param string $key Key to decrypt the string with
|
|
* @return string
|
|
* @throws Ai1wm_Not_Encryptable_Exception
|
|
* @throws Ai1wm_Not_Decryptable_Exception
|
|
*/
|
|
function ai1wm_decrypt_string( $encrypted_string, $key ) {
|
|
$iv_length = ai1wm_crypt_iv_length();
|
|
$key = substr( sha1( $key, true ), 0, $iv_length );
|
|
$iv = substr( $encrypted_string, 0, $iv_length );
|
|
|
|
$decrypted_string = openssl_decrypt( substr( $encrypted_string, $iv_length ), AI1WM_CIPHER_NAME, $key, OPENSSL_RAW_DATA, $iv );
|
|
if ( $decrypted_string === false ) {
|
|
throw new Ai1wm_Not_Decryptable_Exception( __( 'Unable to decrypt data.', AI1WM_PLUGIN_NAME ) );
|
|
}
|
|
|
|
return $decrypted_string;
|
|
}
|
|
|
|
/**
|
|
* Checks if decryption password is valid
|
|
*
|
|
* @param string $encrypted_signature
|
|
* @param string $password
|
|
* @return bool
|
|
*/
|
|
function ai1wm_is_decryption_password_valid( $encrypted_signature, $password ) {
|
|
try {
|
|
$encrypted_signature = base64_decode( $encrypted_signature );
|
|
|
|
return ai1wm_decrypt_string( $encrypted_signature, $password ) === AI1WM_SIGN_TEXT;
|
|
} catch ( Ai1wm_Not_Decryptable_Exception $exception ) {
|
|
return false;
|
|
}
|
|
} |