From 1dc5ccc11d39075312597c459da94ccc5485b3cb Mon Sep 17 00:00:00 2001 From: Hamza-Ayed Date: Tue, 30 Jun 2026 21:54:31 +0300 Subject: [PATCH] Restore legacy decrypt fallback for prepended random IV in EncryptionHelper --- backend/core/Security/EncryptionHelper.php | 26 ++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/backend/core/Security/EncryptionHelper.php b/backend/core/Security/EncryptionHelper.php index 86e73e31..12b7eada 100644 --- a/backend/core/Security/EncryptionHelper.php +++ b/backend/core/Security/EncryptionHelper.php @@ -53,6 +53,32 @@ class EncryptionHelper $decoded = base64_decode($cipherText, true); if ($decoded === false) return false; + // محاولة أولى: استخراج IV عشوائي من أول 16 بايت (كما كان في encrypt_decrypt.php) + if (strlen($decoded) >= 16) { + $iv = substr($decoded, 0, 16); + $payload = substr($decoded, 16); + if (strlen($payload) > 0) { + $decrypted_rand = openssl_decrypt($payload, self::ALGO_CBC, $this->key, OPENSSL_RAW_DATA, $iv); + if ($decrypted_rand !== false) { + $pad = ord($decrypted_rand[strlen($decrypted_rand) - 1]); + if ($pad >= 1 && $pad <= 16) { + // Check if padding is valid + $isValidPad = true; + for ($i = 1; $i <= $pad; $i++) { + if (ord($decrypted_rand[strlen($decrypted_rand) - $i]) !== $pad) { + $isValidPad = false; + break; + } + } + if ($isValidPad) { + return substr($decrypted_rand, 0, -$pad); + } + } + } + } + } + + // محاولة ثانية: IV ثابت $decrypted = openssl_decrypt($decoded, self::ALGO_CBC, $this->key, OPENSSL_RAW_DATA, $this->cbcIv); if ($decrypted === false) return false;