Restore legacy decrypt fallback for prepended random IV in EncryptionHelper
This commit is contained in:
@@ -53,6 +53,32 @@ class EncryptionHelper
|
|||||||
$decoded = base64_decode($cipherText, true);
|
$decoded = base64_decode($cipherText, true);
|
||||||
if ($decoded === false) return false;
|
if ($decoded === false) return false;
|
||||||
|
|
||||||
|
// محاولة أولى: استخراج IV عشوائي من أول 16 بايت (كما كان في encrypt_decrypt.php)
|
||||||
|
if (strlen($decoded) >= 16) {
|
||||||
|
$iv = substr($decoded, 0, 16);
|
||||||
|
$payload = substr($decoded, 16);
|
||||||
|
if (strlen($payload) > 0) {
|
||||||
|
$decrypted_rand = openssl_decrypt($payload, self::ALGO_CBC, $this->key, OPENSSL_RAW_DATA, $iv);
|
||||||
|
if ($decrypted_rand !== false) {
|
||||||
|
$pad = ord($decrypted_rand[strlen($decrypted_rand) - 1]);
|
||||||
|
if ($pad >= 1 && $pad <= 16) {
|
||||||
|
// Check if padding is valid
|
||||||
|
$isValidPad = true;
|
||||||
|
for ($i = 1; $i <= $pad; $i++) {
|
||||||
|
if (ord($decrypted_rand[strlen($decrypted_rand) - $i]) !== $pad) {
|
||||||
|
$isValidPad = false;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if ($isValidPad) {
|
||||||
|
return substr($decrypted_rand, 0, -$pad);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// محاولة ثانية: IV ثابت
|
||||||
$decrypted = openssl_decrypt($decoded, self::ALGO_CBC, $this->key, OPENSSL_RAW_DATA, $this->cbcIv);
|
$decrypted = openssl_decrypt($decoded, self::ALGO_CBC, $this->key, OPENSSL_RAW_DATA, $this->cbcIv);
|
||||||
if ($decrypted === false) return false;
|
if ($decrypted === false) return false;
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user