Hamza/Siro
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
28d30e3359a764702b6bf00afb76463a5b2dab8d
Siro/backend/encrypt_decrypt.php
Hamza-Ayed c0fe990ebe Update: 2026-06-16 02:52:06
2026-06-16 02:52:06 +03:00

125 lines
4.1 KiB
PHP
Raw Blame History

<?php
//encrypt_decrypt.php
// ⚠️ هذا الملف للتوافقية فقط. استخدم core/Security/EncryptionHelper.php للتشفير الجديد
require_once realpath(__DIR__ . '/../vendor/autoload.php');
require_once 'load_env.php';
$env_file = '/home/siro-api/env/.env';
loadEnvironment($env_file);
// ✅ FIX C-02: استخدام getenv بدلاً من file_get_contents الثابت
$keyPath = getenv('ENCRYPTION_KEY_PATH');
$key = '';
if ($keyPath && file_exists($keyPath)) {
$key = trim(file_get_contents($keyPath));
}
if (!$key) {
$key = getenv('ENC_KEY') ?: '';
}
$iv = getenv('initializationVector'); // 16 bytes
class EncryptionHelper {
private $key;
private $iv;
public function __construct($key, $iv) {
if (strlen($key) !== 32) {
throw new Exception("❌ المفتاح (Key) لازم يكون 32 بايت.");
}
if (strlen($iv) !== 16) {
throw new Exception("❌ الـ IV لازم يكون 16 بايت.");
}
$this->key = $key;
$this->iv = $iv;
}
// --------- النصوص ----------
private function addPadding($data, $blockSize = 16) {
$pad = $blockSize - (strlen($data) % $blockSize);
return $data . str_repeat(chr($pad), $pad);
}
private function removePadding($data) {
$pad = ord($data[strlen($data) - 1]);
return substr($data, 0, -$pad);
}
public function encryptData($plainText) {
$plainText = mb_convert_encoding($plainText, 'UTF-8');
$paddedText = $this->addPadding($plainText);
$encrypted = openssl_encrypt($paddedText, 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA, $this->iv);
return base64_encode($encrypted);
}
public function decryptData($encryptedText) {
$decoded = base64_decode($encryptedText, true);
if ($decoded === false) {
error_log("[ERROR] base64_decode failed for input: $encryptedText");
return false;
}
$decrypted = openssl_decrypt($decoded, 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA, $this->iv);
if ($decrypted === false) {
error_log("[ERROR] openssl_decrypt failed for input: $encryptedText");
return false;
}
// Verify padding is valid before removal
$pad = ord($decrypted[strlen($decrypted) - 1]);
if ($pad < 1 || $pad > 16) {
error_log("[ERROR] Invalid padding value ($pad) for decrypted input: $encryptedText");
return false;
}
return substr($decrypted, 0, -$pad);
}
public function decryptFile($encryptedFilePath, $destinationPath) {
if (!file_exists($encryptedFilePath)) {
throw new Exception("❌ الملف المشفر غير موجود: $encryptedFilePath");
}
$encryptedData = file_get_contents($encryptedFilePath);
$decryptedData = openssl_decrypt($encryptedData, 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA, $this->iv);
if ($decryptedData === false) {
error_log("[ERROR] openssl_decrypt failed for file: $encryptedFilePath");
throw new Exception("❌ فشل فك تشفير الملف: $encryptedFilePath");
}
file_put_contents($destinationPath, $decryptedData);
return true;
}
public function encryptBinary($data) {
$encrypted = openssl_encrypt($data, 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA, $this->iv);
return $encrypted;
}
public function decryptBinary($data) {
$decrypted = openssl_decrypt($data, 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA, $this->iv);
// CRIT-07 FIX: التحقق من فشل openssl_decrypt
if ($decrypted === false) {
error_log('[CRIT-07] openssl_decrypt failed in decryptBinary');
throw new Exception('Decryption failed');
}
return $decrypted;
}
}
// ✅ Load the key and IV from .env or use default values
// ✅ Ensure the lengths are correct
//echo "Key Length: " . $key . PHP_EOL;
//echo "IV Length: " . $iv . PHP_EOL;
try {
$encryptionHelper = new EncryptionHelper($key, $iv);
} catch (Exception $e) {
error_log("[encrypt_decrypt] Initialization error: " . $e->getMessage());
}
?>
Reference in New Issue View Git Blame Copy Permalink