Update: 2026-05-04 18:05:37
This commit is contained in:
Hamza-Ayed
@@ -44,20 +44,38 @@ final class Encryption
|
|||||||
throw new \RuntimeException('ENCRYPTION_KEY is missing from .env');
|
throw new \RuntimeException('ENCRYPTION_KEY is missing from .env');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Handle common prefixing issues or trailing whitespace
|
||||||
|
$encryptedData = trim($encryptedData);
|
||||||
|
if (str_starts_with($encryptedData, '==')) {
|
||||||
|
$encryptedData = substr($encryptedData, 2);
|
||||||
|
}
|
||||||
|
|
||||||
$encryptionKey = hash('sha256', $key, true);
|
$encryptionKey = hash('sha256', $key, true);
|
||||||
$decoded = base64_decode($encryptedData);
|
$decoded = base64_decode($encryptedData, true);
|
||||||
|
|
||||||
if ($decoded === false) return false;
|
if ($decoded === false) {
|
||||||
|
error_log("ENCRYPTION ERROR: Invalid base64 data provided for decryption.");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
$ivLength = openssl_cipher_iv_length(self::CIPHER);
|
$ivLength = openssl_cipher_iv_length(self::CIPHER);
|
||||||
$tagLength = 16;
|
$tagLength = 16;
|
||||||
|
|
||||||
if (strlen($decoded) < $ivLength + $tagLength) return false;
|
if (strlen($decoded) < $ivLength + $tagLength) {
|
||||||
|
error_log("ENCRYPTION ERROR: Data too short for IV and TAG. Length: " . strlen($decoded));
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
$iv = substr($decoded, 0, $ivLength);
|
$iv = substr($decoded, 0, $ivLength);
|
||||||
$tag = substr($decoded, $ivLength, $tagLength);
|
$tag = substr($decoded, $ivLength, $tagLength);
|
||||||
$ciphertext = substr($decoded, $ivLength + $tagLength);
|
$ciphertext = substr($decoded, $ivLength + $tagLength);
|
||||||
|
|
||||||
return openssl_decrypt($ciphertext, self::CIPHER, $encryptionKey, OPENSSL_RAW_DATA, $iv, $tag);
|
$result = openssl_decrypt($ciphertext, self::CIPHER, $encryptionKey, OPENSSL_RAW_DATA, $iv, $tag);
|
||||||
|
|
||||||
|
if ($result === false) {
|
||||||
|
error_log("ENCRYPTION ERROR: openssl_decrypt failed. Key might be wrong or data corrupted.");
|
||||||
|
}
|
||||||
|
|
||||||
|
return $result;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -87,6 +87,9 @@ try {
|
|||||||
// 5. Build the secure file URL using the invoice ID (file.php fetches path from DB)
|
// 5. Build the secure file URL using the invoice ID (file.php fetches path from DB)
|
||||||
$invoice['file_url'] = '/index.php?route=v1/invoices/file&id=' . urlencode($id);
|
$invoice['file_url'] = '/index.php?route=v1/invoices/file&id=' . urlencode($id);
|
||||||
|
|
||||||
|
// 6. Include local QR code from invoices table if available
|
||||||
|
// (This is used as a fallback in shell.php if jofotara object is missing)
|
||||||
|
|
||||||
json_success($invoice);
|
json_success($invoice);
|
||||||
|
|
||||||
} catch (\Exception $e) {
|
} catch (\Exception $e) {
|
||||||
|
|||||||
1263
public/shell.php
1263
public/shell.php
File diff suppressed because it is too large
Load Diff
11
scratch/debug_decrypt.php
Normal file
11
scratch/debug_decrypt.php
Normal file
@@ -0,0 +1,11 @@
|
|||||||
|
<?php
|
||||||
|
require_once __DIR__ . '/app/bootstrap/init.php';
|
||||||
|
use App\Core\Encryption;
|
||||||
|
|
||||||
|
$testString = 'dr2LLF70iAqt8g34Dhr/eT1H9o1rSIq3Bb4NHA';
|
||||||
|
$decrypted = Encryption::decrypt($testString);
|
||||||
|
var_dump($decrypted);
|
||||||
|
|
||||||
|
$testString2 = '==dr2LLF70iAqt8g34Dhr/eT1H9o1rSIq3Bb4NHA';
|
||||||
|
$decrypted2 = Encryption::decrypt($testString2);
|
||||||
|
var_dump($decrypted2);
|
||||||
Reference in New Issue
Block a user