Update: 2026-05-04 18:05:37

2026-05-04 18:05:37 +03:00
parent 2d25bee2a6
commit 691305340a
4 changed files with 451 additions and 852 deletions
--- a/app/core/Encryption.php
+++ b/app/core/Encryption.php
@@ -44,20 +44,38 @@ final class Encryption
            throw new \RuntimeException('ENCRYPTION_KEY is missing from .env');
        }

+        // Handle common prefixing issues or trailing whitespace
+        $encryptedData = trim($encryptedData);
+        if (str_starts_with($encryptedData, '==')) {
+            $encryptedData = substr($encryptedData, 2);
+        }
+
        $encryptionKey = hash('sha256', $key, true);
-        $decoded = base64_decode($encryptedData);
+        $decoded = base64_decode($encryptedData, true);
        
-        if ($decoded === false) return false;
+        if ($decoded === false) {
+            error_log("ENCRYPTION ERROR: Invalid base64 data provided for decryption.");
+            return false;
+        }

        $ivLength = openssl_cipher_iv_length(self::CIPHER);
        $tagLength = 16;

-        if (strlen($decoded) < $ivLength + $tagLength) return false;
+        if (strlen($decoded) < $ivLength + $tagLength) {
+            error_log("ENCRYPTION ERROR: Data too short for IV and TAG. Length: " . strlen($decoded));
+            return false;
+        }

        $iv = substr($decoded, 0, $ivLength);
        $tag = substr($decoded, $ivLength, $tagLength);
        $ciphertext = substr($decoded, $ivLength + $tagLength);

-        return openssl_decrypt($ciphertext, self::CIPHER, $encryptionKey, OPENSSL_RAW_DATA, $iv, $tag);
+        $result = openssl_decrypt($ciphertext, self::CIPHER, $encryptionKey, OPENSSL_RAW_DATA, $iv, $tag);
+        
+        if ($result === false) {
+            error_log("ENCRYPTION ERROR: openssl_decrypt failed. Key might be wrong or data corrupted.");
+        }
+
+        return $result;
    }
 }
--- a/app/modules_app/invoices/view.php
+++ b/app/modules_app/invoices/view.php
@@ -87,6 +87,9 @@ try {
    // 5. Build the secure file URL using the invoice ID (file.php fetches path from DB)
    $invoice['file_url'] = '/index.php?route=v1/invoices/file&id=' . urlencode($id);

+    // 6. Include local QR code from invoices table if available
+    // (This is used as a fallback in shell.php if jofotara object is missing)
+    
    json_success($invoice);

 } catch (\Exception $e) {
--- a/public/shell.php
+++ b/public/shell.php
--- a/scratch/debug_decrypt.php
+++ b/scratch/debug_decrypt.php
@@ -0,0 +1,11 @@
+<?php
+require_once __DIR__ . '/app/bootstrap/init.php';
+use App\Core\Encryption;
+
+$testString = 'dr2LLF70iAqt8g34Dhr/eT1H9o1rSIq3Bb4NHA';
+$decrypted = Encryption::decrypt($testString);
+var_dump($decrypted);
+
+$testString2 = '==dr2LLF70iAqt8g34Dhr/eT1H9o1rSIq3Bb4NHA';
+$decrypted2 = Encryption::decrypt($testString2);
+var_dump($decrypted2);