webcron/src/Service/Secret.php

<?php


namespace App\Service;

class Secret
{
    static function encrypt($plaintext) {
        $password = $_ENV['APP_SECRET'];
        $method = $_ENV['ENCRYPTION_METHOD'];
        $key = hash($_ENV['HASHING_METHOD'], $password, true);
        $iv = openssl_random_pseudo_bytes(16);

        $ciphertext = openssl_encrypt($plaintext, $method, $key, OPENSSL_RAW_DATA, $iv);
        $hash = hash_hmac($_ENV['HASHING_METHOD'], $ciphertext . $iv, $key, true);

        return $iv . $hash . $ciphertext;
    }

    static function decrypt($ivHashCiphertext) {
        $password = $_ENV['APP_SECRET'];
        $method = $_ENV['ENCRYPTION_METHOD'];
        $iv = substr($ivHashCiphertext, 0, 16);
        $hash = substr($ivHashCiphertext, 16, 32);
        $ciphertext = substr($ivHashCiphertext, 48);
        $key = hash($_ENV['HASHING_METHOD'], $password, true);

        if (!hash_equals(hash_hmac($_ENV['HASHING_METHOD'], $ciphertext . $iv, $key, true), $hash)) return null;

        return openssl_decrypt($ciphertext, $method, $key, OPENSSL_RAW_DATA, $iv);
    }
}
Added input fields for secrets 2021-04-13 14:44:58 +02:00			`<?php`


ENHANCEMENT: using symfony framework 2022-04-27 14:24:48 +02:00			`namespace App\Service;`
Added input fields for secrets 2021-04-13 14:44:58 +02:00
			`class Secret`
			`{`
			`static function encrypt($plaintext) {`
ENHANCEMENT: using symfony framework 2022-04-27 14:24:48 +02:00			`$password = $_ENV['APP_SECRET'];`
Added input fields for secrets 2021-04-13 14:44:58 +02:00			`$method = $_ENV['ENCRYPTION_METHOD'];`
			`$key = hash($_ENV['HASHING_METHOD'], $password, true);`
			`$iv = openssl_random_pseudo_bytes(16);`

			`$ciphertext = openssl_encrypt($plaintext, $method, $key, OPENSSL_RAW_DATA, $iv);`
using variable instead of hardcoded hashing method 2021-05-20 12:22:47 +02:00			`$hash = hash_hmac($_ENV['HASHING_METHOD'], $ciphertext . $iv, $key, true);`
Added input fields for secrets 2021-04-13 14:44:58 +02:00
			`return $iv . $hash . $ciphertext;`
			`}`

			`static function decrypt($ivHashCiphertext) {`
ENHANCEMENT: using symfony framework 2022-04-27 14:24:48 +02:00			`$password = $_ENV['APP_SECRET'];`
Added input fields for secrets 2021-04-13 14:44:58 +02:00			`$method = $_ENV['ENCRYPTION_METHOD'];`
			`$iv = substr($ivHashCiphertext, 0, 16);`
			`$hash = substr($ivHashCiphertext, 16, 32);`
			`$ciphertext = substr($ivHashCiphertext, 48);`
			`$key = hash($_ENV['HASHING_METHOD'], $password, true);`

			`if (!hash_equals(hash_hmac($_ENV['HASHING_METHOD'], $ciphertext . $iv, $key, true), $hash)) return null;`

			`return openssl_decrypt($ciphertext, $method, $key, OPENSSL_RAW_DATA, $iv);`
			`}`
			`}`