-
-
Save robertogallea/910cafa37c8a20a1310e333a61d7e8d3 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| protected function hash($iv, $value) | |
| { | |
| return hash_hmac('sha256', $iv.$value, $this->key); | |
| } | |
| ``` | |
| i.e. the SHA256 hashing of the concatenation of IV and value, using the provided encryption key. | |
| 4. An array containing `iv`, `value` and `mac` is generated and converted to json (line `16`) | |
| 5. The json is encoded in base64 and finally returned (line `22`) | |
| ### How decryption works - in depth | |
| To understand how clear data is recovered, let's give a closer look to the `decrypt()` method: | |
| ``` | |
| public function decrypt($payload, $unserialize = true) | |
| { | |
| $payload = $this->getJsonPayload($payload); | |
| $iv = base64_decode($payload['iv']); | |
| // Here we will decrypt the value. If we are able to successfully decrypt it | |
| // we will then unserialize it and return it out to the caller. If we are | |
| // unable to decrypt this value we will throw out an exception message. | |
| $decrypted = \openssl_decrypt( | |
| $payload['value'], $this->cipher, $this->key, 0, $iv | |
| ); | |
| if ($decrypted === false) { | |
| throw new DecryptException('Could not decrypt the data.'); | |
| } | |
| return $unserialize ? unserialize($decrypted) : $decrypted; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment