[github/wallabag/wallabag.git] / src / Wallabag / CoreBundle / Helper / CryptoProxy.php

<?php

namespace Wallabag\CoreBundle\Helper;

use Defuse\Crypto\Crypto;
use Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException;
use Defuse\Crypto\Key;
use Psr\Log\LoggerInterface;

/**
 * This is a proxy to crypt and decrypt password used by SiteCredential entity.
 * BTW, It might be re-use for sth else.
 */
class CryptoProxy
{
    private $logger;
    private $encryptionKey;

    public function __construct($encryptionKeyPath, LoggerInterface $logger)
    {
        $this->logger = $logger;

        if (!file_exists($encryptionKeyPath)) {
            $key = Key::createNewRandomKey();

            file_put_contents($encryptionKeyPath, $key->saveToAsciiSafeString());
            chmod($encryptionKeyPath, 0600);
        }

        $this->encryptionKey = file_get_contents($encryptionKeyPath);
    }

    /**
     * Ensure the given value will be crypted.
     *
     * @param string $secretValue Secret valye to crypt
     *
     * @return string
     */
    public function crypt($secretValue)
    {
        $this->logger->debug('Crypto: crypting value: ' . $this->mask($secretValue));

        return Crypto::encrypt($secretValue, $this->loadKey());
    }

    /**
     * Ensure the given crypted value will be decrypted.
     *
     * @param string $cryptedValue The value to be decrypted
     *
     * @return string
     */
    public function decrypt($cryptedValue)
    {
        $this->logger->debug('Crypto: decrypting value: ' . $this->mask($cryptedValue));

        try {
            return Crypto::decrypt($cryptedValue, $this->loadKey());
        } catch (WrongKeyOrModifiedCiphertextException $e) {
            throw new \RuntimeException('Decrypt fail: ' . $e->getMessage());
        }
    }

    /**
     * Load the private key.
     *
     * @return Key
     */
    private function loadKey()
    {
        return Key::loadFromAsciiSafeString($this->encryptionKey);
    }

    /**
     * Keep first and last character and put some stars in between.
     *
     * @param string $value Value to mask
     *
     * @return string
     */
    private function mask($value)
    {
        return \strlen($value) > 0 ? $value[0] . '*****' . $value[\strlen($value) - 1] : 'Empty value';
    }
}
Commit	Line	Data
	1	<?php
	2
	3	namespace Wallabag\CoreBundle\Helper;
	4
	5	use Defuse\Crypto\Crypto;
	6	use Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException;
	7	use Defuse\Crypto\Key;
	8	use Psr\Log\LoggerInterface;
	9
	10	/**
	11	* This is a proxy to crypt and decrypt password used by SiteCredential entity.
	12	* BTW, It might be re-use for sth else.
	13	*/
	14	class CryptoProxy
	15	{
	16	private $logger;
	17	private $encryptionKey;
	18
	19	public function __construct($encryptionKeyPath, LoggerInterface $logger)
	20	{
	21	$this->logger = $logger;
	22
	23	if (!file_exists($encryptionKeyPath)) {
	24	$key = Key::createNewRandomKey();
	25
	26	file_put_contents($encryptionKeyPath, $key->saveToAsciiSafeString());
	27	chmod($encryptionKeyPath, 0600);
	28	}
	29
	30	$this->encryptionKey = file_get_contents($encryptionKeyPath);
	31	}
	32
	33	/**
	34	* Ensure the given value will be crypted.
	35	*
	36	* @param string $secretValue Secret valye to crypt
	37	*
	38	* @return string
	39	*/
	40	public function crypt($secretValue)
	41	{
	42	$this->logger->debug('Crypto: crypting value: ' . $this->mask($secretValue));
	43
	44	return Crypto::encrypt($secretValue, $this->loadKey());
	45	}
	46
	47	/**
	48	* Ensure the given crypted value will be decrypted.
	49	*
	50	* @param string $cryptedValue The value to be decrypted
	51	*
	52	* @return string
	53	*/
	54	public function decrypt($cryptedValue)
	55	{
	56	$this->logger->debug('Crypto: decrypting value: ' . $this->mask($cryptedValue));
	57
	58	try {
	59	return Crypto::decrypt($cryptedValue, $this->loadKey());
	60	} catch (WrongKeyOrModifiedCiphertextException $e) {
	61	throw new \RuntimeException('Decrypt fail: ' . $e->getMessage());
	62	}
	63	}
	64
	65	/**
	66	* Load the private key.
	67	*
	68	* @return Key
	69	*/
	70	private function loadKey()
	71	{
	72	return Key::loadFromAsciiSafeString($this->encryptionKey);
	73	}
	74
	75	/**
	76	* Keep first and last character and put some stars in between.
	77	*
	78	* @param string $value Value to mask
	79	*
	80	* @return string
	81	*/
	82	private function mask($value)
	83	{
	84	return \strlen($value) > 0 ? $value[0] . '*****' . $value[\strlen($value) - 1] : 'Empty value';
	85	}
	86	}