src/Wallabag/CoreBundle/Helper/CryptoProxy.php

   1 <?php
   2
   3 namespace Wallabag\CoreBundle\Helper;
   4
   5 use Defuse\Crypto\Crypto;
   6 use Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException;
   7 use Defuse\Crypto\Key;
   8 use Psr\Log\LoggerInterface;
   9
  10 /**
  11  * This is a proxy to crypt and decrypt password used by SiteCredential entity.
  12  * BTW, It might be re-use for sth else.
  13  */
  14 class CryptoProxy
  15 {
  16     private $logger;
  17     private $encryptionKey;
  18
  19     public function __construct($encryptionKeyPath, LoggerInterface $logger)
  20     {
  21         $this->logger = $logger;
  22
  23         if (!file_exists($encryptionKeyPath)) {
  24             $key = Key::createNewRandomKey();
  25
  26             file_put_contents($encryptionKeyPath, $key->saveToAsciiSafeString());
  27             chmod($encryptionKeyPath, 0600);
  28         }
  29
  30         $this->encryptionKey = file_get_contents($encryptionKeyPath);
  31     }
  32
  33     /**
  34      * Ensure the given value will be crypted.
  35      *
  36      * @param string $secretValue Secret valye to crypt
  37      *
  38      * @return string
  39      */
  40     public function crypt($secretValue)
  41     {
  42         $this->logger->debug('Crypto: crypting value: ' . $this->mask($secretValue));
  43
  44         return Crypto::encrypt($secretValue, $this->loadKey());
  45     }
  46
  47     /**
  48      * Ensure the given crypted value will be decrypted.
  49      *
  50      * @param string $cryptedValue The value to be decrypted
  51      *
  52      * @return string
  53      */
  54     public function decrypt($cryptedValue)
  55     {
  56         $this->logger->debug('Crypto: decrypting value: ' . $this->mask($cryptedValue));
  57
  58         try {
  59             return Crypto::decrypt($cryptedValue, $this->loadKey());
  60         } catch (WrongKeyOrModifiedCiphertextException $e) {
  61             throw new \RuntimeException('Decrypt fail: ' . $e->getMessage());
  62         }
  63     }
  64
  65     /**
  66      * Load the private key.
  67      *
  68      * @return Key
  69      */
  70     private function loadKey()
  71     {
  72         return Key::loadFromAsciiSafeString($this->encryptionKey);
  73     }
  74
  75     /**
  76      * Keep first and last character and put some stars in between.
  77      *
  78      * @param string $value Value to mask
  79      *
  80      * @return string
  81      */
  82     private function mask($value)
  83     {
  84         return strlen($value) > 0 ? $value[0] . '*****' . $value[strlen($value) - 1] : 'Empty value';
  85     }
  86 }