diff --git a/src/Controller/EncryptionController.php b/src/Controller/EncryptionController.php index 404d65f..5451cbc 100644 --- a/src/Controller/EncryptionController.php +++ b/src/Controller/EncryptionController.php @@ -15,19 +15,21 @@ class EncryptionController * @param string $message - message to encrypt * @param string $key - encryption key * @return string - * @throws SodiumException - * @throws Exception */ function safeEncrypt(string $message, string $key): string { - $binKey = sodium_hex2bin(string: $key); - $nonce = random_bytes(length: SODIUM_CRYPTO_SECRETBOX_NONCEBYTES); + try { + $binKey = sodium_hex2bin(string: $key); + $nonce = random_bytes(length: SODIUM_CRYPTO_SECRETBOX_NONCEBYTES); - $cipher = base64_encode(string: $nonce . sodium_crypto_secretbox(message: $message, nonce: $nonce, key: $binKey)); - sodium_memzero(string: $message); - sodium_memzero(string: $key); - sodium_memzero(string: $binKey); - return $cipher; + $cipher = base64_encode(string: $nonce . sodium_crypto_secretbox(message: $message, nonce: $nonce, key: $binKey)); + sodium_memzero(string: $message); + sodium_memzero(string: $key); + sodium_memzero(string: $binKey); + return $cipher; + } catch (Exception|SodiumException $e) { + die($e->getMessage() . PHP_EOL); + } } /** @@ -36,32 +38,34 @@ class EncryptionController * @param string $encrypted - message encrypted with safeEncrypt() * @param string $key - encryption key * @return string - * @throws SodiumException - * @throws Exception */ function safeDecrypt(string $encrypted, string $key): string { - $binKey = sodium_hex2bin(string: $key); + try { + $binKey = sodium_hex2bin(string: $key); - $decoded = base64_decode(string: $encrypted); - if ($decoded === false) { - throw new Exception(message: 'Decoding broken. Wrong payload.'); + $decoded = base64_decode(string: $encrypted); + if ($decoded === false) { + throw new Exception(message: 'Decoding broken. Wrong payload.'); + } + + if (mb_strlen(string: $decoded, encoding: '8bit') < (SODIUM_CRYPTO_SECRETBOX_NONCEBYTES + SODIUM_CRYPTO_SECRETBOX_MACBYTES)) { + throw new Exception(message: 'Decoding broken. Incomplete message.'); + } + + $nonce = mb_substr(string: $decoded, start: 0, length: SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, encoding: '8bit'); + $ciphertext = mb_substr(string: $decoded, start: SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, length: null, encoding: '8bit'); + + $plain = sodium_crypto_secretbox_open(ciphertext: $ciphertext, nonce: $nonce, key: $binKey); + if ($plain === false) { + throw new Exception(message: ' Incorrect key.'); + } + sodium_memzero(string: $ciphertext); + sodium_memzero(string: $key); + return $plain; + } catch(Exception|SodiumException $e) { + die($e->getMessage()); } - - if (mb_strlen(string: $decoded, encoding: '8bit') < (SODIUM_CRYPTO_SECRETBOX_NONCEBYTES + SODIUM_CRYPTO_SECRETBOX_MACBYTES)) { - throw new Exception(message: 'Decoding broken. Incomplete message.'); - } - - $nonce = mb_substr(string: $decoded, start: 0, length: SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, encoding: '8bit'); - $ciphertext = mb_substr(string: $decoded, start: SODIUM_CRYPTO_SECRETBOX_NONCEBYTES, length: null, encoding: '8bit'); - - $plain = sodium_crypto_secretbox_open(ciphertext: $ciphertext, nonce: $nonce, key: $binKey); - if ($plain === false) { - throw new Exception(message: ' Incorrect key.'); - } - sodium_memzero(string: $ciphertext); - sodium_memzero(string: $key); - return $plain; } } \ No newline at end of file