-
Notifications
You must be signed in to change notification settings - Fork 0
/
jcryption.php
76 lines (65 loc) · 2.38 KB
/
jcryption.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
<?php
// Start the session so we can use sessions
session_start();
$descriptorspec = array(
0 => array("pipe", "r"), // stdin is a pipe that the child will read from
1 => array("pipe", "w") // stdout is a pipe that the child will write to
);
// if the GET parameter "generateKeypair" is set
if(isset($_GET["getPublicKey"])) {
$arrOutput = array(
"publickey" => file_get_contents('rsa_1024_pub.pem')
);
// Convert the response to JSON, and send it to the client
echo json_encode($arrOutput);
// else if the GET parameter "decrypttest" is set
} elseif (isset($_GET["handshake"])) {
// Decrypt the client's request
$cmd = sprintf("openssl rsautl -decrypt -inkey rsa_1024_priv.pem");
$process = proc_open($cmd, $descriptorspec, $pipes);
if (is_resource($process)) {
fwrite($pipes[0], base64_decode($_POST['key']));
fclose($pipes[0]);
$key = stream_get_contents($pipes[1]);
fclose($pipes[1]);
proc_close($process);
}
// Save the AES key into the session
$_SESSION["key"] = $key;
// JSON encode the challenge
$cmd = sprintf("openssl enc -aes-256-cbc -pass pass:" . escapeshellarg($key) . " -a -e");
$process = proc_open($cmd, $descriptorspec, $pipes);
if (is_resource($process)) {
fwrite($pipes[0], $key);
fclose($pipes[0]);
// we have to trim all newlines and whitespaces by ourself
$challenge = trim(str_replace("\n", "", stream_get_contents($pipes[1])));
fclose($pipes[1]);
proc_close($process);
}
echo json_encode(array("challenge" => $challenge));
// echo json_encode(array("challenge" => AesCtr::encrypt($key, $key, 256)));
} elseif (isset($_GET["decrypttest"])) {
// set timezone just in case
date_default_timezone_set('UTC');
// Get some test data to encrypt, this is an ISO 8601 timestamp
$toEncrypt = date("c");
// get the key from the session
$key = $_SESSION["key"];
$cmd = sprintf("openssl enc -aes-256-cbc -pass pass:" . escapeshellarg($key) . " -a -e");
$process = proc_open($cmd, $descriptorspec, $pipes);
if (is_resource($process)) {
fwrite($pipes[0], $toEncrypt);
fclose($pipes[0]);
$encrypted = stream_get_contents($pipes[1]);
fclose($pipes[1]);
proc_close($process);
}
echo json_encode(
array(
"encrypted" => $encrypted,
"unencrypted" => $toEncrypt
)
);
// else if the GET parameter "handshake" is set
}