Schrank · July 12, 2020 18:38
diff --git a/test.php b/test.php
 <?php

 spl_autoload_register(function ($className) {
    $path = explode('\\', $className);
    if (array_shift($path) == 'phpseclib') {
        return require 'magento/lib/' . str_replace('\\', DIRECTORY_SEPARATOR, $className) . '.php';
    }
 });

 use phpseclib\Crypt\Random;
 use phpseclib\Crypt\Rijndael;
 use phpseclib\Crypt\RSA;

 $message = str_repeat('abc', 1000);

 $encryptedDecryptedMessage = decryptMessage(encryptMessage($message));

 var_dump($encryptedDecryptedMessage);


 function encryptMessage($message)
 {
    $key = <<<KEY
 -----BEGIN RSA PUBLIC KEY-----
 MIIBCgKCAQEAuCW8CyWqeDXW6E93D+u5Tlq7Ys0mpLfQUbBdEivwPHKgWwYgb4OA
 6vTqYObb7OqXUDU/lznCSGvhD+CbQMxyC0603/LO2y7/cGBQHODBh8EKpzd2E0QU
 oO7Y9+JKcrsSwIqgULxRbMqcIfdXFaZSIjHU3OcOXgfb8DhWZi09FcJs8mjDQNHP
 P+6PwK/uFue3YYyN8SUUU2ot0oielMCsML4JY0Nrj0jZkLlkufZdxMF8zLF21AwP
 /sX8imSkaj4895EnqJ6cpEaTOgj2UlcFoypW5qu4Pe2F4QBEl4E2o8ltmqsn3Eph
 qzrEphd4FSt8f2CbSztLQ046asfCcRDoLQIDAQAB
 -----END RSA PUBLIC KEY-----
 KEY;

    $rsa = new RSA();
    $rij = new Rijndael();

    // Generate Random Symmetric Key
    $symKey = Random::string(150);
    $symKey
            = base64_decode('HMoA4IqCp0ux6tCRe4v49wgN0SS6cZss43IGd09GB2hLv1aDCw+4El5mUk0xGIuv6/Osvq356d6SmWrTYDTNSxm4KfC0JKYajfyUl/QEwYH/YwYGqRqKQIhT4LKlSyqESDnztGHkveAJV19e/oRf/5EIV/V6fChoaQIsnsqcfjjgZ0sI9m1ro+5MIYFdLakNAqQQivXe',
        true);
    // Encrypt Message with new Symmetric Key
    $rij->setKey($symKey);
    $ciphertext = $rij->encrypt($message);
    $ciphertext = base64_encode($ciphertext);

    // Encrypted the Symmetric Key with the Asymmetric Key
    $rsa->setEncryptionMode(RSA::ENCRYPTION_PKCS1);

    $rsa->loadKey($key);
    $symKey = $rsa->encrypt($symKey);

    // Base 64 encode the symmetric key for transport
    $symKey = base64_encode($symKey);
    $len    = strlen($symKey); // Get the length
    $len    = dechex($len); // The first 3 bytes of the message are the key length
    $len    = str_pad($len, 3, '0', STR_PAD_LEFT); // Zero pad to be sure.
    // Concatenate the length, the encrypted symmetric key, and the message
    return $len . $symKey . $ciphertext;
 }

 function decryptMessage($message)
 {
    $key = <<<KEY
 -----BEGIN RSA PRIVATE KEY-----
 MIIEpQIBAAKCAQEAuCW8CyWqeDXW6E93D+u5Tlq7Ys0mpLfQUbBdEivwPHKgWwYg
 b4OA6vTqYObb7OqXUDU/lznCSGvhD+CbQMxyC0603/LO2y7/cGBQHODBh8EKpzd2
 E0QUoO7Y9+JKcrsSwIqgULxRbMqcIfdXFaZSIjHU3OcOXgfb8DhWZi09FcJs8mjD
 QNHPP+6PwK/uFue3YYyN8SUUU2ot0oielMCsML4JY0Nrj0jZkLlkufZdxMF8zLF2
 1AwP/sX8imSkaj4895EnqJ6cpEaTOgj2UlcFoypW5qu4Pe2F4QBEl4E2o8ltmqsn
 3EphqzrEphd4FSt8f2CbSztLQ046asfCcRDoLQIDAQABAoIBAEUTop5r2q6NQ7iR
 VpBaVIDX+ELvwfc4HKUIC2GtqciDFzQN8Ezkf4+jn+gJsaYFug0UbG5F9GNGVH6o
 OpTsHDuxopf/dSkzUA7Pkj3C8dYCzAQ+AcToXPShpDIYaOTw1+/yEIE4ozK0Li1v
 ovM0GMtK9haHdhQ/znkmKQLbJXbrfKgz5J1v9IJ8+k1WmjUrLumFPvCEcBoBvaIV
 ygsBBS/Sum96lVvYC9SjtGJcE+RN3DP7yXeJdgjr564GTZO7PEtWjGe2kbsNkCd/
 vJQy2gRzFQ1nk8TnYr8x6vOQKCUUSelvucaIYXsOIuicpCV5FD3ePjx9VBIBFiG6
 KL/lzwECgYEA6g+IC6oKQgcZytwJAd5sZuk0BxVQk2IibgDQXpt5s/PRJVYRWH45
 TzTRrZRgN8MFWDTAG0RSKAuw0vrBlDOaPu/29xV/Es78gKbNt6cR158iOo7CQepN
 rw1ADHd7zMhHpj1/9izDu+BMITTJAxjWS29HitEhVzgZHZmZLMEATXUCgYEAyWh+
 yDyC4xXTuDTd04XRKRm//QKdmTNn/hepS4uH8lCA0bOBf4w23Uh/57wIYSZ0aTf5
 YbEEqDIKvijGWQB7q/zo1V9b654l4l8VNvbAaIEFbeUmrhhcXWGn9GxhbaKQCN3G
 xtJoqEGQcLjfBuqIvYczLgWve2xfQ5vHl6pqQNkCgYEA5x0+8IWOa3Qne6+ZFUdT
 MqrCvNvHHECiToxvM3vByHbP5VX++qpoXFWDVSpVd7oR5O7xYfssRG6Gw0znKDdr
 7wlziranKyNHIKGUL+vAKnDvk3KzTfLVkiw7OhQhIiwA052WZLX+79yiT4eXlH9J
 2mKe+etWSJET+65XGWHZsqECgYEAkNyAu8KSHYTYd9hGaFoKO3aS2Qallcgcluwr
 zvM3v3hZfvqOPM/7siLwJBvhJwcCmZ8x1ir8/4Cmq2kmaGNpkCVizf09XvWrp+rd
 ll/ZuhB6eDVmIbfRzzRrGelOFg3jbQ0eaGhz7/jgS8McXpwX58GzdPmP4sTqq/UC
 lLp0m9kCgYEAmhOvUdyfvSdTM+EQNpF/+nQxIIeoJ8fQICayKzfTt/JxoZagnQ2L
 ttN9LdCCHb6T79AHfi5n6Wjl4xvtYoQ3chpLFoy7fXuLgUtGxDiK7KQQMdCg9bb7
 3wj6lTv0HrUnekjMhrAwa/LUx0eahM8w8vRG9K4xUX5nX2bV0cbG8Cs=
 -----END RSA PRIVATE KEY-----
 KEY;

    $rsa = new RSA();
    $rij = new Rijndael();

    // Extract the Symmetric Key
    $len    = substr($message, 0, 3);
    $len    = hexdec($len);
    $symKey = substr($message, 3, $len);

    //Extract the encrypted message
    $message    = substr($message, $len + 3);
    $ciphertext = base64_decode($message);
    $ciphertext = str_replace(['\/', '\n'], ['/', ''], $ciphertext);
    // Decrypt the encrypted symmetric key
    $rsa->setEncryptionMode(RSA::ENCRYPTION_PKCS1);
    $rsa->loadKey($key);
    $symKey = base64_decode($symKey);
    $symKey = $rsa->decrypt($symKey);

    // Decrypt the message
    $rij->setKey($symKey);

    return $rij->decrypt($ciphertext);
 }
	<?php

	spl_autoload_register(function ($className) {
	$path = explode('\\', $className);
	if (array_shift($path) == 'phpseclib') {
	return require 'magento/lib/' . str_replace('\\', DIRECTORY_SEPARATOR, $className) . '.php';
	}
	});

	use phpseclib\Crypt\Random;
	use phpseclib\Crypt\Rijndael;
	use phpseclib\Crypt\RSA;

	$message = str_repeat('abc', 1000);

	$encryptedDecryptedMessage = decryptMessage(encryptMessage($message));

	var_dump($encryptedDecryptedMessage);


	function encryptMessage($message)
	{
	$key = <<<KEY
	-----BEGIN RSA PUBLIC KEY-----
	MIIBCgKCAQEAuCW8CyWqeDXW6E93D+u5Tlq7Ys0mpLfQUbBdEivwPHKgWwYgb4OA
	6vTqYObb7OqXUDU/lznCSGvhD+CbQMxyC0603/LO2y7/cGBQHODBh8EKpzd2E0QU
	oO7Y9+JKcrsSwIqgULxRbMqcIfdXFaZSIjHU3OcOXgfb8DhWZi09FcJs8mjDQNHP
	P+6PwK/uFue3YYyN8SUUU2ot0oielMCsML4JY0Nrj0jZkLlkufZdxMF8zLF21AwP
	/sX8imSkaj4895EnqJ6cpEaTOgj2UlcFoypW5qu4Pe2F4QBEl4E2o8ltmqsn3Eph
	qzrEphd4FSt8f2CbSztLQ046asfCcRDoLQIDAQAB
	-----END RSA PUBLIC KEY-----
	KEY;

	$rsa = new RSA();
	$rij = new Rijndael();

	// Generate Random Symmetric Key
	$symKey = Random::string(150);
	$symKey
	= base64_decode('HMoA4IqCp0ux6tCRe4v49wgN0SS6cZss43IGd09GB2hLv1aDCw+4El5mUk0xGIuv6/Osvq356d6SmWrTYDTNSxm4KfC0JKYajfyUl/QEwYH/YwYGqRqKQIhT4LKlSyqESDnztGHkveAJV19e/oRf/5EIV/V6fChoaQIsnsqcfjjgZ0sI9m1ro+5MIYFdLakNAqQQivXe',
	true);
	// Encrypt Message with new Symmetric Key
	$rij->setKey($symKey);
	$ciphertext = $rij->encrypt($message);
	$ciphertext = base64_encode($ciphertext);

	// Encrypted the Symmetric Key with the Asymmetric Key
	$rsa->setEncryptionMode(RSA::ENCRYPTION_PKCS1);

	$rsa->loadKey($key);
	$symKey = $rsa->encrypt($symKey);

	// Base 64 encode the symmetric key for transport
	$symKey = base64_encode($symKey);
	$len = strlen($symKey); // Get the length
	$len = dechex($len); // The first 3 bytes of the message are the key length
	$len = str_pad($len, 3, '0', STR_PAD_LEFT); // Zero pad to be sure.
	// Concatenate the length, the encrypted symmetric key, and the message
	return $len . $symKey . $ciphertext;
	}

	function decryptMessage($message)
	{
	$key = <<<KEY
	-----BEGIN RSA PRIVATE KEY-----
	MIIEpQIBAAKCAQEAuCW8CyWqeDXW6E93D+u5Tlq7Ys0mpLfQUbBdEivwPHKgWwYg
	b4OA6vTqYObb7OqXUDU/lznCSGvhD+CbQMxyC0603/LO2y7/cGBQHODBh8EKpzd2
	E0QUoO7Y9+JKcrsSwIqgULxRbMqcIfdXFaZSIjHU3OcOXgfb8DhWZi09FcJs8mjD
	QNHPP+6PwK/uFue3YYyN8SUUU2ot0oielMCsML4JY0Nrj0jZkLlkufZdxMF8zLF2
	1AwP/sX8imSkaj4895EnqJ6cpEaTOgj2UlcFoypW5qu4Pe2F4QBEl4E2o8ltmqsn
	3EphqzrEphd4FSt8f2CbSztLQ046asfCcRDoLQIDAQABAoIBAEUTop5r2q6NQ7iR
	VpBaVIDX+ELvwfc4HKUIC2GtqciDFzQN8Ezkf4+jn+gJsaYFug0UbG5F9GNGVH6o
	OpTsHDuxopf/dSkzUA7Pkj3C8dYCzAQ+AcToXPShpDIYaOTw1+/yEIE4ozK0Li1v
	ovM0GMtK9haHdhQ/znkmKQLbJXbrfKgz5J1v9IJ8+k1WmjUrLumFPvCEcBoBvaIV
	ygsBBS/Sum96lVvYC9SjtGJcE+RN3DP7yXeJdgjr564GTZO7PEtWjGe2kbsNkCd/
	vJQy2gRzFQ1nk8TnYr8x6vOQKCUUSelvucaIYXsOIuicpCV5FD3ePjx9VBIBFiG6
	KL/lzwECgYEA6g+IC6oKQgcZytwJAd5sZuk0BxVQk2IibgDQXpt5s/PRJVYRWH45
	TzTRrZRgN8MFWDTAG0RSKAuw0vrBlDOaPu/29xV/Es78gKbNt6cR158iOo7CQepN
	rw1ADHd7zMhHpj1/9izDu+BMITTJAxjWS29HitEhVzgZHZmZLMEATXUCgYEAyWh+
	yDyC4xXTuDTd04XRKRm//QKdmTNn/hepS4uH8lCA0bOBf4w23Uh/57wIYSZ0aTf5
	YbEEqDIKvijGWQB7q/zo1V9b654l4l8VNvbAaIEFbeUmrhhcXWGn9GxhbaKQCN3G
	xtJoqEGQcLjfBuqIvYczLgWve2xfQ5vHl6pqQNkCgYEA5x0+8IWOa3Qne6+ZFUdT
	MqrCvNvHHECiToxvM3vByHbP5VX++qpoXFWDVSpVd7oR5O7xYfssRG6Gw0znKDdr
	7wlziranKyNHIKGUL+vAKnDvk3KzTfLVkiw7OhQhIiwA052WZLX+79yiT4eXlH9J
	2mKe+etWSJET+65XGWHZsqECgYEAkNyAu8KSHYTYd9hGaFoKO3aS2Qallcgcluwr
	zvM3v3hZfvqOPM/7siLwJBvhJwcCmZ8x1ir8/4Cmq2kmaGNpkCVizf09XvWrp+rd
	ll/ZuhB6eDVmIbfRzzRrGelOFg3jbQ0eaGhz7/jgS8McXpwX58GzdPmP4sTqq/UC
	lLp0m9kCgYEAmhOvUdyfvSdTM+EQNpF/+nQxIIeoJ8fQICayKzfTt/JxoZagnQ2L
	ttN9LdCCHb6T79AHfi5n6Wjl4xvtYoQ3chpLFoy7fXuLgUtGxDiK7KQQMdCg9bb7
	3wj6lTv0HrUnekjMhrAwa/LUx0eahM8w8vRG9K4xUX5nX2bV0cbG8Cs=
	-----END RSA PRIVATE KEY-----
	KEY;

	$rsa = new RSA();
	$rij = new Rijndael();

	// Extract the Symmetric Key
	$len = substr($message, 0, 3);
	$len = hexdec($len);
	$symKey = substr($message, 3, $len);

	//Extract the encrypted message
	$message = substr($message, $len + 3);
	$ciphertext = base64_decode($message);
	$ciphertext = str_replace(['\/', '\n'], ['/', ''], $ciphertext);
	// Decrypt the encrypted symmetric key
	$rsa->setEncryptionMode(RSA::ENCRYPTION_PKCS1);
	$rsa->loadKey($key);
	$symKey = base64_decode($symKey);
	$symKey = $rsa->decrypt($symKey);

	// Decrypt the message
	$rij->setKey($symKey);

	return $rij->decrypt($ciphertext);
	}