bUxEE · October 12, 2018 13:49
diff --git a/encrypt-decrypt.php b/encrypt-decrypt.php
 function cookie_decrypt_tool() {
    $encrypted_payload = urldecode($_POST["content"]);
    $encrypted_payload = substr( $encrypted_payload, 0, 3 ) === "%0A" ? substr($encrypted_payload, 3) : $encrypted_payload;
    if (in_array("aes-128-cbc", openssl_get_cipher_methods())) {          
        $c = base64_decode($encrypted_payload);
        $ivlen = openssl_cipher_iv_length('aes-128-cbc');
        $iv = substr($c, 0, $ivlen);
        $hmac = substr($c, $ivlen, $sha2len=32);
        $ciphertext_raw = substr($c, $ivlen+$sha2len);
        $original_plaintext = openssl_decrypt($ciphertext_raw, 'aes-128-cbc', KEY_CRIPTAZIONE_COOKIE_CUSTOMER_JOURNEY, $options=OPENSSL_RAW_DATA, $iv);
        $calcmac = hash_hmac('sha256', $ciphertext_raw, KEY_CRIPTAZIONE_COOKIE_CUSTOMER_JOURNEY, $as_binary=true);
        if (hash_equals($hmac, $calcmac)) {
            echo $original_plaintext;
            die();
        } else {
            error_log("Errore di decriptazione del cookie MAC non verificato.");
            echo "Errore";
            die();
        }
    } else {
        echo "Metodo di decriptazione del cookie non valido.";
        die();
    }
 }


 function cookie_encrypt_tool() {
    $payload = $_POST["content"];
    if (in_array("aes-128-cbc", openssl_get_cipher_methods())) {            
        $ivlen = openssl_cipher_iv_length('aes-128-cbc');
        $iv = openssl_random_pseudo_bytes($ivlen);
        $ciphertext_raw = openssl_encrypt($payload, 'aes-128-cbc', KEY_CRIPTAZIONE_COOKIE_CUSTOMER_JOURNEY, $options=OPENSSL_RAW_DATA, $iv);
        $hmac = hash_hmac('sha256', $ciphertext_raw, KEY_CRIPTAZIONE_COOKIE_CUSTOMER_JOURNEY, $as_binary=true);
        $ciphertext = base64_encode( $iv.$hmac.$ciphertext_raw );
        echo $ciphertext;
        die();
    } else {
       echo "Metodo di criptazione non valido.";
       die();
    }
 }
	function cookie_decrypt_tool() {
	$encrypted_payload = urldecode($_POST["content"]);
	$encrypted_payload = substr( $encrypted_payload, 0, 3 ) === "%0A" ? substr($encrypted_payload, 3) : $encrypted_payload;
	if (in_array("aes-128-cbc", openssl_get_cipher_methods())) {
	$c = base64_decode($encrypted_payload);
	$ivlen = openssl_cipher_iv_length('aes-128-cbc');
	$iv = substr($c, 0, $ivlen);
	$hmac = substr($c, $ivlen, $sha2len=32);
	$ciphertext_raw = substr($c, $ivlen+$sha2len);
	$original_plaintext = openssl_decrypt($ciphertext_raw, 'aes-128-cbc', KEY_CRIPTAZIONE_COOKIE_CUSTOMER_JOURNEY, $options=OPENSSL_RAW_DATA, $iv);
	$calcmac = hash_hmac('sha256', $ciphertext_raw, KEY_CRIPTAZIONE_COOKIE_CUSTOMER_JOURNEY, $as_binary=true);
	if (hash_equals($hmac, $calcmac)) {
	echo $original_plaintext;
	die();
	} else {
	error_log("Errore di decriptazione del cookie MAC non verificato.");
	echo "Errore";
	die();
	}
	} else {
	echo "Metodo di decriptazione del cookie non valido.";
	die();
	}
	}


	function cookie_encrypt_tool() {
	$payload = $_POST["content"];
	if (in_array("aes-128-cbc", openssl_get_cipher_methods())) {
	$ivlen = openssl_cipher_iv_length('aes-128-cbc');
	$iv = openssl_random_pseudo_bytes($ivlen);
	$ciphertext_raw = openssl_encrypt($payload, 'aes-128-cbc', KEY_CRIPTAZIONE_COOKIE_CUSTOMER_JOURNEY, $options=OPENSSL_RAW_DATA, $iv);
	$hmac = hash_hmac('sha256', $ciphertext_raw, KEY_CRIPTAZIONE_COOKIE_CUSTOMER_JOURNEY, $as_binary=true);
	$ciphertext = base64_encode( $iv.$hmac.$ciphertext_raw );
	echo $ciphertext;
	die();
	} else {
	echo "Metodo di criptazione non valido.";
	die();
	}
	}