Post by straightlight » Tue Aug 28, 2018 6:22 pm

Or … simply use this solution for the Encryption class: viewtopic.php?f=198&t=204707&p=725370#p725077

The most generated errors being found on Opencart forum originates from contributed programming. The increased counters are caused by posted redundancies of the same solutions that were already provided prior.

F. Rules:

- viewtopic.php?f=176&t=200480
- viewtopic.php?f=176&t=200804


Regards,
Straightlight


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by billynoah » Tue Oct 16, 2018 10:34 am

schiggi wrote:
Wed Jul 11, 2018 12:44 am
If I replace the old 2.3 library with your suggestion, will I run into problems with old orders, api or anything?
Sorry just saw this - yes it should work. I've since changed one line of code - the new version checks iv length in case encrypted string is invalid:

Code: Select all

final class Encryption {
	
	private $cipher = 'aes-256-ctr';
	private $digest = 'sha256';
	private $key;
	
	public function __construct($key) {
		$this->key = $key;
	}

	public function encrypt($value) {
		$key       = openssl_digest($this->key, $this->digest, true);
		$iv_length = openssl_cipher_iv_length($this->cipher);
		$iv        = openssl_random_pseudo_bytes($iv_length);
		return base64_encode($iv . openssl_encrypt($value, $this->cipher, $key, OPENSSL_RAW_DATA, $iv));
	}
	
	public function decrypt($value) {
		$result    = NULL;
		$key       = openssl_digest($this->key, $this->digest, true);
		$iv_length = openssl_cipher_iv_length($this->cipher);
		$value     = base64_decode($value);
		$iv        = substr($value, 0, $iv_length);
		$value     = substr($value, $iv_length);
		if (strlen($iv) == $iv_length) {
			$result = openssl_decrypt($value, $this->cipher, $key, OPENSSL_RAW_DATA, $iv);
		}
		return $result;
	}
}

Image


User avatar
Active Member

Posts

Joined
Tue Jan 15, 2013 12:46 pm
Who is online

Users browsing this forum: No registered users and 5 guests