SodiumMarshaller.php
2.3 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
<?php
/*
* This file is part of the Symfony package.
*
* (c) Fabien Potencier <fabien@symfony.com>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Symfony\Component\Cache\Marshaller;
use Symfony\Component\Cache\Exception\CacheException;
use Symfony\Component\Cache\Exception\InvalidArgumentException;
/**
* Encrypt/decrypt values using Libsodium.
*
* @author Ahmed TAILOULOUTE <ahmed.tailouloute@gmail.com>
*/
class SodiumMarshaller implements MarshallerInterface
{
private $marshaller;
private $decryptionKeys;
/**
* @param string[] $decryptionKeys The key at index "0" is required and is used to decrypt and encrypt values;
* more rotating keys can be provided to decrypt values;
* each key must be generated using sodium_crypto_box_keypair()
*/
public function __construct(array $decryptionKeys, MarshallerInterface $marshaller = null)
{
if (!self::isSupported()) {
throw new CacheException('The "sodium" PHP extension is not loaded.');
}
if (!isset($decryptionKeys[0])) {
throw new InvalidArgumentException('At least one decryption key must be provided at index "0".');
}
$this->marshaller = $marshaller ?? new DefaultMarshaller();
$this->decryptionKeys = $decryptionKeys;
}
public static function isSupported(): bool
{
return \function_exists('sodium_crypto_box_seal');
}
/**
* {@inheritdoc}
*/
public function marshall(array $values, ?array &$failed): array
{
$encryptionKey = sodium_crypto_box_publickey($this->decryptionKeys[0]);
$encryptedValues = [];
foreach ($this->marshaller->marshall($values, $failed) as $k => $v) {
$encryptedValues[$k] = sodium_crypto_box_seal($v, $encryptionKey);
}
return $encryptedValues;
}
/**
* {@inheritdoc}
*/
public function unmarshall(string $value)
{
foreach ($this->decryptionKeys as $k) {
if (false !== $decryptedValue = @sodium_crypto_box_seal_open($value, $k)) {
$value = $decryptedValue;
break;
}
}
return $this->marshaller->unmarshall($value);
}
}