encode: cipher:".chunk_split(bin2hex($cipher_text),4,' ')."
iv:".chunk_split(bin2hex($iv),4,' ')."
iv_length:$iv_length
cipher_key ".chunk_split(bin2hex($cipher_key),4,' ')."
"; } $cipher_text = $iv . $cipher_text; // verschlüsselter Textes als base64 und dann noch mit urlencode, weil base64 zB + enthaelt $encrypted_data = urlencode(base64_encode($cipher_text)); return $encrypted_data; } function decode_string($key, $encrypted_data, $verification) { // Entschlüsseln des verschuesselten Textes // erst base64 entfernen - urldecode muss wenn noetig vorher angewendet werden $decoded_cipher_text = base64_decode($encrypted_data); // iv vom Anfang abtrennen $cipher_method = "AES-256-CBC"; $iv_length = openssl_cipher_iv_length($cipher_method); $iv = substr($decoded_cipher_text, 0, $iv_length); $cipher_text = substr($decoded_cipher_text, $iv_length); $cipher_options = OPENSSL_RAW_DATA; $cipher_key = openssl_digest($key, 'SHA256', true); if(isset($debug)){ echo "
decode: cipher:".chunk_split(bin2hex($cipher_text),4,' '). "
iv:".chunk_split(bin2hex($iv),4,' '). "
iv_length:$iv_length
cipher_key ". chunk_split(bin2hex($cipher_key),4,' '); } $decrypted_data = openssl_decrypt($cipher_text, $cipher_method, $cipher_key, $cipher_options, $iv); if(isset($debug)){echo "
decrypted_data " . $decrypted_data." end
";} $verification_length = strlen($verification); if(substr($decrypted_data, -$verification_length) == $verification) { list($email, $level, $verification_code) = explode('|', $decrypted_data); return array( 'email' => $email, 'level' => $level, 'success' => 1 ); } else { error_log("Verschlüsseltes Token enthielt den Verifikationscode nicht: $decrypted_data
\n"); return array( 'success' => 0 ); } } ?>