Admin
2 weeks ago
Builder
2 weeks ago
Helpers
2 weeks ago
Integrations
2 weeks ago
CFF_Autolink.php
2 weeks ago
CFF_Blocks.php
2 weeks ago
CFF_Cache.php
2 weeks ago
CFF_Education.php
2 weeks ago
CFF_Elementor_Base.php
2 weeks ago
CFF_Elementor_Widget.php
2 weeks ago
CFF_Error_Reporter.php
2 weeks ago
CFF_FB_Settings.php
2 weeks ago
CFF_Feed_Elementor_Control.php
2 weeks ago
CFF_Feed_Locator.php
2 weeks ago
CFF_Feed_Pro.php
2 weeks ago
CFF_GDPR_Integrations.php
2 weeks ago
CFF_Group_Posts.php
2 weeks ago
CFF_HTTP_Request.php
2 weeks ago
CFF_Oembed.php
2 weeks ago
CFF_Parse.php
2 weeks ago
CFF_Resizer.php
2 weeks ago
CFF_Response.php
2 weeks ago
CFF_Shortcode.php
2 weeks ago
CFF_Shortcode_Display.php
2 weeks ago
CFF_SiteHealth.php
2 weeks ago
CFF_Utils.php
2 weeks ago
CFF_View.php
2 weeks ago
Custom_Facebook_Feed.php
2 weeks ago
Email_Notification.php
2 weeks ago
Platform_Data.php
2 weeks ago
SB_Facebook_Data_Encryption.php
2 weeks ago
SB_Facebook_Data_Manager.php
2 weeks ago
index.php
2 weeks ago
SB_Facebook_Data_Encryption.php
199 lines
| 1 | <?php |
| 2 | |
| 3 | /** |
| 4 | * Class SB_Facebook_Data_Encryption |
| 5 | * |
| 6 | * @copyright 2021 Google LLC |
| 7 | * @license https://www.apache.org/licenses/LICENSE-2.0 Apache License 2.0 |
| 8 | * @link https://sitekit.withgoogle.com |
| 9 | */ |
| 10 | |
| 11 | namespace CustomFacebookFeed; |
| 12 | |
| 13 | // Exit if accessed directly |
| 14 | if (! defined('ABSPATH')) { |
| 15 | exit; |
| 16 | } |
| 17 | |
| 18 | |
| 19 | /** |
| 20 | * Class responsible for encrypting and decrypting data. |
| 21 | * |
| 22 | * @since 2.9.4/5.12.4 |
| 23 | * @access private |
| 24 | * @ignore |
| 25 | */ |
| 26 | class SB_Facebook_Data_Encryption |
| 27 | { |
| 28 | /** |
| 29 | * Key to use for encryption. |
| 30 | * |
| 31 | * @since 2.9.4/5.12.4 |
| 32 | * @var string |
| 33 | */ |
| 34 | private $key; |
| 35 | |
| 36 | /** |
| 37 | * Salt to use for encryption. |
| 38 | * |
| 39 | * @since 2.9.4/5.12.4 |
| 40 | * @var string |
| 41 | */ |
| 42 | private $salt; |
| 43 | |
| 44 | /** |
| 45 | * Constructor. |
| 46 | * |
| 47 | * @since 2.9.4/5.12.4 |
| 48 | */ |
| 49 | public function __construct($remote = array()) |
| 50 | { |
| 51 | if (! empty($remote)) { |
| 52 | $this->key = $remote['key']; |
| 53 | $this->salt = $remote['salt']; |
| 54 | } else { |
| 55 | $this->key = $this->get_default_key(); |
| 56 | $this->salt = $this->get_default_salt(); |
| 57 | } |
| 58 | } |
| 59 | |
| 60 | /** |
| 61 | * Encrypts a value. |
| 62 | * |
| 63 | * If a user-based key is set, that key is used. Otherwise the default key is used. |
| 64 | * |
| 65 | * @since 2.9.4/5.12.4 |
| 66 | * |
| 67 | * @param string $value Value to encrypt. |
| 68 | * @return string|bool Encrypted value, or false on failure. |
| 69 | */ |
| 70 | public function encrypt($value) |
| 71 | { |
| 72 | if (! cff_doing_openssl()) { |
| 73 | return $value; |
| 74 | } |
| 75 | |
| 76 | $method = 'aes-256-ctr'; |
| 77 | $ivlen = openssl_cipher_iv_length($method); |
| 78 | $iv = openssl_random_pseudo_bytes($ivlen); |
| 79 | |
| 80 | $raw_value = openssl_encrypt($value . $this->salt, $method, $this->key, 0, $iv); |
| 81 | if (! $raw_value) { |
| 82 | return false; |
| 83 | } |
| 84 | |
| 85 | return base64_encode($iv . $raw_value); |
| 86 | } |
| 87 | |
| 88 | /** |
| 89 | * Decrypts a value. |
| 90 | * |
| 91 | * If a user-based key is set, that key is used. Otherwise the default key is used. |
| 92 | * |
| 93 | * @since 2.9.4/5.12.4 |
| 94 | * |
| 95 | * @param string $raw_value Value to decrypt. |
| 96 | * @return string|bool Decrypted value, or false on failure. |
| 97 | */ |
| 98 | public function decrypt($raw_value) |
| 99 | { |
| 100 | if (! cff_doing_openssl()) { |
| 101 | return $raw_value; |
| 102 | } |
| 103 | |
| 104 | $raw_value = base64_decode($raw_value, true); |
| 105 | |
| 106 | $method = 'aes-256-ctr'; |
| 107 | $ivlen = openssl_cipher_iv_length($method); |
| 108 | $iv = substr($raw_value, 0, $ivlen); |
| 109 | |
| 110 | $raw_value = substr($raw_value, $ivlen); |
| 111 | |
| 112 | $value = openssl_decrypt($raw_value, $method, $this->key, 0, $iv); |
| 113 | if (! $value || substr($value, - strlen($this->salt)) !== $this->salt) { |
| 114 | return false; |
| 115 | } |
| 116 | |
| 117 | return substr($value, 0, - strlen($this->salt)); |
| 118 | } |
| 119 | |
| 120 | |
| 121 | public function maybe_encrypt($raw_value) |
| 122 | { |
| 123 | $maybe_decrypted = $this->decrypt($raw_value); |
| 124 | |
| 125 | if ($maybe_decrypted) { |
| 126 | return $this->encrypt($maybe_decrypted); |
| 127 | } |
| 128 | |
| 129 | return $this->encrypt($raw_value); |
| 130 | } |
| 131 | |
| 132 | /** |
| 133 | * Uses a raw value and attempts to decrypt it |
| 134 | * |
| 135 | * @param $value |
| 136 | * |
| 137 | * @return bool|string |
| 138 | */ |
| 139 | public function maybe_decrypt($value) |
| 140 | { |
| 141 | if (! is_string($value)) { |
| 142 | return $value; |
| 143 | } |
| 144 | if (strpos($value, '{') === 0) { |
| 145 | return $value; |
| 146 | } |
| 147 | |
| 148 | $decrypted = $this->decrypt($value); |
| 149 | |
| 150 | if (! $decrypted) { |
| 151 | return $value; |
| 152 | } |
| 153 | |
| 154 | return $decrypted; |
| 155 | } |
| 156 | |
| 157 | /** |
| 158 | * Gets the default encryption key to use. |
| 159 | * |
| 160 | * @since 2.9.4/5.12.4 |
| 161 | * |
| 162 | * @return string Default (not user-based) encryption key. |
| 163 | */ |
| 164 | private function get_default_key() |
| 165 | { |
| 166 | if (defined('CFF_ENCRYPTION_KEY') && '' !== CFF_ENCRYPTION_KEY) { |
| 167 | return CFF_ENCRYPTION_KEY; |
| 168 | } |
| 169 | |
| 170 | if (defined('LOGGED_IN_KEY') && '' !== LOGGED_IN_KEY) { |
| 171 | return LOGGED_IN_KEY; |
| 172 | } |
| 173 | |
| 174 | // If this is reached, you're either not on a live site or have a serious security issue. |
| 175 | return 'das-ist-kein-geheimer-schluessel'; |
| 176 | } |
| 177 | |
| 178 | /** |
| 179 | * Gets the default encryption salt to use. |
| 180 | * |
| 181 | * @since 2.9.4/5.12.4 |
| 182 | * |
| 183 | * @return string Encryption salt. |
| 184 | */ |
| 185 | private function get_default_salt() |
| 186 | { |
| 187 | if (defined('CFF_ENCRYPTION_SALT') && '' !== CFF_ENCRYPTION_SALT) { |
| 188 | return CFF_ENCRYPTION_SALT; |
| 189 | } |
| 190 | |
| 191 | if (defined('LOGGED_IN_SALT') && '' !== LOGGED_IN_SALT) { |
| 192 | return LOGGED_IN_SALT; |
| 193 | } |
| 194 | |
| 195 | // If this is reached, you're either not on a live site or have a serious security issue. |
| 196 | return 'das-ist-kein-geheimes-salz'; |
| 197 | } |
| 198 | } |
| 199 |